Merge branch 'zeitwerk-ldap-inflections' into 'master'

Fix inconsistent inflection of Ldap module

See merge request gitlab-org/gitlab!26630

app/controllers/application_controller.rb

@@ -307,7 +307,7 @@ class ApplicationController < ActionController::Base
     if current_user && current_user.requires_ldap_check?
       return unless current_user.try_obtain_ldap_lease
 
-      unless Gitlab::Auth::LDAP::Access.allowed?(current_user)
+      unless Gitlab::Auth::Ldap::Access.allowed?(current_user)
         sign_out current_user
         flash[:alert] = _("Access denied for your LDAP account.")
         redirect_to new_user_session_path

app/controllers/ldap/omniauth_callbacks_controller.rb

@@ -4,9 +4,9 @@ class Ldap::OmniauthCallbacksController < OmniauthCallbacksController
   extend ::Gitlab::Utils::Override
 
   def self.define_providers!
-    return unless Gitlab::Auth::LDAP::Config.sign_in_enabled?
+    return unless Gitlab::Auth::Ldap::Config.sign_in_enabled?
 
-    Gitlab::Auth::LDAP::Config.available_servers.each do |server|
+    Gitlab::Auth::Ldap::Config.available_servers.each do |server|
       alias_method server['provider_name'], :ldap
     end
   end
@@ -14,9 +14,9 @@ class Ldap::OmniauthCallbacksController < OmniauthCallbacksController
   # We only find ourselves here
   # if the authentication to LDAP was successful.
   def ldap
-    return unless Gitlab::Auth::LDAP::Config.sign_in_enabled?
+    return unless Gitlab::Auth::Ldap::Config.sign_in_enabled?
 
-    sign_in_user_flow(Gitlab::Auth::LDAP::User)
+    sign_in_user_flow(Gitlab::Auth::Ldap::User)
   end
 
   define_providers!

app/controllers/sessions_controller.rb

@@ -273,8 +273,8 @@ class SessionsController < Devise::SessionsController
 
   def ldap_servers
     @ldap_servers ||= begin
-      if Gitlab::Auth::LDAP::Config.sign_in_enabled?
-        Gitlab::Auth::LDAP::Config.available_servers
+      if Gitlab::Auth::Ldap::Config.sign_in_enabled?
+        Gitlab::Auth::Ldap::Config.available_servers
       else
         []
       end

app/helpers/auth_helper.rb

@@ -5,11 +5,11 @@ module AuthHelper
   LDAP_PROVIDER = /\Aldap/.freeze
 
   def ldap_enabled?
-    Gitlab::Auth::LDAP::Config.enabled?
+    Gitlab::Auth::Ldap::Config.enabled?
   end
 
   def ldap_sign_in_enabled?
-    Gitlab::Auth::LDAP::Config.sign_in_enabled?
+    Gitlab::Auth::Ldap::Config.sign_in_enabled?
   end
 
   def omniauth_enabled?

app/models/identity.rb

@@ -25,7 +25,7 @@ class Identity < ApplicationRecord
 
   def self.normalize_uid(provider, uid)
     if Gitlab::Auth::OAuth::Provider.ldap_provider?(provider)
-      Gitlab::Auth::LDAP::Person.normalize_dn(uid)
+      Gitlab::Auth::Ldap::Person.normalize_dn(uid)
     else
       uid.to_s
     end

app/models/user.rb

@@ -1562,7 +1562,7 @@ class User < ApplicationRecord
 
   def read_only_attribute?(attribute)
     if Feature.enabled?(:ldap_readonly_attributes, default_enabled: true)
-      enabled = Gitlab::Auth::LDAP::Config.enabled?
+      enabled = Gitlab::Auth::Ldap::Config.enabled?
       read_only = attribute.to_sym.in?(UserSyncedAttributesMetadata::SYNCABLE_ATTRIBUTES)
 
       return true if enabled && read_only

app/views/admin/application_settings/_signin.html.haml

@@ -16,7 +16,7 @@
           Password authentication enabled for Git over HTTP(S)
           .form-text.text-muted
             When disabled, a Personal Access Token
-            - if Gitlab::Auth::LDAP::Config.enabled?
+            - if Gitlab::Auth::Ldap::Config.enabled?
               or LDAP password
             must be used to authenticate.
     - if omniauth_enabled? && button_based_providers.any?

config/initializers/8_devise.rb

@@ -226,9 +226,9 @@ Devise.setup do |config|
     manager.failure_app = Gitlab::DeviseFailure
   end
 
-  if Gitlab::Auth::LDAP::Config.enabled?
-    Gitlab::Auth::LDAP::Config.providers.each do |provider|
-      ldap_config = Gitlab::Auth::LDAP::Config.new(provider)
+  if Gitlab::Auth::Ldap::Config.enabled?
+    Gitlab::Auth::Ldap::Config.providers.each do |provider|
+      ldap_config = Gitlab::Auth::Ldap::Config.new(provider)
       config.omniauth(provider, ldap_config.omniauth_options)
     end
   end

config/initializers/omniauth.rb

-if Gitlab::Auth::LDAP::Config.enabled?
+if Gitlab::Auth::Ldap::Config.enabled?
   module OmniAuth::Strategies
-    Gitlab::Auth::LDAP::Config.available_servers.each do |server|
+    Gitlab::Auth::Ldap::Config.available_servers.each do |server|
       # do not redeclare LDAP
       next if server['provider_name'] == 'ldap'
 

config/routes/user.rb

@@ -10,9 +10,9 @@ def override_omniauth(provider, controller, path_prefix = '/users/auth')
 end
 
 # Use custom controller for LDAP omniauth callback
-if Gitlab::Auth::LDAP::Config.sign_in_enabled?
+if Gitlab::Auth::Ldap::Config.sign_in_enabled?
   devise_scope :user do
-    Gitlab::Auth::LDAP::Config.available_servers.each do |server|
+    Gitlab::Auth::Ldap::Config.available_servers.each do |server|
       override_omniauth(server['provider_name'], 'ldap/omniauth_callbacks')
     end
   end

doc/administration/auth/ldap-ee.md

@@ -493,7 +493,7 @@ step of the sync.
 1. Run a group sync for this particular group.
 
    ```ruby
-   EE::Gitlab::Auth::LDAP::Sync::Group.execute_all_providers(group)
+   EE::Gitlab::Auth::Ldap::Sync::Group.execute_all_providers(group)
    ```
 
 1. Look through the output of the sync. See [example log output](#example-log-output)
@@ -503,11 +503,11 @@ step of the sync.
    run the following query:
 
    ```ruby
-   adapter = Gitlab::Auth::LDAP::Adapter.new('ldapmain') # If `main` is the LDAP provider
-   ldap_group = EE::Gitlab::Auth::LDAP::Group.find_by_cn('group_cn_here', adapter)
+   adapter = Gitlab::Auth::Ldap::Adapter.new('ldapmain') # If `main` is the LDAP provider
+   ldap_group = EE::Gitlab::Auth::Ldap::Group.find_by_cn('group_cn_here', adapter)
 
    # Output
-   => #<EE::Gitlab::Auth::LDAP::Group:0x007fcbdd0bb6d8
+   => #<EE::Gitlab::Auth::Ldap::Group:0x007fcbdd0bb6d8
    ```
 
 1. Query the LDAP group's member DNs and see if the user's DN is in the list.

doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md

@@ -626,7 +626,7 @@ EE::Gitlab::LDAP::Sync::Group.execute_all_providers(group)
 
 # Run a GroupSync for a single group (10.6+)
 group = Group.find_by(name: 'my_gitlab_group')
-EE::Gitlab::Auth::LDAP::Sync::Group.execute_all_providers(group)
+EE::Gitlab::Auth::Ldap::Sync::Group.execute_all_providers(group)
 
 # Query an LDAP group directly (10.6-)
 adapter = Gitlab::LDAP::Adapter.new('ldapmain') # If `main` is the LDAP provider
@@ -635,20 +635,20 @@ ldap_group.member_dns
 ldap_group.member_uids
 
 # Query an LDAP group directly (10.6+)
-adapter = Gitlab::Auth::LDAP::Adapter.new('ldapmain') # If `main` is the LDAP provider
-ldap_group = EE::Gitlab::Auth::LDAP::Group.find_by_cn('group_cn_here', adapter)
+adapter = Gitlab::Auth::Ldap::Adapter.new('ldapmain') # If `main` is the LDAP provider
+ldap_group = EE::Gitlab::Auth::Ldap::Group.find_by_cn('group_cn_here', adapter)
 ldap_group.member_dns
 ldap_group.member_uids
 
