root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
64,907 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

55 Commits

Author SHA1 Message Date
Francisco Javier López c7cf68bd6f Changing OAuth lookup to be case insensitive 2017-11-17 14:24:25 +00:00
Douwe Maan a10925e1c3 Reallow project paths ending in periods 2017-11-06 14:46:53 +01:00
Tiago Botelho 4e2ddad2bb Only add identities to a user if we find one in Gitlab::OAuth::User. 2017-10-05 11:53:54 +01:00
Douwe Maan b40192a946 Merge branch '33493-attempt-to-link-saml-users-to-ldap-by-email' into 'master' 
Attempt to link saml users to ldap by email

Closes #33493

See merge request gitlab-org/gitlab-ce!14216
 2017-10-02 15:24:48 +00:00
Tiago Botelho 011c168bff Refactors SAML identity creation in gl_user. 2017-10-02 11:35:09 +01:00
James Lopez 67d06dee30 refactor users update service 2017-09-28 08:46:39 +02:00
James Lopez 9621dd0c9d refactor services to match EE signature 2017-09-28 08:46:39 +02:00
Tiago Botelho 718e5b0865 Attempt to link saml users to ldap by email 2017-09-25 09:44:31 +01:00
Rémy Coutable cc66c3fda2
Don't force the encoding of the OAuth provider in Gitlab::OAuth::AuthHash#provider 
Some providers freeze their name (e.g.
414c43ef3f/lib/omniauth/strategies/google_oauth2.rb (L1)),
so trying to modify the string would fail with a `can't modify frozen
String` exception (see
https://gitlab.com/gitlab-org/gitlab-ce/issues/37845#note_40308148).

In this case, we can just stop trying to force the encoding of the
provider name as they should always be in utf8 by default.

