diff options
author | Bob Van Landuyt <bob@vanlanduyt.co> | 2017-07-26 11:57:05 +0200 |
---|---|---|
committer | Bob Van Landuyt <bob@vanlanduyt.co> | 2017-08-24 17:33:53 +0200 |
commit | f8865e9c1303be7302306bea9dd1057bf3b3f608 (patch) | |
tree | 6dadf2a46c163a43c2acc2e3521657e65386dedf | |
parent | 88892e43adecd68de7940fdc9856a4557098cb6c (diff) | |
download | gitlab-ce-f8865e9c1303be7302306bea9dd1057bf3b3f608.tar.gz |
Define ldap methods at runtime
This avoids loading the `OmniAuthCallbacksController` at boot time so
it doesn't mess up the `before_action`-chain
-rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 8 | ||||
-rw-r--r-- | app/controllers/sessions_controller.rb | 8 | ||||
-rw-r--r-- | config/initializers/omniauth.rb | 6 |
3 files changed, 8 insertions, 14 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 7444826a5d1..9612b8d8514 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -10,6 +10,14 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController end end + if Gitlab::LDAP::Config.enabled? + Gitlab::LDAP::Config.available_servers.each do |server| + define_method server['provider_name'] do + ldap + end + end + end + # Extend the standard message generation to accept our custom exception def failure_message exception = env["omniauth.error"] diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 9e743685d60..be6491d042c 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -5,14 +5,6 @@ class SessionsController < Devise::SessionsController skip_before_action :check_two_factor_requirement, only: [:destroy] - # Explicitly call protect from forgery before anything else. Otherwise the - # CSFR-token might be cleared before authentication is done. This was the case - # when LDAP was enabled and the `OmniauthCallbacksController` is loaded - # - # *Note:* `prepend: true` is the default for rails4, but this will be changed - # to `prepend: false` in rails5. - protect_from_forgery prepend: true, with: :exception - prepend_before_action :check_initial_setup, only: [:new] prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create] diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index 56c279ffcf4..fddb018e948 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -6,12 +6,6 @@ if Gitlab::LDAP::Config.enabled? const_set(server['provider_class'], Class.new(LDAP)) end end - - OmniauthCallbacksController.class_eval do - Gitlab::LDAP::Config.available_servers.each do |server| - alias_method server['provider_name'], :ldap - end - end end OmniAuth.config.full_host = Settings.gitlab['base_url'] |