 # Lookup a particular user (10.6+)
 # This could expose potential errors connecting to and/or querying LDAP that may seem to
 # fail silently in the GitLab UI
-adapter = Gitlab::Auth::LDAP::Adapter.new('ldapmain') # If `main` is the LDAP provider
-user = Gitlab::Auth::LDAP::Person.find_by_uid('<username>',adapter)
+adapter = Gitlab::Auth::Ldap::Adapter.new('ldapmain') # If `main` is the LDAP provider
+user = Gitlab::Auth::Ldap::Person.find_by_uid('<username>',adapter)
 
 # Query the LDAP server directly (10.6+)
 ## For an example, see https://gitlab.com/gitlab-org/gitlab/blob/master/ee/lib/ee/gitlab/auth/ldap/adapter.rb
-adapter = Gitlab::Auth::LDAP::Adapter.new('ldapmain')
+adapter = Gitlab::Auth::Ldap::Adapter.new('ldapmain')
 options = {
     # the :base is required
     # use adapter.config.base for the base or .group_base for the group_base

ee/app/controllers/groups/ldaps_controller.rb

@@ -27,6 +27,6 @@ class Groups::LdapsController < Groups::ApplicationController
   private
 
   def check_enabled_extras!
-    render_404 unless Gitlab::Auth::LDAP::Config.group_sync_enabled?
+    render_404 unless Gitlab::Auth::Ldap::Config.group_sync_enabled?
   end
 end

ee/app/controllers/smartcard_controller.rb

@@ -13,7 +13,7 @@ class SmartcardController < ApplicationController
   end
 
   def ldap_auth
-    certificate = Gitlab::Auth::Smartcard::LDAPCertificate.new(params[:provider], certificate_header)
+    certificate = Gitlab::Auth::Smartcard::LdapCertificate.new(params[:provider], certificate_header)
     sign_in_with(certificate)
   end
 

ee/app/helpers/ee/auth_helper.rb

@@ -53,7 +53,7 @@ module EE
     def smartcard_enabled_for_ldap?(provider_name, required: false)
       return false unless smartcard_enabled?
 
-      server = ::Gitlab::Auth::LDAP::Config.servers.find do |server|
+      server = ::Gitlab::Auth::Ldap::Config.servers.find do |server|
         server['provider_name'] == provider_name
       end
 

ee/app/helpers/ee/selects_helper.rb

@@ -4,7 +4,7 @@ module EE
   module SelectsHelper
     def ldap_server_select_options
       options_from_collection_for_select(
-        ::Gitlab::Auth::LDAP::Config.available_servers,
+        ::Gitlab::Auth::Ldap::Config.available_servers,
         'provider_name',
         'label'
       )

ee/app/models/ldap_group_link.rb

@@ -31,14 +31,14 @@ class LdapGroupLink < ApplicationRecord
   end
 
   def config
-    Gitlab::Auth::LDAP::Config.new(provider)
-  rescue Gitlab::Auth::LDAP::Config::InvalidProvider
+    Gitlab::Auth::Ldap::Config.new(provider)
+  rescue Gitlab::Auth::Ldap::Config::InvalidProvider
     nil
   end
 
   # default to the first LDAP server
   def provider
-    read_attribute(:provider) || Gitlab::Auth::LDAP::Config.providers.first
+    read_attribute(:provider) || Gitlab::Auth::Ldap::Config.providers.first
   end
 
   def provider_label

ee/app/views/groups/ee/_settings_nav.html.haml

-- if Gitlab::Auth::LDAP::Config.group_sync_enabled? && can?(current_user, :admin_ldap_group_links, @group)
+- if Gitlab::Auth::Ldap::Config.group_sync_enabled? && can?(current_user, :admin_ldap_group_links, @group)
   = nav_link(path: 'ldap_group_links#index') do
     = link_to group_ldap_group_links_path(@group), title: 'LDAP Group', class: 'qa-ldap-synchronization-link' do
       %span

ee/app/views/ldap_group_links/_ldap_group_links_show.html.haml

 - group = local_assigns.fetch(:group)
-- return unless Gitlab::Auth::LDAP::Config.group_sync_enabled? && group.ldap_synced?
+- return unless Gitlab::Auth::Ldap::Config.group_sync_enabled? && group.ldap_synced?
 
 .card
   .card-header Active synchronizations

ee/app/views/ldap_group_links/_ldap_group_links_synchronizations.html.haml

 - group = local_assigns.fetch(:group)
-- return unless Gitlab::Auth::LDAP::Config.group_sync_enabled? && group.persisted?
+- return unless Gitlab::Auth::Ldap::Config.group_sync_enabled? && group.persisted?
 
 %h3.page-title LDAP synchronizations
 = render 'ldap_group_links/form', group: group

ee/app/workers/ldap_all_groups_sync_worker.rb

@@ -11,10 +11,10 @@ class LdapAllGroupsSyncWorker # rubocop:disable Scalability/IdempotentWorker
   worker_has_external_dependencies!
 
   def perform
-    return unless Gitlab::Auth::LDAP::Config.group_sync_enabled?
+    return unless Gitlab::Auth::Ldap::Config.group_sync_enabled?
 
     logger.info 'Started LDAP group sync'
-    EE::Gitlab::Auth::LDAP::Sync::Groups.execute
+    EE::Gitlab::Auth::Ldap::Sync::Groups.execute
     logger.info 'Finished LDAP group sync'
   end
 end

ee/app/workers/ldap_group_sync_worker.rb

@@ -9,12 +9,12 @@ class LdapGroupSyncWorker # rubocop:disable Scalability/IdempotentWorker
 
   # rubocop: disable CodeReuse/ActiveRecord
   def perform(group_ids, provider = nil)
-    return unless Gitlab::Auth::LDAP::Config.group_sync_enabled?
+    return unless Gitlab::Auth::Ldap::Config.group_sync_enabled?
 
     groups = Group.where(id: Array(group_ids))
 
     if provider
-      EE::Gitlab::Auth::LDAP::Sync::Proxy.open(provider) do |proxy|
+      EE::Gitlab::Auth::Ldap::Sync::Proxy.open(provider) do |proxy|
         sync_groups(groups, proxy: proxy)
       end
     else
@@ -31,9 +31,9 @@ class LdapGroupSyncWorker # rubocop:disable Scalability/IdempotentWorker
     logger.info "Started LDAP group sync for group #{group.name} (#{group.id})"
 
     if proxy
-      EE::Gitlab::Auth::LDAP::Sync::Group.execute(group, proxy)
+      EE::Gitlab::Auth::Ldap::Sync::Group.execute(group, proxy)
     else
-      EE::Gitlab::Auth::LDAP::Sync::Group.execute_all_providers(group)
+      EE::Gitlab::Auth::Ldap::Sync::Group.execute_all_providers(group)
     end
 
     logger.info "Finished LDAP group sync for group #{group.name} (#{group.id})"

ee/app/workers/ldap_sync_worker.rb

@@ -10,14 +10,14 @@ class LdapSyncWorker # rubocop:disable Scalability/IdempotentWorker
   # rubocop: disable CodeReuse/ActiveRecord
   # rubocop: disable Gitlab/RailsLogger
   def perform
-    return unless Gitlab::Auth::LDAP::Config.group_sync_enabled?
+    return unless Gitlab::Auth::Ldap::Config.group_sync_enabled?
 
     Rails.logger.info "Performing daily LDAP sync task."
     User.ldap.find_each(batch_size: 100).each do |ldap_user|
       Rails.logger.debug "Syncing user #{ldap_user.username}, #{ldap_user.email}"
       # Use the 'update_ldap_group_links_synchronously' option to avoid creating a ton
       # of new Sidekiq jobs all at once.
-      Gitlab::Auth::LDAP::Access.allowed?(ldap_user, update_ldap_group_links_synchronously: true)
+      Gitlab::Auth::Ldap::Access.allowed?(ldap_user, update_ldap_group_links_synchronously: true)
     end
   end
   # rubocop: enable CodeReuse/ActiveRecord

ee/lib/api/ldap.rb

@@ -12,7 +12,7 @@ module API
       helpers do
         def get_group_list(provider, search)
           search = Net::LDAP::Filter.escape(search)
-          Gitlab::Auth::LDAP::Adapter.new(provider).groups("#{search}*", 20)
+          Gitlab::Auth::Ldap::Adapter.new(provider).groups("#{search}*", 20)
         end
 
         params :search_params do
@@ -27,7 +27,7 @@ module API
         use :search_params
       end
       get 'groups' do
-        provider = Gitlab::Auth::LDAP::Config.available_servers.first['provider_name']
+        provider = Gitlab::Auth::Ldap::Config.available_servers.first['provider_name']
         groups = get_group_list(provider, params[:search])
         present groups, with: EE::API::Entities::LdapGroup
       end

ee/lib/ee/api/groups.rb

@@ -74,7 +74,7 @@ module EE
         resource :groups, requirements: ::API::API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
           desc 'Sync a group with LDAP.'
           post ":id/ldap_sync" do
-            not_found! unless ::Gitlab::Auth::LDAP::Config.group_sync_enabled?
+            not_found! unless ::Gitlab::Auth::Ldap::Config.group_sync_enabled?
 
