Merge branch 'fix_saml_ldap_link' into 'master'

Omniauth auto link LDAP user falls back to find by DN when user cannot be found by uid Unfortunately, SAML IDs can be an LDAP UID, DN, or something else entirely. UID and DN are most common, though. This adds a fallback scenario so we first try to find a matching LDAP user by UID, then by DN. This will fix a problem for the customer in https://gitlab.zendesk.com/agent/tickets/43298 See merge request !7002
author: Douwe Maan <douwe@gitlab.com> 2016-11-15 10:20:11 +0000
committer: Douwe Maan <douwe@gitlab.com> 2016-11-15 10:20:11 +0000
commit: 3a3b06b4faccaf49279bee397af6df2916a9195e (patch)
tree: 4cd77e6fc3160bfd21e5911ad68c073aec6c568f /lib
parent: e98e7c60c5ff115f1d892a82722e0951e049e301 (diff)
parent: 3cff3a2e5b87c40927eb02a8884c84260ca30c2a (diff)
download: gitlab-ce-3a3b06b4faccaf49279bee397af6df2916a9195e.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/gitlab/o_auth/user.rb b/lib/gitlab/o_auth/user.rb
index 0a91d3918d5..a8b4dc2a83f 100644
--- a/lib/gitlab/o_auth/user.rb
+++ b/lib/gitlab/o_auth/user.rb
@@ -102,6 +102,8 @@ module Gitlab
         Gitlab::LDAP::Config.providers.each do |provider|
           adapter = Gitlab::LDAP::Adapter.new(provider)
           @ldap_person = Gitlab::LDAP::Person.find_by_uid(auth_hash.uid, adapter)
+          # The `uid` might actually be a DN. Try it next.
+          @ldap_person ||= Gitlab::LDAP::Person.find_by_dn(auth_hash.uid, adapter)
           break if @ldap_person
         end
         @ldap_person
author	Douwe Maan <douwe@gitlab.com>	2016-11-15 10:20:11 +0000
committer	Douwe Maan <douwe@gitlab.com>	2016-11-15 10:20:11 +0000
commit	3a3b06b4faccaf49279bee397af6df2916a9195e (patch)
tree	4cd77e6fc3160bfd21e5911ad68c073aec6c568f /lib
parent	e98e7c60c5ff115f1d892a82722e0951e049e301 (diff)
parent	3cff3a2e5b87c40927eb02a8884c84260ca30c2a (diff)
download	gitlab-ce-3a3b06b4faccaf49279bee397af6df2916a9195e.tar.gz