summaryrefslogtreecommitdiff
path: root/app/controllers/omniauth_callbacks_controller.rb
diff options
context:
space:
mode:
authorJames Lopez <james@gitlab.com>2017-08-07 20:10:24 +0000
committerSean McGivern <sean@mcgivern.me.uk>2017-08-07 20:10:24 +0000
commitaa25db89c2c63b614c8c8de944809792f9047837 (patch)
tree283ef545abbacc5fb626285f60e168923fd4fd46 /app/controllers/omniauth_callbacks_controller.rb
parentf9c6ff7508198e5664ca515b8ec8c1cffa3e8802 (diff)
downloadgitlab-ce-aa25db89c2c63b614c8c8de944809792f9047837.tar.gz
[EE Backport] Update log audit event in omniauth_callbacks_controller.rb
Diffstat (limited to 'app/controllers/omniauth_callbacks_controller.rb')
-rw-r--r--app/controllers/omniauth_callbacks_controller.rb21
1 files changed, 15 insertions, 6 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index 323d5d26eb6..b4213574561 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -34,12 +34,11 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
if @user.two_factor_enabled?
prompt_for_two_factor(@user)
else
- log_audit_event(@user, with: :ldap)
+ log_audit_event(@user, with: oauth['provider'])
sign_in_and_redirect(@user)
end
else
- flash[:alert] = "Access denied for your LDAP account."
- redirect_to new_user_session_path
+ fail_ldap_login
end
end
@@ -123,9 +122,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
sign_in_and_redirect(@user)
end
else
- error_message = @user.errors.full_messages.to_sentence
-
- return redirect_to omniauth_error_path(oauth['provider'], error: error_message)
+ fail_login
end
end
@@ -145,6 +142,18 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
def oauth
@oauth ||= request.env['omniauth.auth']
end
+
+ def fail_login
+ error_message = @user.errors.full_messages.to_sentence
+
+ return redirect_to omniauth_error_path(oauth['provider'], error: error_message)
+ end
+
+ def fail_ldap_login
+ flash[:alert] = 'Access denied for your LDAP account.'
+
+ redirect_to new_user_session_path
+ end
def log_audit_event(user, options = {})
AuditEventService.new(user, user, options)