             group = find_group!(params[:id])
             authorize! :admin_group, group

ee/lib/ee/gitlab/auth/ldap/access.rb

@@ -3,7 +3,7 @@
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module Access
           extend ActiveSupport::Concern
           extend ::Gitlab::Utils::Override
@@ -27,7 +27,7 @@ module EE
             return found_user if found_user
 
             if ldap_identity
-              ::Gitlab::Auth::LDAP::Person.find_by_email(user.email, adapter)
+              ::Gitlab::Auth::Ldap::Person.find_by_email(user.email, adapter)
             end
           end
 

ee/lib/ee/gitlab/auth/ldap/access_levels.rb

@@ -3,7 +3,7 @@
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         # Create a hash map of member DNs to access levels. The highest
         # access level is retained in cases where `set` is called multiple times
         # for the same DN.

ee/lib/ee/gitlab/auth/ldap/adapter.rb

@@ -3,11 +3,11 @@
 # LDAP connection adapter EE mixin
 #
 # This module is intended to encapsulate EE-specific adapter methods
-# and be **prepended** in the `Gitlab::Auth::LDAP::Adapter` class.
+# and be **prepended** in the `Gitlab::Auth::Ldap::Adapter` class.
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module Adapter
           # Get LDAP groups from ou=Groups
           #
@@ -26,7 +26,7 @@ module EE
             options[:size] = size if size
 
             ldap_search(options).map do |entry|
-              LDAP::Group.new(entry, self)
+              Ldap::Group.new(entry, self)
             end
           end
 
@@ -52,7 +52,7 @@ module EE
             }
 
             ldap_search(options).map do |entry|
-              LDAP::Group.new(entry, self)
+              Ldap::Group.new(entry, self)
             end
           end
 
@@ -72,7 +72,7 @@ module EE
 
           def user_options_for_cert(certificate_assertion)
             options = {
-              attributes: ::Gitlab::Auth::LDAP::Person.ldap_attributes(config),
+              attributes: ::Gitlab::Auth::Ldap::Person.ldap_attributes(config),
               base: config.base
             }
 

ee/lib/ee/gitlab/auth/ldap/config.rb

@@ -3,7 +3,7 @@
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module Config
           extend ActiveSupport::Concern
 

ee/lib/ee/gitlab/auth/ldap/group.rb

@@ -3,7 +3,7 @@
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         class Group
           attr_accessor :adapter
           attr_reader :entry
@@ -43,7 +43,7 @@ module EE
 
           def member_uids
             @member_uids ||= entry.memberuid.map do |uid|
-              ::Gitlab::Auth::LDAP::Person.normalize_uid(uid)
+              ::Gitlab::Auth::Ldap::Person.normalize_uid(uid)
             end
           end
 
@@ -157,22 +157,22 @@ module EE
           # the user DN match, profit!
           def members_within_base(members)
             begin
-              base = ::Gitlab::Auth::LDAP::DN.new(adapter.config.base).to_a
-            rescue ::Gitlab::Auth::LDAP::DN::FormatError => e
+              base = ::Gitlab::Auth::Ldap::DN.new(adapter.config.base).to_a
+            rescue ::Gitlab::Auth::Ldap::DN::FormatError => e
               Rails.logger.error "Configured LDAP `base` is invalid: '#{adapter.config.base}'. Error: \"#{e.message}\"" # rubocop:disable Gitlab/RailsLogger
               return []
             end
 
             members.select do |dn|
-              ::Gitlab::Auth::LDAP::DN.new(dn).to_a.last(base.length) == base
-            rescue ::Gitlab::Auth::LDAP::DN::FormatError => e
+              ::Gitlab::Auth::Ldap::DN.new(dn).to_a.last(base.length) == base
+            rescue ::Gitlab::Auth::Ldap::DN::FormatError => e
               Rails.logger.warn "Received invalid member DN from LDAP group '#{cn}': '#{dn}'. Error: \"#{e.message}\". Skipping" # rubocop:disable Gitlab/RailsLogger
             end
           end
 
           def normalize_dns(dns)
             dns.map do |dn|
-              ::Gitlab::Auth::LDAP::Person.normalize_dn(dn)
+              ::Gitlab::Auth::Ldap::Person.normalize_dn(dn)
             end
           end
 

ee/lib/ee/gitlab/auth/ldap/person.rb

@@ -5,7 +5,7 @@ require 'net/ldap/dn'
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module Person
           extend ActiveSupport::Concern
 
@@ -42,7 +42,7 @@ module EE
             # LDAP DN and constructs a domain name from them
             def domain_from_dn(dn)
               dn_components = []
-              ::Gitlab::Auth::LDAP::DN.new(dn).each_pair { |name, value| dn_components << { name: name, value: value } }
+              ::Gitlab::Auth::Ldap::DN.new(dn).each_pair { |name, value| dn_components << { name: name, value: value } }
               dn_components
                 .reverse
                 .take_while { |rdn| rdn[:name].casecmp('DC').zero? } # Domain Component

ee/lib/ee/gitlab/auth/ldap/sync/admin_users.rb

@@ -3,7 +3,7 @@
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module Sync
           class AdminUsers < Sync::Users
             private

ee/lib/ee/gitlab/auth/ldap/sync/external_users.rb

@@ -3,7 +3,7 @@
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module Sync
           class ExternalUsers < Sync::Users
             private

ee/lib/ee/gitlab/auth/ldap/sync/group.rb

@@ -3,7 +3,7 @@
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module Sync
           class Group
             attr_reader :provider, :group, :proxy
@@ -21,7 +21,7 @@ module EE
                   # and only the first provider or two get synced. This shuffles the order
                   # so subsequent syncs should eventually get to all providers. Obviously
                   # we should avoid failure, but this is an additional safeguard.
-                  ::Gitlab::Auth::LDAP::Config.providers.shuffle.each do |provider|
+                  ::Gitlab::Auth::Ldap::Config.providers.shuffle.each do |provider|
                     Sync::Proxy.open(provider) do |proxy|
                       new(group, proxy).update_permissions
                     end
@@ -29,7 +29,7 @@ module EE
 
                   group.finish_ldap_sync
                   Rails.logger.debug { "Finished syncing all providers for '#{group.name}' group" } # rubocop:disable Gitlab/RailsLogger
-                rescue ::Gitlab::Auth::LDAP::LDAPConnectionError
+                rescue ::Gitlab::Auth::Ldap::LdapConnectionError
                   Rails.logger.warn("Error syncing all providers for '#{group.name}' group") # rubocop:disable Gitlab/RailsLogger
                   group.fail_ldap_sync
                 end
@@ -48,7 +48,7 @@ module EE
 
                   group.finish_ldap_sync
                   Rails.logger.debug { "Finished syncing '#{proxy.provider}' provider for '#{group.name}' group" } # rubocop:disable Gitlab/RailsLogger
-                rescue ::Gitlab::Auth::LDAP::LDAPConnectionError
+                rescue ::Gitlab::Auth::Ldap::LdapConnectionError
                   Rails.logger.warn("Error syncing '#{proxy.provider}' provider for '#{group.name}' group") # rubocop:disable Gitlab/RailsLogger
                   group.fail_ldap_sync
                 end
@@ -174,7 +174,7 @@ module EE
             def update_existing_group_membership(group, access_levels)
               logger.debug { "Updating existing membership for '#{group.name}' group" }
 
-              multiple_ldap_providers = ::Gitlab::Auth::LDAP::Config.providers.count > 1
+              multiple_ldap_providers = ::Gitlab::Auth::Ldap::Config.providers.count > 1
               existing_members = select_and_preload_group_members(group)
               # For each existing group member, we'll need to look up its LDAP identity in the current LDAP provider.
               # It is much faster to resolve these at once than later for each member one by one.

