suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

do not use client credentials for /auth/github

Browse Source
This commit is contained in:
Konstantin Haase 2013-04-24 16:47:52 +02:00
parent 8b72b0a1b4
commit 6b2a1a0da8
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/travis/api/app/endpoint/authorization.rb
View File

@ -218,7 +218,7 @@ class Travis::Api::App
end end
def user_for_github_token(token, drop_token = false) def user_for_github_token(token, drop_token = false)
data = GH.with(token: token.to_s) { GH['user'] } data = GH.with(token: token.to_s, client_id: nil) { GH['user'] }
scopes = parse_scopes data.headers['x-oauth-scopes'] scopes = parse_scopes data.headers['x-oauth-scopes']
halt 403, 'insufficient access: %p' unless acceptable? scopes halt 403, 'insufficient access: %p' unless acceptable? scopes