Signed-off-by: Rémy Coutable <remy@rymai.me>
 2017-09-14 10:29:35 +02:00
Alexander Keramidas 4df54f2607 Profile updates from providers 2017-09-06 16:38:52 +03:00
Robert Speicher d0622b79d8 Better categorize test coverage results 
Also marks a few things as uncovered, and removes an unused class.
 2017-08-11 10:59:11 -04:00
Robin Bobbitt 71951fc38c Uniquify reserved word usernames on OAuth user creation 2017-08-02 09:40:49 -04:00
Nick Thomas 7f350ba16d Extract the finder portion of ldap_person so it can be overridden in EE 2017-07-12 09:41:41 +01:00
James Lopez b804db2648 refactor update user service not to do auth checks 2017-06-23 11:41:43 +02:00
James Lopez 59c3968c40 use update service on ldap call and updated specs and service 2017-06-23 11:41:41 +02:00
Robin Bobbitt 469acd190e Sync email address from specified omniauth provider 2017-06-07 11:13:57 -04:00
Douwe Maan 04bb8fe994 Return nil when looking up config for unknown LDAP provider 2017-05-30 16:41:07 -05:00
Douwe Maan d7e2ac7293 Fix OAuth, LDAP and SAML SSO when regular sign-ups are disabled 2017-04-24 19:27:39 -07:00
geoandri defbff482d Implement Users::BuildService 2017-04-13 13:02:59 +03:00
George Andrinopoulos 7c74a0209b Implement new service for creating user 2017-03-27 09:37:24 +00:00
Sean McGivern 811e598f60 Enable and autocorrect the CustomErrorClass cop 2017-03-01 15:28:10 +00:00
Douwe Maan 6f5cd03fcb Fix OAuth/SAML user blocking behavior 2017-02-23 09:33:20 -06:00
Douwe Maan ba0d27fe94 Update rubocop and rubocop-rspec and regenerate .rubocop_todo.yml 2017-02-23 09:32:42 -06:00
Drew Blessing 374033fe26 Improve the `Gitlab::OAuth::User` error message 
The error saving the user is logged to application.log. Previously,
the entry had no context and was unusable - 'Error saving user:
[Email address already taken]'. Adding the auth hash UID and email
makes the error more helpful.
 2016-11-30 11:23:04 -06:00
Drew Blessing 3cff3a2e5b Omniauth auto link LDAP user falls back to find by DN when user cannot be found by uid 2016-11-10 15:47:40 -06:00
Tomasz Maczukin f1a85747ca
Merge branch 'master' into dev-master 
* master: (98 commits)
  Enable Style/EmptyLines cop, remove redundant ones
  Update CHANGELOG
  Cache results from jQuery selectors to retrieve namespace name
  Fix import button when import fail due the namespace already been taken
  Fix snippets comments not displayed
  Fix emoji paths in relative root configurations
  Exclude requesters from Project#members, Group#members and User#members
  Upgrade Thin from 1.6.1 to 1.7.0.
  Many squashed commits
  Cache autocomplete results
  Upgrade Sidekiq from 4.1.2 to 4.1.4.
  Upgrade seed-fu from 2.3.5 to 2.3.6
  use has_many relationship with events
  Support creating a todo on issuables via API
  Expose target, filter by state as string
  Add todos API documentation and changelog
  Improve the request / withdraw access button
  Metrics for Rouge::Plugins::Redcarpet and Rouge::Formatters::HTMLGitlab
  Groundwork for Kerberos SPNEGO (EE feature)
  Update CHANGELOG 8.9.5 for runners related fixes
  ...
 2016-07-02 22:58:21 +02:00
Patricio Cano 10444f61f8 Fixed privilege escalation issue where manually set external users would be reverted back to internal users if they logged in via OAuth and that provider was not in the `external_providers` list. 2016-06-29 10:37:54 -05:00
Grzegorz Bizon 28bafd5354 Enable Style/SpaceAfterComma Rubocop cop 2016-06-29 15:23:44 +02:00
Drew Blessing 938f2b9979 Fix subsequent SAML sign ins 2016-06-22 16:10:55 -05:00
Patricio Cano 9282810fb7 Syntax fixes and better logging around the `ldap_person` method. 2016-06-08 18:09:43 -05:00
Patricio Cano c593154cb4 Moved `find_or_create_ldap_user` method to parent class and added logging. 2016-06-07 11:21:20 -05:00
Patricio Cano 7038440e34 Adjust the SAML control flow to allow LDAP identities to be added to an existing SAML user. 2016-06-06 18:47:49 -05:00
Patricio Cano 61fc9aa87e Better control flow. 2016-04-11 18:01:51 -05:00
Patricio Cano 12e6084667 Allow `external_providers` for Omniauth to be defined to mark these users as external 2016-04-11 10:16:15 -05:00
Patricio Cano bb4fa3a185 Make new `allow_single_sign_on` feature backwards compatible 2016-02-18 17:02:43 -05:00
Patricio Cano 06376be56a Decouple SAML authentication from the default Omniauth logic 2016-02-18 17:01:07 -05:00
Douwe Maan 873b0db220 Revert "Merge branch 'saml-decoupling' into 'master' " 
This reverts commit c04e22fba8, reversing
changes made to 0feab326d5.
 2016-02-18 22:14:53 +01:00
Patricio Cano f014127e17 Decouple SAML authentication from the default Omniauth logic 2016-02-18 13:22:19 -05:00
Douwe Maan 98e1a5b634 Allow LDAP users to change their email if it was not set by the LDAP server 2016-01-19 16:25:38 +01:00
Steffen Köhler 2444c04055 Fix signup for some OAuth providers 
some OAuth providers (kerberos for example) only provide a username and an email, but no name. Therefore
a signup fails because the name is empty. Best guess for the name is
probably the username, therefore use it as name.
 2016-01-15 14:55:52 +01:00
Patricio Cano 1d3889eb46 Fix identity and user retrieval when special characters are used 2015-12-22 13:23:35 -05:00
tduehr 8e3f1fa629 add CAS authentication support 2015-12-14 21:43:41 -06:00
Corey Hinshaw d8b3c3274c AuthHash should not parameterize email user 2015-12-10 18:49:48 -05:00
Douwe Maan 98dcad2762 Use proper labels for OAuth providers 2015-11-03 17:59:07 +01:00
Douwe Maan 909a8443c6 Shuffle config around a bit 2015-09-09 11:40:31 +01:00
Douwe Maan c915e2c823 Allow configuration of LDAP attributes GitLab will use for the new user account. 2015-09-08 16:18:14 +01:00
Douwe Maan c16b1651f5 Fix infinite loop when SAML was incorrectly configured. 2015-08-17 16:39:22 -07:00
Douwe Maan 70a3c165a9 Allow custom label to be set for authentication providers. 2015-07-23 15:20:12 +02:00
Dmitriy Zaporozhets b21390936a
Make provider a select for identities form in admin area 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2015-06-22 16:53:11 +02:00
Alex Lossent d96d9aae42 Fix behavior of ldap_person method in Gitlab::OAuth::User 
Code tweaks in 45e9150a caused the ldap_person method to not return expected results.
Improved tests to cover the ldap_person method, which was previously stubbed.
 2015-06-17 18:06:27 +02:00