ee/lib/ee/gitlab/auth/ldap/sync/groups.rb

@@ -3,7 +3,7 @@
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module Sync
           class Groups
             attr_reader :provider, :proxy
@@ -13,7 +13,7 @@ module EE
               # and only the first provider or two get synced. This shuffles the order
               # so subsequent syncs should eventually get to all providers. Obviously
               # we should avoid failure, but this is an additional safeguard.
-              ::Gitlab::Auth::LDAP::Config.providers.shuffle.each do |provider|
+              ::Gitlab::Auth::Ldap::Config.providers.shuffle.each do |provider|
                 Sync::Proxy.open(provider) do |proxy|
                   group_sync = self.new(proxy)
                   group_sync.update_permissions

ee/lib/ee/gitlab/auth/ldap/sync/proxy.rb

@@ -5,7 +5,7 @@ require 'net/ldap/dn'
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module Sync
           class Proxy
             attr_reader :provider, :adapter
@@ -13,7 +13,7 @@ module EE
             # Open a connection and run all queries through it.
             # It's more efficient than the default of opening/closing per LDAP query.
             def self.open(provider, &block)
-              ::Gitlab::Auth::LDAP::Adapter.open(provider) do |adapter|
+              ::Gitlab::Auth::Ldap::Adapter.open(provider) do |adapter|
                 block.call(self.new(provider, adapter))
               end
             end
@@ -43,7 +43,7 @@ module EE
             private
 
             def ldap_group_member_dns(ldap_group_cn)
-              ldap_group = LDAP::Group.find_by_cn(ldap_group_cn, adapter)
+              ldap_group = Ldap::Group.find_by_cn(ldap_group_cn, adapter)
               unless ldap_group.present?
                 logger.warn { "Cannot find LDAP group with CN '#{ldap_group_cn}'. Skipping" }
                 return []
@@ -77,9 +77,9 @@ module EE
             def ensure_full_dns!(dns)
               dns.map! do |dn|
                 begin
-                  dn_obj = ::Gitlab::Auth::LDAP::DN.new(dn)
+                  dn_obj = ::Gitlab::Auth::Ldap::DN.new(dn)
                   parsed_dn = dn_obj.to_a
-                rescue ::Gitlab::Auth::LDAP::DN::FormatError => e
+                rescue ::Gitlab::Auth::Ldap::DN::FormatError => e
                   logger.error { "Found malformed DN: '#{dn}'. Skipping. Error: \"#{e.message}\"" }
                   next
                 end
@@ -124,7 +124,7 @@ module EE
                 # Use the DN on record in GitLab when it's available
                 identity.extern_uid
               else
-                ldap_user = ::Gitlab::Auth::LDAP::Person.find_by_uid(uid, adapter)
+                ldap_user = ::Gitlab::Auth::Ldap::Person.find_by_uid(uid, adapter)
 
                 # Can't find a matching user
                 return unless ldap_user.present?

ee/lib/ee/gitlab/auth/ldap/sync/users.rb

@@ -3,7 +3,7 @@
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module Sync
           class Users
             attr_reader :provider, :proxy
@@ -38,7 +38,7 @@ module EE
               end
 
               true
-            rescue ::Gitlab::Auth::LDAP::LDAPConnectionError
+            rescue ::Gitlab::Auth::Ldap::LdapConnectionError
               Rails.logger.warn("Error syncing #{attribute} users for provider '#{provider}'. LDAP connection Error") # rubocop:disable Gitlab/RailsLogger
 
               false
@@ -56,7 +56,7 @@ module EE
             end
 
             def update_user_by_dn(member_dn)
-              user = ::Gitlab::Auth::LDAP::User.find_by_uid_and_provider(member_dn, provider)
+              user = ::Gitlab::Auth::Ldap::User.find_by_uid_and_provider(member_dn, provider)
 
               if user.present?
                 user[attribute] = true

ee/lib/ee/gitlab/auth/ldap/user.rb

@@ -3,11 +3,11 @@
 # LDAP User EE mixin
 #
 # This module is intended to encapsulate EE-specific User methods
-# and be **prepended** in the `Gitlab::Auth::LDAP::User` class.
+# and be **prepended** in the `Gitlab::Auth::Ldap::User` class.
 module EE
   module Gitlab
     module Auth
-      module LDAP
+      module Ldap
         module User
           def initialize(auth_hash)
             super
@@ -43,7 +43,7 @@ module EE
           end
 
           def with_proxy(&block)
-            ::EE::Gitlab::Auth::LDAP::Sync::Proxy.open(auth_hash.provider, &block)
+            ::EE::Gitlab::Auth::Ldap::Sync::Proxy.open(auth_hash.provider, &block)
           end
         end
       end

ee/lib/ee/gitlab/auth/o_auth/user.rb

@@ -9,7 +9,7 @@ module EE
 
           def find_ldap_person(auth_hash, adapter)
             if auth_hash.provider == 'kerberos'
-              ::Gitlab::Auth::LDAP::Person.find_by_kerberos_principal(auth_hash.uid, adapter)
+              ::Gitlab::Auth::Ldap::Person.find_by_kerberos_principal(auth_hash.uid, adapter)
             else
               super
             end

ee/lib/gitlab/auth/smartcard/ldap_certificate.rb

@@ -3,7 +3,7 @@
 module Gitlab
   module Auth
     module Smartcard
-      class LDAPCertificate < Gitlab::Auth::Smartcard::Base
+      class LdapCertificate < Gitlab::Auth::Smartcard::Base
         def initialize(provider, certificate)
           super(certificate)
 
@@ -51,11 +51,11 @@ module Gitlab
         end
 
         def adapter
-          @adapter ||= Gitlab::Auth::LDAP::Adapter.new(@provider)
+          @adapter ||= Gitlab::Auth::Ldap::Adapter.new(@provider)
         end
 
         def ldap_user
-          @ldap_user ||= ::Gitlab::Auth::LDAP::Person.find_by_certificate_issuer_and_serial(
+          @ldap_user ||= ::Gitlab::Auth::Ldap::Person.find_by_certificate_issuer_and_serial(
             @certificate.issuer.to_s(OpenSSL::X509::Name::RFC2253),
             @certificate.serial.to_s,
             adapter)

ee/lib/tasks/gitlab/ldap.rake

@@ -2,7 +2,7 @@ namespace :gitlab do
   namespace :ldap do
     desc 'GitLab | LDAP | Run a GroupSync'
     task group_sync: :gitlab_environment do
-      unless Gitlab::Auth::LDAP::Config.group_sync_enabled?
+      unless Gitlab::Auth::Ldap::Config.group_sync_enabled?
         $stdout.puts 'LDAP GroupSync is not enabled.'
         exit 1
       end
@@ -10,7 +10,7 @@ namespace :gitlab do
       $stdout.puts 'LDAP GroupSync is enabled.'
       $stdout.puts 'Starting GroupSync...'
 
-      EE::Gitlab::Auth::LDAP::Sync::Groups.execute
+      EE::Gitlab::Auth::Ldap::Sync::Groups.execute
       $stdout.puts 'Finished GroupSync.'
     end
   end

ee/lib/tasks/migrate/ldap.rake

 desc "GitLab | Migrate provider names to multiple LDAP setup"
 namespace :gitlab do
   task migrate_ldap_providers: :environment do
-    config = Gitlab::Auth::LDAP::Config
+    config = Gitlab::Auth::Ldap::Config
     raise 'No LDAP server hash defined. See config/gitlab.yml.example for an example' unless config.servers.any?
 
     provider = config.servers.first['provider_name']

ee/spec/features/admin/admin_settings_spec.rb

@@ -198,7 +198,7 @@ describe 'Admin updates EE-only settings' do
 
   describe 'LDAP settings' do
     before do
-      allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(ldap_setting)
+      allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(ldap_setting)
 
       visit general_admin_application_settings_path
     end

ee/spec/features/groups/group_settings_spec.rb

@@ -19,7 +19,7 @@ describe 'Edit group settings' do
     context 'with LDAP enabled' do
       before do
         allow_any_instance_of(EE::Group).to receive(:ldap_synced?).and_return(true)
-        allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
+        allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
       end
 
       it 'is able to navigate to LDAP group section' do

ee/spec/features/users/login_spec.rb

@@ -99,7 +99,7 @@ describe 'Login' do
       stub_licensed_features(smartcard_auth: true)
       stub_ldap_setting(enabled: true)
       allow(Gitlab.config.smartcard).to receive(:enabled).and_return(true)
-      allow(::Gitlab::Auth::LDAP::Config).to receive_messages(enabled: true, servers: [ldap_server_config])
+      allow(::Gitlab::Auth::Ldap::Config).to receive_messages(enabled: true, servers: [ldap_server_config])
       allow_any_instance_of(ActionDispatch::Routing::RoutesProxy)
         .to receive(:user_ldapmain_omniauth_callback_path)
               .and_return('/users/auth/ldapmain/callback')

ee/spec/helpers/ee/auth_helper_spec.rb

@@ -44,7 +44,7 @@ describe EE::AuthHelper do
 
     before do
       allow(::Gitlab::Auth::Smartcard).to receive(:enabled?).and_return(true)
-      allow(::Gitlab::Auth::LDAP::Config).to receive(:servers).and_return([ldap_server_config])
+      allow(::Gitlab::Auth::Ldap::Config).to receive(:servers).and_return([ldap_server_config])
     end
 
     context 'LDAP server with optional smartcard auth' do
@@ -109,7 +109,7 @@ describe EE::AuthHelper do
 
