diff options
| author | Sean McGivern <sean@gitlab.com> | 2017-03-07 16:16:08 +0000 |
|---|---|---|
| committer | Sean McGivern <sean@gitlab.com> | 2017-03-07 16:16:08 +0000 |
| commit | de37dcee90ac44ba794ad504e91f18b8fb4b13a3 (patch) | |
| tree | 8be4fd7cbbe1f1a06dfdfa1da12616989e28d783 /lib/gitlab/auth.rb | |
| parent | 6a52cda31da4becc3e342530a2bdf0868d8921cc (diff) | |
| parent | b2ca28d24bfbb0a574fccdf1ea05d549ccd6bf66 (diff) | |
| download | gitlab-ce-de37dcee90ac44ba794ad504e91f18b8fb4b13a3.tar.gz | |
Merge branch 'siemens/gitlab-ce-feature/openid-connect'
Diffstat (limited to 'lib/gitlab/auth.rb')
| -rw-r--r-- | lib/gitlab/auth.rb | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 6d69efb0bf6..eee5601b0ed 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -2,9 +2,17 @@ module Gitlab module Auth MissingPersonalTokenError = Class.new(StandardError) - SCOPES = [:api, :read_user].freeze + # Scopes used for GitLab API access + API_SCOPES = [:api, :read_user].freeze + + # Scopes used for OpenID Connect + OPENID_SCOPES = [:openid].freeze + + # Default scopes for OAuth applications that don't define their own DEFAULT_SCOPES = [:api].freeze - OPTIONAL_SCOPES = SCOPES - DEFAULT_SCOPES + + # Other available scopes + OPTIONAL_SCOPES = (API_SCOPES + OPENID_SCOPES - DEFAULT_SCOPES).freeze class << self def find_for_git_client(login, password, project:, ip:) @@ -40,7 +48,7 @@ module Gitlab Gitlab::LDAP::Authentication.login(login, password) else - user if user.valid_password?(password) + user if user.active? && user.valid_password?(password) end end end |