diff options
Diffstat (limited to 'app/controllers/omniauth_callbacks_controller.rb')
-rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 54 |
1 files changed, 18 insertions, 36 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 21135f7d607..9cf76521a0d 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -42,26 +42,6 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController end end - def saml - if current_user - log_audit_event(current_user, with: :saml) - # Update SAML identity if data has changed. - identity = current_user.identities.find_by(extern_uid: oauth['uid'], provider: :saml) - if identity.nil? - current_user.identities.create(extern_uid: oauth['uid'], provider: :saml) - redirect_to profile_account_path, notice: 'Authentication method updated' - else - redirect_to after_sign_in_path_for(current_user) - end - else - saml_user = Gitlab::Saml::User.new(oauth) - saml_user.save - @user = saml_user.gl_user - - continue_login_process - end - end - def omniauth_error @provider = params[:provider] @error = params[:error] @@ -85,11 +65,25 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController log_audit_event(current_user, with: oauth['provider']) redirect_to profile_account_path, notice: 'Authentication method updated' else - oauth_user = Gitlab::OAuth::User.new(oauth) - oauth_user.save - @user = oauth_user.gl_user + @user = Gitlab::OAuth::User.new(oauth) + @user.save - continue_login_process + # Only allow properly saved users to login. + if @user.persisted? && @user.valid? + log_audit_event(@user.gl_user, with: oauth['provider']) + sign_in_and_redirect(@user.gl_user) + else + error_message = + if @user.gl_user.errors.any? + @user.gl_user.errors.map do |attribute, message| + "#{attribute} #{message}" + end.join(", ") + else + '' + end + + redirect_to omniauth_error_path(oauth['provider'], error: error_message) and return + end end rescue Gitlab::OAuth::SignupDisabledError label = Gitlab::OAuth::Provider.label_for(oauth['provider']) @@ -110,18 +104,6 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController session[:service_tickets][provider] = ticket end - def continue_login_process - # Only allow properly saved users to login. - if @user.persisted? && @user.valid? - log_audit_event(@user, with: oauth['provider']) - sign_in_and_redirect(@user) - else - error_message = @user.errors.full_messages.to_sentence - - redirect_to omniauth_error_path(oauth['provider'], error: error_message) and return - end - end - def oauth @oauth ||= request.env['omniauth.auth'] end |