     before do
       allow(::Gitlab::Auth::Smartcard).to receive(:enabled?).and_return(true)
-      allow(::Gitlab::Auth::LDAP::Config).to receive(:servers).and_return([ldap_server_config])
+      allow(::Gitlab::Auth::Ldap::Config).to receive(:servers).and_return([ldap_server_config])
     end
 
     context 'when smartcard auth is optional' do

ee/spec/lib/ee/gitlab/auth/ldap/access_levels_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe EE::Gitlab::Auth::LDAP::AccessLevels do
+describe EE::Gitlab::Auth::Ldap::AccessLevels do
   describe '#set' do
     let(:access_levels) { described_class.new }
     let(:dns) do

ee/spec/lib/ee/gitlab/auth/ldap/group_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe EE::Gitlab::Auth::LDAP::Group do
+describe EE::Gitlab::Auth::Ldap::Group do
   include LdapHelpers
 
   before do

ee/spec/lib/ee/gitlab/auth/ldap/sync/admin_users_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe EE::Gitlab::Auth::LDAP::Sync::AdminUsers do
+describe EE::Gitlab::Auth::Ldap::Sync::AdminUsers do
   include LdapHelpers
 
   let(:adapter) { ldap_adapter }

ee/spec/lib/ee/gitlab/auth/ldap/sync/external_users_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe EE::Gitlab::Auth::LDAP::Sync::ExternalUsers do
+describe EE::Gitlab::Auth::Ldap::Sync::ExternalUsers do
   include LdapHelpers
 
   describe '#update_permissions' do

ee/spec/lib/ee/gitlab/auth/ldap/sync/group_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe EE::Gitlab::Auth::LDAP::Sync::Group do
+describe EE::Gitlab::Auth::Ldap::Sync::Group do
   include LdapHelpers
 
   let(:adapter) { ldap_adapter }
@@ -91,7 +91,7 @@ describe EE::Gitlab::Auth::LDAP::Sync::Group do
 
       adapter = ldap_adapter('ldapmain')
       proxy = proxy(adapter, 'ldapmain')
-      allow(EE::Gitlab::Auth::LDAP::Sync::Proxy).to receive(:open).and_yield(proxy)
+      allow(EE::Gitlab::Auth::Ldap::Sync::Proxy).to receive(:open).and_yield(proxy)
     end
 
     let(:group) do
@@ -497,7 +497,7 @@ describe EE::Gitlab::Auth::LDAP::Sync::Group do
         it 'does not update permissions when group base is missing' do
           stub_ldap_config(group_base: nil)
 
-          expect_any_instance_of(EE::Gitlab::Auth::LDAP::Sync::Proxy).not_to receive(:dns_for_group_cn)
+          expect_any_instance_of(EE::Gitlab::Auth::Ldap::Sync::Proxy).not_to receive(:dns_for_group_cn)
 
           sync_group.update_permissions
         end

ee/spec/lib/ee/gitlab/auth/ldap/sync/groups_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe EE::Gitlab::Auth::LDAP::Sync::Groups do
+describe EE::Gitlab::Auth::Ldap::Sync::Groups do
   include LdapHelpers
 
   let(:adapter) { ldap_adapter }
@@ -10,9 +10,9 @@ describe EE::Gitlab::Auth::LDAP::Sync::Groups do
 
   describe '#update_permissions' do
     before do
-      allow(EE::Gitlab::Auth::LDAP::Sync::Group).to receive(:execute)
-      allow(EE::Gitlab::Auth::LDAP::Sync::AdminUsers).to receive(:execute)
-      allow(EE::Gitlab::Auth::LDAP::Sync::ExternalUsers).to receive(:execute)
+      allow(EE::Gitlab::Auth::Ldap::Sync::Group).to receive(:execute)
+      allow(EE::Gitlab::Auth::Ldap::Sync::AdminUsers).to receive(:execute)
+      allow(EE::Gitlab::Auth::Ldap::Sync::ExternalUsers).to receive(:execute)
 
       create_list(:group_with_ldap_group_link, 2)
     end
@@ -26,12 +26,12 @@ describe EE::Gitlab::Auth::LDAP::Sync::Groups do
         stub_ldap_config(group_base: nil)
       end
 
-      it 'does not call EE::Gitlab::Auth::LDAP::Sync::AdminUsers#execute' do
-        expect(EE::Gitlab::Auth::LDAP::Sync::AdminUsers).not_to receive(:execute)
+      it 'does not call EE::Gitlab::Auth::Ldap::Sync::AdminUsers#execute' do
+        expect(EE::Gitlab::Auth::Ldap::Sync::AdminUsers).not_to receive(:execute)
       end
 
-      it 'does not call EE::Gitlab::Auth::LDAP::Sync::ExternalUsers#execute' do
-        expect(EE::Gitlab::Auth::LDAP::Sync::ExternalUsers).not_to receive(:execute)
+      it 'does not call EE::Gitlab::Auth::Ldap::Sync::ExternalUsers#execute' do
+        expect(EE::Gitlab::Auth::Ldap::Sync::ExternalUsers).not_to receive(:execute)
       end
     end
 
@@ -41,16 +41,16 @@ describe EE::Gitlab::Auth::LDAP::Sync::Groups do
           stub_ldap_config(group_base: 'dc=example,dc=com')
         end
 
-        it 'calls EE::Gitlab::Auth::LDAP::Sync::Group#execute' do
-          expect(EE::Gitlab::Auth::LDAP::Sync::Group).to receive(:execute).twice
+        it 'calls EE::Gitlab::Auth::Ldap::Sync::Group#execute' do
+          expect(EE::Gitlab::Auth::Ldap::Sync::Group).to receive(:execute).twice
         end
 
-        it 'does not call EE::Gitlab::Auth::LDAP::Sync::AdminUsers#execute' do
-          expect(EE::Gitlab::Auth::LDAP::Sync::AdminUsers).not_to receive(:execute)
+        it 'does not call EE::Gitlab::Auth::Ldap::Sync::AdminUsers#execute' do
+          expect(EE::Gitlab::Auth::Ldap::Sync::AdminUsers).not_to receive(:execute)
         end
 
-        it 'does not call EE::Gitlab::Auth::LDAP::Sync::ExternalUsers#execute' do
-          expect(EE::Gitlab::Auth::LDAP::Sync::ExternalUsers).not_to receive(:execute)
+        it 'does not call EE::Gitlab::Auth::Ldap::Sync::ExternalUsers#execute' do
+          expect(EE::Gitlab::Auth::Ldap::Sync::ExternalUsers).not_to receive(:execute)
         end
       end
 
@@ -62,16 +62,16 @@ describe EE::Gitlab::Auth::LDAP::Sync::Groups do
           )
         end
 
-        it 'calls EE::Gitlab::Auth::LDAP::Sync::Group#execute' do
-          expect(EE::Gitlab::Auth::LDAP::Sync::Group).to receive(:execute).twice
+        it 'calls EE::Gitlab::Auth::Ldap::Sync::Group#execute' do
+          expect(EE::Gitlab::Auth::Ldap::Sync::Group).to receive(:execute).twice
         end
 
-        it 'does not call EE::Gitlab::Auth::LDAP::Sync::AdminUsers#execute' do
-          expect(EE::Gitlab::Auth::LDAP::Sync::AdminUsers).to receive(:execute).once
+        it 'does not call EE::Gitlab::Auth::Ldap::Sync::AdminUsers#execute' do
+          expect(EE::Gitlab::Auth::Ldap::Sync::AdminUsers).to receive(:execute).once
         end
 
-        it 'does not call EE::Gitlab::Auth::LDAP::Sync::ExternalUsers#execute' do
-          expect(EE::Gitlab::Auth::LDAP::Sync::ExternalUsers).not_to receive(:execute)
+        it 'does not call EE::Gitlab::Auth::Ldap::Sync::ExternalUsers#execute' do
+          expect(EE::Gitlab::Auth::Ldap::Sync::ExternalUsers).not_to receive(:execute)
         end
       end
 
@@ -83,16 +83,16 @@ describe EE::Gitlab::Auth::LDAP::Sync::Groups do
           )
         end
 
-        it 'calls EE::Gitlab::Auth::LDAP::Sync::Group#execute' do
-          expect(EE::Gitlab::Auth::LDAP::Sync::Group).to receive(:execute).twice
+        it 'calls EE::Gitlab::Auth::Ldap::Sync::Group#execute' do
+          expect(EE::Gitlab::Auth::Ldap::Sync::Group).to receive(:execute).twice
         end
 
-        it 'does not call EE::Gitlab::Auth::LDAP::Sync::AdminUsers#execute' do
-          expect(EE::Gitlab::Auth::LDAP::Sync::AdminUsers).not_to receive(:execute)
+        it 'does not call EE::Gitlab::Auth::Ldap::Sync::AdminUsers#execute' do
+          expect(EE::Gitlab::Auth::Ldap::Sync::AdminUsers).not_to receive(:execute)
         end
 
