diff options
author | Robert Speicher <robert@gitlab.com> | 2018-01-09 16:47:31 +0000 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2018-01-16 17:05:01 -0800 |
commit | 4493ec08806813fec9ccc3a27a5a6f59af9780fd (patch) | |
tree | d18dfbbe281dd9a5604d291d4b46cc7be951de28 /lib/gitlab/o_auth | |
parent | 54636e1d4293a8465a772020a54b6193d7df9878 (diff) | |
download | gitlab-ce-4493ec08806813fec9ccc3a27a5a6f59af9780fd.tar.gz |
Merge branch 'jej/fix-disabled-oauth-access-10-3' into 'security-10-3'
[10.3] Prevent login with disabled OAuth providers
See merge request gitlab/gitlabhq!2296
(cherry picked from commit 4936650427ffc88e6ee927aedbb2c724d24b094c)
a0f9d222 Prevents login with disabled OAuth providers
Diffstat (limited to 'lib/gitlab/o_auth')
-rw-r--r-- | lib/gitlab/o_auth/user.rb | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/lib/gitlab/o_auth/user.rb b/lib/gitlab/o_auth/user.rb index d33f33d192f..fff9360ea27 100644 --- a/lib/gitlab/o_auth/user.rb +++ b/lib/gitlab/o_auth/user.rb @@ -5,8 +5,6 @@ # module Gitlab module OAuth - SignupDisabledError = Class.new(StandardError) - class User attr_accessor :auth_hash, :gl_user @@ -29,7 +27,8 @@ module Gitlab end def save(provider = 'OAuth') - unauthorized_to_create unless gl_user + raise SigninDisabledForProviderError if oauth_provider_disabled? + raise SignupDisabledError unless gl_user block_after_save = needs_blocking? @@ -226,8 +225,10 @@ module Gitlab Gitlab::AppLogger end - def unauthorized_to_create - raise SignupDisabledError + def oauth_provider_disabled? + Gitlab::CurrentSettings.current_application_settings + .disabled_oauth_sign_in_sources + .include?(auth_hash.provider) end end end |