diff options
author | James Edwards-Jones <jedwardsjones@gitlab.com> | 2018-03-20 09:42:35 +0000 |
---|---|---|
committer | James Edwards-Jones <jedwardsjones@gitlab.com> | 2018-03-20 17:39:52 +0000 |
commit | da2191afa0e1bf4e0d1f605df9528800eec91c61 (patch) | |
tree | d3e819bc28cf00ca6ae0916db900f747a0ab1f20 /lib | |
parent | bce962a87c9aa76b63f96b1c7ce302ba233ea68e (diff) | |
download | gitlab-ce-da2191afa0e1bf4e0d1f605df9528800eec91c61.tar.gz |
OmniauthInitializer created to improve devise.rb
This should simplify refactoring and allow testing
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/omniauth_initializer.rb | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/lib/gitlab/omniauth_initializer.rb b/lib/gitlab/omniauth_initializer.rb new file mode 100644 index 00000000000..a2c37444730 --- /dev/null +++ b/lib/gitlab/omniauth_initializer.rb @@ -0,0 +1,65 @@ +module Gitlab + class OmniauthInitializer + def initialize(devise_config) + @devise_config = devise_config + end + + def config + @devise_config + end + + def execute(providers) + initialize_providers(providers) + end + + private + + def initialize_providers(providers) + providers.each do |provider| + provider_arguments = [] + + %w[app_id app_secret].each do |argument| + provider_arguments << provider[argument] if provider[argument] + end + + case provider['args'] + when Array + # An Array from the configuration will be expanded. + provider_arguments.concat provider['args'] + when Hash + # Add procs for handling SLO + if provider['name'] == 'cas3' + provider['args'][:on_single_sign_out] = lambda do |request| + ticket = request.params[:session_index] + raise "Service Ticket not found." unless Gitlab::Auth::OAuth::Session.valid?(:cas3, ticket) + + Gitlab::Auth::OAuth::Session.destroy(:cas3, ticket) + true + end + end + + if provider['name'] == 'authentiq' + provider['args'][:remote_sign_out_handler] = lambda do |request| + authentiq_session = request.params['sid'] + if Gitlab::Auth::OAuth::Session.valid?(:authentiq, authentiq_session) + Gitlab::Auth::OAuth::Session.destroy(:authentiq, authentiq_session) + true + else + false + end + end + end + + if provider['name'] == 'shibboleth' + provider['args'][:fail_with_empty_uid] = true + end + + # A Hash from the configuration will be passed as is. + provider_arguments << provider['args'].symbolize_keys + end + + config.omniauth provider['name'].to_sym, *provider_arguments + end + end + end +end |