-        it 'does not call EE::Gitlab::Auth::LDAP::Sync::ExternalUsers#execute' do
-          expect(EE::Gitlab::Auth::LDAP::Sync::ExternalUsers).to receive(:execute).once
+        it 'does not call EE::Gitlab::Auth::Ldap::Sync::ExternalUsers#execute' do
+          expect(EE::Gitlab::Auth::Ldap::Sync::ExternalUsers).to receive(:execute).once
         end
       end
     end

ee/spec/lib/ee/gitlab/auth/ldap/sync/proxy_spec.rb

@@ -3,7 +3,7 @@
 require 'spec_helper'
 require 'net/ldap/dn'
 
-describe EE::Gitlab::Auth::LDAP::Sync::Proxy do
+describe EE::Gitlab::Auth::Ldap::Sync::Proxy do
   include LdapHelpers
 
   let(:adapter) { ldap_adapter }
@@ -66,7 +66,7 @@ describe EE::Gitlab::Auth::LDAP::Sync::Proxy do
         sync_proxy.dns_for_group_cn('ldap_group1')
 
         expect(sync_proxy).not_to receive(:ldap_group_member_dns)
-        expect(EE::Gitlab::Auth::LDAP::Group).not_to receive(:find_by_cn)
+        expect(EE::Gitlab::Auth::Ldap::Group).not_to receive(:find_by_cn)
 
         sync_proxy.dns_for_group_cn('ldap_group1')
       end
@@ -119,7 +119,7 @@ describe EE::Gitlab::Auth::LDAP::Sync::Proxy do
       end
 
       it 'raises exception' do
-        expect { sync_proxy.dns_for_group_cn('ldap_group1') }.to raise_error(::Gitlab::Auth::LDAP::LDAPConnectionError)
+        expect { sync_proxy.dns_for_group_cn('ldap_group1') }.to raise_error(::Gitlab::Auth::Ldap::LdapConnectionError)
       end
     end
   end
@@ -143,7 +143,7 @@ describe EE::Gitlab::Auth::LDAP::Sync::Proxy do
       end
 
       it 'retrieves the user from LDAP' do
-        expect(::Gitlab::Auth::LDAP::Person).to receive(:find_by_uid)
+        expect(::Gitlab::Auth::Ldap::Person).to receive(:find_by_uid)
 
         sync_proxy.dn_for_uid('jane_doe')
       end
@@ -153,7 +153,7 @@ describe EE::Gitlab::Auth::LDAP::Sync::Proxy do
 
         expect(sync_proxy).not_to receive(:member_uid_to_dn)
         expect(Identity).not_to receive(:find_by)
-        expect(::Gitlab::Auth::LDAP::Person).not_to receive(:find_by_uid)
+        expect(::Gitlab::Auth::Ldap::Person).not_to receive(:find_by_uid)
 
         sync_proxy.dn_for_uid('jane_doe')
       end
@@ -197,7 +197,7 @@ describe EE::Gitlab::Auth::LDAP::Sync::Proxy do
       end
 
       it 'does not query LDAP' do
-        expect(::Gitlab::Auth::LDAP::Person).not_to receive(:find_by_uid)
+        expect(::Gitlab::Auth::Ldap::Person).not_to receive(:find_by_uid)
       end
 
       it 'retrieves the DN from the identity' do
@@ -214,7 +214,7 @@ describe EE::Gitlab::Auth::LDAP::Sync::Proxy do
       end
 
       it 'raises exception' do
-        expect { sync_proxy.dns_for_group_cn('ldap_group1') }.to raise_error(::Gitlab::Auth::LDAP::LDAPConnectionError)
+        expect { sync_proxy.dns_for_group_cn('ldap_group1') }.to raise_error(::Gitlab::Auth::Ldap::LdapConnectionError)
       end
     end
   end

ee/spec/lib/gitlab/auth/ldap/access_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::Access do
+describe Gitlab::Auth::Ldap::Access do
   include LdapHelpers
 
   let(:user) { create(:omniauth_user) }
@@ -13,15 +13,15 @@ describe Gitlab::Auth::LDAP::Access do
   describe '#allowed?' do
     context 'LDAP user' do
       it 'finds a user by dn first' do
-        expect(Gitlab::Auth::LDAP::Person).to receive(:find_by_dn).and_return(:ldap_user)
-        expect(Gitlab::Auth::LDAP::Person).not_to receive(:find_by_email)
+        expect(Gitlab::Auth::Ldap::Person).to receive(:find_by_dn).and_return(:ldap_user)
+        expect(Gitlab::Auth::Ldap::Person).not_to receive(:find_by_email)
 
         access.allowed?
       end
 
       it 'finds a user by email if not found by dn' do
-        expect(Gitlab::Auth::LDAP::Person).to receive(:find_by_dn).and_return(nil)
-        expect(Gitlab::Auth::LDAP::Person).to receive(:find_by_email)
+        expect(Gitlab::Auth::Ldap::Person).to receive(:find_by_dn).and_return(nil)
+        expect(Gitlab::Auth::Ldap::Person).to receive(:find_by_email)
 
         access.allowed?
       end
@@ -35,12 +35,12 @@ describe Gitlab::Auth::LDAP::Access do
 
       context 'when exists in LDAP/AD' do
         before do
-          allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_dn).and_return(user)
+          allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_dn).and_return(user)
         end
 
         context 'user blocked in LDAP/AD' do
           before do
-            allow(Gitlab::Auth::LDAP::Person).to receive(:disabled_via_active_directory?).and_return(true)
+            allow(Gitlab::Auth::Ldap::Person).to receive(:disabled_via_active_directory?).and_return(true)
           end
 
           it 'blocks user in GitLab' do
@@ -65,7 +65,7 @@ describe Gitlab::Auth::LDAP::Access do
         context 'user unblocked in LDAP/AD' do
           before do
             user.update_column(:state, :ldap_blocked)
-            allow(Gitlab::Auth::LDAP::Person).to receive(:disabled_via_active_directory?).and_return(false)
+            allow(Gitlab::Auth::Ldap::Person).to receive(:disabled_via_active_directory?).and_return(false)
           end
 
           it 'unblocks user in GitLab' do
@@ -327,14 +327,14 @@ describe Gitlab::Auth::LDAP::Access do
       end
 
       it 'adds a Kerberos identity if it is in Active Directory but not in GitLab' do
-        allow_any_instance_of(EE::Gitlab::Auth::LDAP::Person).to receive_messages(kerberos_principal: 'mylogin@FOO.COM')
+        allow_any_instance_of(EE::Gitlab::Auth::Ldap::Person).to receive_messages(kerberos_principal: 'mylogin@FOO.COM')
 
         expect { access.update_user }.to change(user.identities.where(provider: :kerberos), :count).from(0).to(1)
         expect(user.identities.where(provider: 'kerberos').last.extern_uid).to eq('mylogin@FOO.COM')
       end
 
       it 'updates existing Kerberos identity in GitLab if Active Directory has a different one' do
-        allow_any_instance_of(EE::Gitlab::Auth::LDAP::Person).to receive_messages(kerberos_principal: 'otherlogin@BAR.COM')
+        allow_any_instance_of(EE::Gitlab::Auth::Ldap::Person).to receive_messages(kerberos_principal: 'otherlogin@BAR.COM')
         user.identities.build(provider: 'kerberos', extern_uid: 'mylogin@FOO.COM').save
 
         expect { access.update_user }.not_to change(user.identities.where(provider: 'kerberos'), :count)
@@ -342,7 +342,7 @@ describe Gitlab::Auth::LDAP::Access do
       end
 
       it 'does not remove Kerberos identities from GitLab if they are none in the LDAP provider' do
-        allow_any_instance_of(EE::Gitlab::Auth::LDAP::Person).to receive_messages(kerberos_principal: nil)
+        allow_any_instance_of(EE::Gitlab::Auth::Ldap::Person).to receive_messages(kerberos_principal: nil)
         user.identities.build(provider: 'kerberos', extern_uid: 'otherlogin@BAR.COM').save
 
         expect { access.update_user }.not_to change(user.identities.where(provider: 'kerberos'), :count)
@@ -350,14 +350,14 @@ describe Gitlab::Auth::LDAP::Access do
       end
 
       it 'does not modify identities in GitLab if they are no kerberos principal in the LDAP provider' do
-        allow_any_instance_of(EE::Gitlab::Auth::LDAP::Person).to receive_messages(kerberos_principal: nil)
+        allow_any_instance_of(EE::Gitlab::Auth::Ldap::Person).to receive_messages(kerberos_principal: nil)
 
         expect { access.update_user }.not_to change(user.identities, :count)
       end
 
       it 'does not add a Kerberos identity when in a read-only GitLab instance' do
         allow(Gitlab::Database).to receive(:read_only?).and_return(true)
-        allow_any_instance_of(EE::Gitlab::Auth::LDAP::Person).to receive_messages(kerberos_principal: 'mylogin@FOO.COM')
+        allow_any_instance_of(EE::Gitlab::Auth::Ldap::Person).to receive_messages(kerberos_principal: 'mylogin@FOO.COM')
 
         expect { access.update_user }.not_to change(user.identities.where(provider: :kerberos), :count)
       end

ee/spec/lib/gitlab/auth/ldap/adapter_spec.rb

@@ -2,13 +2,13 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::Adapter do
+describe Gitlab::Auth::Ldap::Adapter do
   include LdapHelpers
 
   let(:adapter) { ldap_adapter('ldapmain') }
 
   it 'includes the EE module' do
-    expect(described_class).to include_module(EE::Gitlab::Auth::LDAP::Adapter)
+    expect(described_class).to include_module(EE::Gitlab::Auth::Ldap::Adapter)
   end
 
   describe '#groups' do
@@ -36,7 +36,7 @@ describe Gitlab::Auth::LDAP::Adapter do
 
       results = adapter.groups('group1')
 
