diff options
author | Patricio Cano <suprnova32@gmail.com> | 2016-02-19 10:41:54 -0500 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2016-02-19 16:45:18 +0100 |
commit | c1921fb510d22e29ef30d084eca6cb079006a64e (patch) | |
tree | 542d910b6eafa5740c0855ce90e7b876edc602bd /app | |
parent | 778da50251e24690f160a42f0b65c11c1afa3deb (diff) | |
download | gitlab-ce-c1921fb510d22e29ef30d084eca6cb079006a64e.tar.gz |
Merge branch 'saml-decoupling' into 'master'
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 54 |
1 files changed, 36 insertions, 18 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 9cf76521a0d..21135f7d607 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -42,6 +42,26 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController end end + def saml + if current_user + log_audit_event(current_user, with: :saml) + # Update SAML identity if data has changed. + identity = current_user.identities.find_by(extern_uid: oauth['uid'], provider: :saml) + if identity.nil? + current_user.identities.create(extern_uid: oauth['uid'], provider: :saml) + redirect_to profile_account_path, notice: 'Authentication method updated' + else + redirect_to after_sign_in_path_for(current_user) + end + else + saml_user = Gitlab::Saml::User.new(oauth) + saml_user.save + @user = saml_user.gl_user + + continue_login_process + end + end + def omniauth_error @provider = params[:provider] @error = params[:error] @@ -65,25 +85,11 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController log_audit_event(current_user, with: oauth['provider']) redirect_to profile_account_path, notice: 'Authentication method updated' else - @user = Gitlab::OAuth::User.new(oauth) - @user.save + oauth_user = Gitlab::OAuth::User.new(oauth) + oauth_user.save + @user = oauth_user.gl_user - # Only allow properly saved users to login. - if @user.persisted? && @user.valid? - log_audit_event(@user.gl_user, with: oauth['provider']) - sign_in_and_redirect(@user.gl_user) - else - error_message = - if @user.gl_user.errors.any? - @user.gl_user.errors.map do |attribute, message| - "#{attribute} #{message}" - end.join(", ") - else - '' - end - - redirect_to omniauth_error_path(oauth['provider'], error: error_message) and return - end + continue_login_process end rescue Gitlab::OAuth::SignupDisabledError label = Gitlab::OAuth::Provider.label_for(oauth['provider']) @@ -104,6 +110,18 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController session[:service_tickets][provider] = ticket end + def continue_login_process + # Only allow properly saved users to login. + if @user.persisted? && @user.valid? + log_audit_event(@user, with: oauth['provider']) + sign_in_and_redirect(@user) + else + error_message = @user.errors.full_messages.to_sentence + + redirect_to omniauth_error_path(oauth['provider'], error: error_message) and return + end + end + def oauth @oauth ||= request.env['omniauth.auth'] end |