projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
16306: Merge branch 'master'
[arvados.git] / services / api / app / models / api_client.rb
diff --git a/services/api/app/models/api_client.rb b/services/api/app/models/api_client.rb
index c6c48a5b6b13c803d8d54d660a2d8fbd2a265740..015b61dc494c1c7b3cff629407cb0ebdc0ff656c 100644 (file)
--- a/services/api/app/models/api_client.rb
+++ b/services/api/app/models/api_client.rb
@@ -21,13 +21,28 @@ class ApiClient < ArvadosModel
   protected
 
   def from_trusted_url
-    norm(self.url_prefix) == norm(Rails.configuration.Services.Workbench1.ExternalURL) ||
-      norm(self.url_prefix) == norm(Rails.configuration.Services.Workbench2.ExternalURL)
+    norm_url_prefix = norm(self.url_prefix)
+
+    [Rails.configuration.Services.Workbench1.ExternalURL,
+     Rails.configuration.Services.Workbench2.ExternalURL,
+     "https://controller.api.client.invalid"].each do |url|
+      if norm_url_prefix == norm(url)
+        return true
+      end
+    end
+
+    Rails.configuration.Login.TrustedClients.keys.each do |url|
+      if norm_url_prefix == norm(url)
+        return true
+      end
+    end
+
+    false
   end
 
   def norm url
     # normalize URL for comparison
-    url = URI(url)
+    url = URI(url.to_s)
     if url.scheme == "https"
       url.port == "443"
     end