-      expect(results.first).to be_a(EE::Gitlab::Auth::LDAP::Group)
+      expect(results.first).to be_a(EE::Gitlab::Auth::Ldap::Group)
       expect(results.first.cn).to eq('group1')
       expect(results.first.member_dns).to match_array(%w(uid=john uid=mary))
     end
@@ -77,7 +77,7 @@ describe Gitlab::Auth::LDAP::Adapter do
       end
 
       it 'returns a person object' do
-        expect(subject).to be_a(::EE::Gitlab::Auth::LDAP::Person)
+        expect(subject).to be_a(::EE::Gitlab::Auth::Ldap::Person)
       end
 
       it 'returns correct attributes' do

ee/spec/lib/gitlab/auth/ldap/person_spec.rb

@@ -2,13 +2,13 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::Person do
+describe Gitlab::Auth::Ldap::Person do
   include LdapHelpers
 
   let(:entry) { ldap_user_entry('john.doe') }
 
   it 'includes the EE module' do
-    expect(described_class).to include(EE::Gitlab::Auth::LDAP::Person)
+    expect(described_class).to include(EE::Gitlab::Auth::Ldap::Person)
   end
 
   describe '.ldap_attributes' do
@@ -98,7 +98,7 @@ describe Gitlab::Auth::LDAP::Person do
       )
     end
 
-    let(:config) { Gitlab::Auth::LDAP::Config.new('ldapmain') }
+    let(:config) { Gitlab::Auth::Ldap::Config.new('ldapmain') }
     let(:ldap_attributes) { described_class.ldap_attributes(config) }
     let(:expected_attributes) { %w(dn cn uid mail memberof) }
 
@@ -154,7 +154,7 @@ describe Gitlab::Auth::LDAP::Person do
     subject { described_class.new(entry, 'ldapmain') }
 
     before do
-      allow_next_instance_of(Gitlab::Auth::LDAP::Config) do |instance|
+      allow_next_instance_of(Gitlab::Auth::Ldap::Config) do |instance|
         allow(instance).to receive_messages(sync_ssh_keys: ssh_key_attribute_name)
       end
     end

ee/spec/lib/gitlab/auth/ldap/user_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::User do
+describe Gitlab::Auth::Ldap::User do
   include LdapHelpers
 
   let(:ldap_user) { described_class.new(auth_hash) }
@@ -28,7 +28,7 @@ describe Gitlab::Auth::LDAP::User do
   end
 
   it 'includes the EE module' do
-    expect(described_class).to include_module(EE::Gitlab::Auth::LDAP::User)
+    expect(described_class).to include_module(EE::Gitlab::Auth::Ldap::User)
   end
 
   describe '#initialize' do

ee/spec/lib/gitlab/auth/smartcard/ldap_certificate_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::Smartcard::LDAPCertificate do
+describe Gitlab::Auth::Smartcard::LdapCertificate do
   let(:certificate_header) { 'certificate' }
   let(:openssl_certificate_store) { instance_double(OpenSSL::X509::Store) }
   let(:user_build_service) { instance_double(Users::BuildService) }

ee/spec/models/ldap_group_link_spec.rb

@@ -60,7 +60,7 @@ describe LdapGroupLink do
       end
 
       it 'defaults to the first ldap server if empty' do
-        expect( klass.new.provider ).to eql Gitlab::Auth::LDAP::Config.providers.first
+        expect( klass.new.provider ).to eql Gitlab::Auth::Ldap::Config.providers.first
       end
     end
   end

ee/spec/requests/api/groups_spec.rb

@@ -201,7 +201,7 @@ describe API::Groups do
 
   describe 'POST /groups/:id/ldap_sync' do
     before do
-      allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
+      allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
     end
 
     context 'when the ldap_group_sync feature is available' do

ee/spec/requests/api/ldap_spec.rb

@@ -16,8 +16,8 @@ describe API::Ldap do
       OpenStruct.new(cn: 'students')
     ]
 
-    allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
-    allow(Gitlab::Auth::LDAP::Adapter).to receive(:new).and_return(adapter)
+    allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
+    allow(Gitlab::Auth::Ldap::Adapter).to receive(:new).and_return(adapter)
     allow(adapter).to receive_messages(groups: groups)
     stub_application_setting(allow_group_owners_to_manage_ldap: false)
   end

ee/spec/requests/smartcard_controller_spec.rb

@@ -184,7 +184,7 @@ describe SmartcardController, type: :request do
     before do
       allow(Gitlab::Auth::Smartcard).to receive(:enabled?).and_return(true)
 
-      allow(Gitlab::Auth::Smartcard::LDAPCertificate).to(
+      allow(Gitlab::Auth::Smartcard::LdapCertificate).to(
         receive(:store).and_return(openssl_certificate_store))
       allow(openssl_certificate_store).to receive(:verify).and_return(true)
 

ee/spec/support/helpers/ee/ldap_helpers.rb

@@ -3,12 +3,12 @@
 module EE
   module LdapHelpers
     def proxy(adapter, provider = 'ldapmain')
-      EE::Gitlab::Auth::LDAP::Sync::Proxy.new(provider, adapter)
+      EE::Gitlab::Auth::Ldap::Sync::Proxy.new(provider, adapter)
     end
 
     def fake_ldap_sync_proxy(provider)
       fake_proxy = double(:proxy, adapter: ldap_adapter)
-      allow(::EE::Gitlab::Auth::LDAP::Sync::Proxy).to receive(:open).with(provider).and_yield(fake_proxy)
+      allow(::EE::Gitlab::Auth::Ldap::Sync::Proxy).to receive(:open).with(provider).and_yield(fake_proxy)
       fake_proxy
     end
 
@@ -16,22 +16,22 @@ module EE
     # `entry` to simulate when an LDAP group is not found
     #
     # Example:
-    #  adapter = ::Gitlab::Auth::LDAP::Adapter.new('ldapmain', double(:ldap))
+    #  adapter = ::Gitlab::Auth::Ldap::Adapter.new('ldapmain', double(:ldap))
     #  ldap_group1 = ldap_group_entry('uid=user,ou=users,dc=example,dc=com')
     #
     #  stub_ldap_group_find_by_cn('ldap_group1', ldap_group1, adapter)
     def stub_ldap_group_find_by_cn(cn, entry, adapter = nil)
       if entry.present?
-        return_value = EE::Gitlab::Auth::LDAP::Group.new(entry, adapter)
+        return_value = EE::Gitlab::Auth::Ldap::Group.new(entry, adapter)
       end
 
-      allow(EE::Gitlab::Auth::LDAP::Group)
+      allow(EE::Gitlab::Auth::Ldap::Group)
         .to receive(:find_by_cn)
-          .with(cn, kind_of(::Gitlab::Auth::LDAP::Adapter)).and_return(return_value)
+          .with(cn, kind_of(::Gitlab::Auth::Ldap::Adapter)).and_return(return_value)
     end
 
     def unstub_ldap_group_find_by_cn
-      allow(EE::Gitlab::Auth::LDAP::Group)
+      allow(EE::Gitlab::Auth::Ldap::Group)
         .to receive(:find_by_cn).and_call_original
     end
 
