Authenticate via oauth an auth_token

lib/gitlab/api.rb

@@ -11,7 +11,7 @@ def initialize(options={})
       Configuration::VALID_OPTIONS_KEYS.each do |key|
         send("#{key}=", options[key])
       end
-      set_request_defaults @endpoint, @private_token, @sudo
+      set_request_defaults @endpoint, @private_token, @auth_token, @sudo
     end
   end
 end

lib/gitlab/cli.rb

@@ -18,8 +18,10 @@ def self.run(cmd, args=[])
     when 'info'
       endpoint = Gitlab.endpoint ? Gitlab.endpoint : 'not set'
       private_token = Gitlab.private_token ? Gitlab.private_token : 'not set'
+      auth_token = Gitlab.auth_token ? Gitlab.auth_token : 'not set'
       puts "Gitlab endpoint is #{endpoint}"
       puts "Gitlab private token is #{private_token}"
+      puts "Gitlab auth token is #{auth_token}"
       puts "Ruby Version is #{RUBY_VERSION}"
       puts "Gitlab Ruby Gem #{Gitlab::VERSION}"
     when '-v', '--version'

lib/gitlab/configuration.rb

@@ -2,7 +2,7 @@ module Gitlab
   # Defines constants and methods related to configuration.
   module Configuration
     # An array of valid keys in the options hash when configuring a Gitlab::API.
-    VALID_OPTIONS_KEYS = [:endpoint, :private_token, :user_agent, :sudo, :httparty].freeze
+    VALID_OPTIONS_KEYS = [:endpoint, :private_token, :auth_token, :user_agent, :sudo, :httparty].freeze
 
     # The user agent that will be sent to the API endpoint if none is set.
     DEFAULT_USER_AGENT = "Gitlab Ruby Gem #{Gitlab::VERSION}".freeze
@@ -32,6 +32,7 @@ def options
     def reset
       self.endpoint       = ENV['GITLAB_API_ENDPOINT']
       self.private_token  = ENV['GITLAB_API_PRIVATE_TOKEN']
+      self.auth_token     = ENV['GITLAB_API_AUTH_TOKEN']
       self.sudo           = nil
       self.user_agent     = DEFAULT_USER_AGENT
     end

lib/gitlab/request.rb

@@ -9,7 +9,7 @@ class Request
     headers 'Accept' => 'application/json'
     parser Proc.new { |body, _| parse(body) }
 
-    attr_accessor :private_token, :endpoint
+    attr_accessor :private_token, :auth_token, :endpoint
 
     # Converts the response body to an ObjectifiedHash.
     def self.parse(body)
@@ -35,25 +35,25 @@ def self.decode(response)
 
     def get(path, options={})
       set_httparty_config(options)
-      set_private_token_header(options)
+      set_authorization_header(options)
       validate self.class.get(@endpoint + path, options)
     end
 
     def post(path, options={})
       set_httparty_config(options)
-      set_private_token_header(options, path)
+      set_authorization_header(options, path)
       validate self.class.post(@endpoint + path, options)
     end
 
     def put(path, options={})
       set_httparty_config(options)
-      set_private_token_header(options)
+      set_authorization_header(options)
       validate self.class.put(@endpoint + path, options)
     end
 
     def delete(path, options={})
       set_httparty_config(options)
-      set_private_token_header(options)
+      set_authorization_header(options)
       validate self.class.delete(@endpoint + path, options)
     end
 
@@ -77,9 +77,10 @@ def validate(response)
 
     # Sets a base_uri and default_params for requests.
     # @raise [Error::MissingCredentials] if endpoint not set.
-    def set_request_defaults(endpoint, private_token, sudo=nil)
+    def set_request_defaults(endpoint, private_token, auth_token, sudo=nil)
       raise Error::MissingCredentials.new("Please set an endpoint to API") unless endpoint
       @private_token = private_token
+      @auth_token = auth_token
       @endpoint = endpoint
 
       self.class.default_params :sudo => sudo
@@ -88,12 +89,16 @@ def set_request_defaults(endpoint, private_token, sudo=nil)
 
     private
 
-    # Sets a PRIVATE-TOKEN header for requests.
-    # @raise [Error::MissingCredentials] if private_token not set.
-    def set_private_token_header(options, path=nil)
+    # Sets a PRIVATE-TOKEN or Authorization header for requests.
+    # @raise [Error::MissingCredentials] if private_token and auth_token are set.
+    def set_authorization_header(options, path=nil)
       unless path == '/session'
-        raise Error::MissingCredentials.new("Please set a private_token for user") unless @private_token
-        options[:headers] = {'PRIVATE-TOKEN' => @private_token}
+        raise Error::MissingCredentials.new("Please set a private_token or auth_token for user") unless @private_token || @auth_token
+        if @private_token
+          options[:headers] = {'PRIVATE-TOKEN' => @private_token}
+        else
+          options[:headers] = {'Authorization' => "Bearer #{@auth_token}"}
+        end
       end
     end
 

spec/gitlab/request_spec.rb

@@ -34,24 +34,42 @@
     context "when endpoint is not set" do
       it "should raise Error::MissingCredentials" do
         expect {
-          @request.set_request_defaults(nil, 1234000)
+          @request.set_request_defaults(nil, 1234000, 1234000)
         }.to raise_error(Gitlab::Error::MissingCredentials, 'Please set an endpoint to API')
       end
     end
 
     context "when endpoint is set" do
       it "should set instance variable 'endpoint'" do
-        @request.set_request_defaults('http://rabbit-hole.example.org', 1234000)
+        @request.set_request_defaults('http://rabbit-hole.example.org', 1234000, 1234000)
         expect(@request.instance_variable_get(:@endpoint)).to eq("http://rabbit-hole.example.org")
       end
 
       it "should set default_params" do
-        Gitlab::Request.new.set_request_defaults('http://rabbit-hole.example.org', 1234000, 'sudoer')
+        Gitlab::Request.new.set_request_defaults('http://rabbit-hole.example.org', 1234000, 1234000, 'sudoer')
         expect(Gitlab::Request.default_params).to eq({:sudo => 'sudoer'})
       end
     end
   end
 
+  describe "#set_authorization_header" do
+    it "should raise MissingCredentials when auth_token and private_token are not set" do
+      expect {
+        @request.send(:set_authorization_header, {})
+      }.to raise_error(Gitlab::Error::MissingCredentials)
+    end
+
+    it "should set the correct header when given a private_token" do
+      @request.private_token = 1234000
+      expect(@request.send(:set_authorization_header, {})).to eq({"PRIVATE-TOKEN"=>1234000})
+    end
+
+    it "should set the correct header when given a auth_token" do
+      @request.auth_token = 1234000
+      expect(@request.send(:set_authorization_header, {})).to eq({"Authorization"=>"Bearer 1234000"})
+    end
+  end
+
   describe "#handle_error" do
     context "when passed an ObjectifiedHash" do
       it "should return a joined string of error messages sorted by key" do

spec/gitlab_spec.rb

@@ -41,6 +41,13 @@
     end
   end
 
+  describe ".auth_token=" do
+    it "should set auth_token" do
+      Gitlab.auth_token = 'secret'
+      expect(Gitlab.auth_token).to eq('secret')
+    end
+  end
+
   describe ".sudo=" do
     it "should set sudo" do
       Gitlab.sudo = 'user'