diff options
author | Steve Prentice <prentice@cisco.com> | 2012-02-17 09:10:50 -0800 |
---|---|---|
committer | Steve Prentice <prentice@cisco.com> | 2012-02-17 09:10:50 -0800 |
commit | 2bb2dee057327c81978ed0aa99904bd7ff5e6105 (patch) | |
tree | c7c648d4d0c0da36c6dce4a125a80e8ae02dd479 | |
parent | 9a24ccdea1dd4dc82ac7f24c1fa1706a20949898 (diff) | |
download | gitlab-ce-2bb2dee057327c81978ed0aa99904bd7ff5e6105.tar.gz |
Use the omniauth-ldap info object instead of the raw ldap info in extra.
This helps with compatibility with more LDAP providers as the implementation
doesn't depend on the exact names of the LDAP fields. The LDAP strategy
helps maps the attributes to the fields in the info object and we use the
info object to get the email and name.
This makes the LDAP auth compatible with most OpenLDAP servers as well.
-rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 4 | ||||
-rw-r--r-- | app/models/user.rb | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index b79abf2c693..629b6819fb1 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -2,8 +2,8 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController def ldap # We only find ourselves here if the authentication to LDAP was successful. - omniauth = request.env["omniauth.auth"]["extra"]["raw_info"] - @user = User.find_for_ldap_auth(omniauth) + info = request.env["omniauth.auth"]["info"] + @user = User.find_for_ldap_auth(info) if @user.persisted? @user.remember_me = true end diff --git a/app/models/user.rb b/app/models/user.rb index fbac05108e6..9c0b1b4eb0e 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -67,15 +67,15 @@ class User < ActiveRecord::Base (0...8).map{ ('a'..'z').to_a[rand(26)] }.join end - def self.find_for_ldap_auth(omniauth) - username = omniauth.sAMAccountName[0] - email = omniauth.userprincipalname[0] + def self.find_for_ldap_auth(omniauth_info) + name = omniauth_info.name + email = omniauth_info.email if @user = User.find_by_email(email) @user else password = generate_random_password - @user = User.create(:name => username, + @user = User.create(:name => name, :email => email, :password => password, :password_confirmation => password |