From f10c999bca2b5b37b068ff3680a6e35a6707828d Mon Sep 17 00:00:00 2001
From: James Edwards-Jones <jedwardsjones@gitlab.com>
Date: Wed, 18 Apr 2018 15:03:27 +0100
Subject: Refactor OmniauthCallbacksController to remove duplication

Moves LDAP to its own controller with tests
Provides path forward for implementing GroupSaml
---
 .../ldap/omniauth_callbacks_controller.rb          | 33 ++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 app/controllers/ldap/omniauth_callbacks_controller.rb

(limited to 'app/controllers/ldap')

diff --git a/app/controllers/ldap/omniauth_callbacks_controller.rb b/app/controllers/ldap/omniauth_callbacks_controller.rb
new file mode 100644
index 00000000000..e9219274182
--- /dev/null
+++ b/app/controllers/ldap/omniauth_callbacks_controller.rb
@@ -0,0 +1,33 @@
+class Ldap::OmniauthCallbacksController < OmniauthCallbacksController
+  extend ::Gitlab::Utils::Override
+
+  def self.define_providers!
+    if Gitlab::Auth::LDAP::Config.enabled?
+      Gitlab::Auth::LDAP::Config.available_servers.each do |server|
+        define_method server['provider_name'] do
+          ldap
+        end
+      end
+    end
+  end
+
+  define_providers!
+
+  # We only find ourselves here
+  # if the authentication to LDAP was successful.
+  def ldap
+    sign_in_user_flow(Gitlab::Auth::LDAP::User)
+  end
+
+  override :set_remember_me
+  def set_remember_me(user)
+    user.remember_me = params[:remember_me] if user.persisted?
+  end
+
+  override :fail_login
+  def fail_login(user)
+    flash[:alert] = 'Access denied for your LDAP account.'
+
+    redirect_to new_user_session_path
+  end
+end
-- 
cgit v1.2.1