Merge pull request #19017 from opf/global-warden

NobodysNightmare · web-flow · commit 6fc2fcf43442 · 2025-05-27T17:04:02.000+02:00
Make warden available across entire application
diff --git a/config/initializers/warden.rb b/config/initializers/warden.rb
@@ -1,27 +1,31 @@
-Rails.application.config.after_initialize do
-  namespace = OpenProject::Authentication::Strategies::Warden
+# frozen_string_literal: true
 
-  strategies = [
-    [:basic_auth_failure, namespace::BasicAuthFailure,  "Basic"],
-    [:global_basic_auth,  namespace::GlobalBasicAuth,   "Basic"],
-    [:user_basic_auth,    namespace::UserBasicAuth,     "Basic"],
-    [:oauth,              namespace::DoorkeeperOAuth,   "Bearer"],
-    [:anonymous_fallback, namespace::AnonymousFallback, "Basic"],
-    [:jwt_oidc,           namespace::JwtOidc,           "Bearer"],
-    [:session,            namespace::Session,           "Session"]
-  ]
+namespace = OpenProject::Authentication::Strategies::Warden
 
-  strategies.each do |name, clazz, auth_scheme|
-    OpenProject::Authentication.add_strategy(name, clazz, auth_scheme)
-  end
+strategies = [
+  [:basic_auth_failure, namespace::BasicAuthFailure,  "Basic"],
+  [:global_basic_auth,  namespace::GlobalBasicAuth,   "Basic"],
+  [:user_basic_auth,    namespace::UserBasicAuth,     "Basic"],
+  [:oauth,              namespace::DoorkeeperOAuth,   "Bearer"],
+  [:anonymous_fallback, namespace::AnonymousFallback, "Basic"],
+  [:jwt_oidc,           namespace::JwtOidc,           "Bearer"],
+  [:session,            namespace::Session,           "Session"]
+]
 
-  OpenProject::Authentication.update_strategies(OpenProject::Authentication::Scope::API_V3, { store: false }) do |_|
-    %i[global_basic_auth
-       user_basic_auth
-       basic_auth_failure
-       oauth
-       jwt_oidc
-       session
-       anonymous_fallback]
-  end
+strategies.each do |name, clazz, auth_scheme|
+  OpenProject::Authentication.add_strategy(name, clazz, auth_scheme)
+end
+
+OpenProject::Authentication.update_strategies(OpenProject::Authentication::Scope::API_V3, { store: false }) do |_|
+  %i[global_basic_auth
+     user_basic_auth
+     basic_auth_failure
+     oauth
+     jwt_oidc
+     session
+     anonymous_fallback]
+end
+
+Rails.application.configure do |app|
+  app.config.middleware.use OpenProject::Authentication::Manager, intercept_401: false # rubocop:disable Naming/VariableNumber
 end
diff --git a/lib/api/root_api.rb b/lib/api/root_api.rb
@@ -44,8 +44,6 @@ class RootAPI < Grape::API
 
     content_type :json, "application/json; charset=utf-8"
 
-    use OpenProject::Authentication::Manager
-
     helpers API::Caching::Helpers
     module Helpers
       include ::API::Helpers::RaiseQueryErrors
diff --git a/lib_static/open_project/static_routing.rb b/lib_static/open_project/static_routing.rb
diff --git a/modules/bim/lib/open_project/bim/engine.rb b/modules/bim/lib/open_project/bim/engine.rb
@@ -215,7 +215,9 @@ class Engine < ::Rails::Engine
 
     config.to_prepare do
       Doorkeeper.configuration.scopes.add(:bcf_v2_1)
+    end
 
+    config.before_initialize do
       unless defined? OpenProject::Authentication::Scope::BCF_V2_1
         OpenProject::Authentication::Scope::BCF_V2_1 = :bcf_v2_1
       end
