diff options
author | Patricio Cano <suprnova32@gmail.com> | 2016-02-17 13:13:15 -0500 |
---|---|---|
committer | Patricio Cano <suprnova32@gmail.com> | 2016-02-18 13:22:19 -0500 |
commit | f014127e173b718b81879634c1dac9191184995c (patch) | |
tree | c391d1539973e95cf37af32686dd7fe6573bad24 /lib/gitlab/saml | |
parent | 7f7eef2aef31f9cd4297d25d4416515182aa9482 (diff) | |
download | gitlab-ce-f014127e173b718b81879634c1dac9191184995c.tar.gz |
Decouple SAML authentication from the default Omniauth logic
Diffstat (limited to 'lib/gitlab/saml')
-rw-r--r-- | lib/gitlab/saml/user.rb | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/lib/gitlab/saml/user.rb b/lib/gitlab/saml/user.rb new file mode 100644 index 00000000000..b1e30110ef5 --- /dev/null +++ b/lib/gitlab/saml/user.rb @@ -0,0 +1,47 @@ +# SAML extension for User model +# +# * Find GitLab user based on SAML uid and provider +# * Create new user from SAML data +# +module Gitlab + module Saml + class User < Gitlab::OAuth::User + + def save + super('SAML') + end + + def gl_user + @user ||= find_by_uid_and_provider + + if auto_link_ldap_user? + @user ||= find_or_create_ldap_user + end + + if auto_link_saml_enabled? + @user ||= find_by_email + end + + if signup_enabled? + @user ||= build_new_user + end + + @user + end + + def find_by_email + if auth_hash.has_email? + user = ::User.find_by(email: auth_hash.email.downcase) + user.identities.new(extern_uid: auth_hash.uid, provider: auth_hash.provider) if user + user + end + end + + protected + + def auto_link_saml_enabled? + Gitlab.config.omniauth.auto_link_saml_user + end + end + end +end |