@@ -107,7 +107,7 @@ module EE
     # Stub Active Directory range member retrieval.
     #
     # Example:
-    #  adapter = ::Gitlab::Auth::LDAP::Adapter.new('ldapmain', double(:ldap))
+    #  adapter = ::Gitlab::Auth::Ldap::Adapter.new('ldapmain', double(:ldap))
     #  group_entry_page1 = ldap_group_entry_with_member_range(
     #    [user_dn('user1'), user_dn('user2'), user_dn('user3')],
     #    range_start: '0',
@@ -118,7 +118,7 @@ module EE
     #    range_start: '3',
     #    range_end: '*'
     #  )
-    #  group = EE::Gitlab::Auth::LDAP::Group.new(group_entry_page1, adapter)
+    #  group = EE::Gitlab::Auth::Ldap::Group.new(group_entry_page1, adapter)
     #
     #  stub_ldap_adapter_group_members_in_range(group_entry_page2, adapter, range_start: '3')
     def stub_ldap_adapter_group_members_in_range(
@@ -131,7 +131,7 @@ module EE
     end
 
     def stub_ldap_adapter_nested_groups(parent_dn, entries = [], adapter = ldap_adapter)
-      groups = entries.map { |entry| EE::Gitlab::Auth::LDAP::Group.new(entry, adapter) }
+      groups = entries.map { |entry| EE::Gitlab::Auth::Ldap::Group.new(entry, adapter) }
 
       allow(adapter).to receive(:nested_groups).with(parent_dn).and_return(groups)
     end

ee/spec/workers/ldap_all_groups_sync_worker_spec.rb

@@ -7,13 +7,13 @@ describe LdapAllGroupsSyncWorker do
 
   before do
     allow(Sidekiq.logger).to receive(:info)
-    allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
+    allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
   end
 
   describe '#perform' do
     context 'with the default license key' do
       it 'syncs all groups when group_id is nil' do
-        expect(EE::Gitlab::Auth::LDAP::Sync::Groups).to receive(:execute)
+        expect(EE::Gitlab::Auth::Ldap::Sync::Groups).to receive(:execute)
 
         subject.perform
       end
@@ -25,7 +25,7 @@ describe LdapAllGroupsSyncWorker do
       end
 
       it 'does not sync all groups' do
-        expect(EE::Gitlab::Auth::LDAP::Sync::Groups).not_to receive(:execute)
+        expect(EE::Gitlab::Auth::Ldap::Sync::Groups).not_to receive(:execute)
 
         subject.perform
       end

ee/spec/workers/ldap_group_sync_worker_spec.rb

@@ -9,14 +9,14 @@ describe LdapGroupSyncWorker do
 
   def expect_fake_proxy(provider)
     fake = double
-    expect(EE::Gitlab::Auth::LDAP::Sync::Proxy)
+    expect(EE::Gitlab::Auth::Ldap::Sync::Proxy)
       .to receive(:open).with(provider).and_yield(fake)
     fake
   end
 
   before do
     allow(Sidekiq.logger).to receive(:info)
-    allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
+    allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
   end
 
   describe '#perform' do
@@ -65,16 +65,16 @@ describe LdapGroupSyncWorker do
 
   describe '#sync_group' do
     it 'syncs a single provider when a provider was given' do
-      proxy = EE::Gitlab::Auth::LDAP::Sync::Proxy.new('ldapmain', ldap_adapter)
+      proxy = EE::Gitlab::Auth::Ldap::Sync::Proxy.new('ldapmain', ldap_adapter)
 
-      expect(EE::Gitlab::Auth::LDAP::Sync::Group).to receive(:execute)
+      expect(EE::Gitlab::Auth::Ldap::Sync::Group).to receive(:execute)
                                                    .with(group, proxy)
 
       subject.sync_group(group, proxy: proxy)
     end
 
     it 'syncs all providers when no proxy was given' do
-      expect(EE::Gitlab::Auth::LDAP::Sync::Group).to receive(:execute_all_providers)
+      expect(EE::Gitlab::Auth::Ldap::Sync::Group).to receive(:execute_all_providers)
                                                    .with(group)
 
       subject.sync_group(group)

ee/spec/workers/ldap_sync_worker_spec.rb

@@ -7,7 +7,7 @@ describe LdapSyncWorker do
 
   before do
     allow(Sidekiq.logger).to receive(:info)
-    allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
+    allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
 
     create(:omniauth_user, provider: 'ldapmain')
   end
@@ -15,7 +15,7 @@ describe LdapSyncWorker do
   describe '#perform' do
     context 'with the default license key' do
       it 'syncs all LDAP users' do
-        expect(Gitlab::Auth::LDAP::Access).to receive(:allowed?)
+        expect(Gitlab::Auth::Ldap::Access).to receive(:allowed?)
 
         subject.perform
       end
@@ -27,7 +27,7 @@ describe LdapSyncWorker do
       end
 
       it 'does not sync LDAP users' do
-        expect(Gitlab::Auth::LDAP::Access).not_to receive(:allowed?)
+        expect(Gitlab::Auth::Ldap::Access).not_to receive(:allowed?)
 
         subject.perform
       end

lib/gitlab/auth.rb

@@ -88,7 +88,7 @@ module Gitlab
           else
             # If no user is provided, try LDAP.
             #   LDAP users are only authenticated via LDAP
-            authenticators << Gitlab::Auth::LDAP::Authentication
+            authenticators << Gitlab::Auth::Ldap::Authentication
           end
 
           authenticators.compact!
@@ -134,7 +134,7 @@ module Gitlab
       end
 
       def authenticate_using_internal_or_ldap_password?
-        Gitlab::CurrentSettings.password_authentication_enabled_for_git? || Gitlab::Auth::LDAP::Config.enabled?
+        Gitlab::CurrentSettings.password_authentication_enabled_for_git? || Gitlab::Auth::Ldap::Config.enabled?
       end
 
       def service_request_check(login, password, project)

lib/gitlab/auth/ldap/access.rb

@@ -6,14 +6,14 @@
 #
 module Gitlab
   module Auth
-    module LDAP
+    module Ldap
       class Access
-        prepend_if_ee('::EE::Gitlab::Auth::LDAP::Access') # rubocop: disable Cop/InjectEnterpriseEditionModule
+        prepend_if_ee('::EE::Gitlab::Auth::Ldap::Access') # rubocop: disable Cop/InjectEnterpriseEditionModule
 
         attr_reader :provider, :user, :ldap_identity
 
         def self.open(user, &block)
-          Gitlab::Auth::LDAP::Adapter.open(user.ldap_identity.provider) do |adapter|
+          Gitlab::Auth::Ldap::Adapter.open(user.ldap_identity.provider) do |adapter|
             block.call(self.new(user, adapter))
           end
         end
@@ -50,7 +50,7 @@ module Gitlab
             end
 
             # Block user in GitLab if they were blocked in AD
-            if Gitlab::Auth::LDAP::Person.disabled_via_active_directory?(ldap_identity.extern_uid, adapter)
+            if Gitlab::Auth::Ldap::Person.disabled_via_active_directory?(ldap_identity.extern_uid, adapter)
               block_user(user, 'is disabled in Active Directory')
               false
             else
@@ -62,7 +62,7 @@ module Gitlab
             block_user(user, 'does not exist anymore')
             false
           end
-        rescue LDAPConnectionError
+        rescue LdapConnectionError
           false
         end
 
@@ -73,11 +73,11 @@ module Gitlab
         private
 
         def adapter
-          @adapter ||= Gitlab::Auth::LDAP::Adapter.new(provider)
+          @adapter ||= Gitlab::Auth::Ldap::Adapter.new(provider)
         end
 
         def ldap_config
-          Gitlab::Auth::LDAP::Config.new(provider)
+          Gitlab::Auth::Ldap::Config.new(provider)
         end
 
         def ldap_user
@@ -87,7 +87,7 @@ module Gitlab
         end
 
         def find_ldap_user
-          Gitlab::Auth::LDAP::Person.find_by_dn(ldap_identity.extern_uid, adapter)
+          Gitlab::Auth::Ldap::Person.find_by_dn(ldap_identity.extern_uid, adapter)
         end
 
         def block_user(user, reason)

lib/gitlab/auth/ldap/adapter.rb

@@ -2,9 +2,9 @@
 
 module Gitlab
   module Auth
-    module LDAP
+    module Ldap
       class Adapter
-        prepend_if_ee('::EE::Gitlab::Auth::LDAP::Adapter') # rubocop: disable Cop/InjectEnterpriseEditionModule
+        prepend_if_ee('::EE::Gitlab::Auth::Ldap::Adapter') # rubocop: disable Cop/InjectEnterpriseEditionModule
 
         SEARCH_RETRY_FACTOR = [1, 1, 2, 3].freeze
         MAX_SEARCH_RETRIES = Rails.env.test? ? 1 : SEARCH_RETRY_FACTOR.size.freeze
@@ -18,7 +18,7 @@ module Gitlab
         end
 
         def self.config(provider)
-          Gitlab::Auth::LDAP::Config.new(provider)
+          Gitlab::Auth::Ldap::Config.new(provider)
         end
 
         def initialize(provider, ldap = nil)
@@ -27,7 +27,7 @@ module Gitlab
         end
 
         def config
-          Gitlab::Auth::LDAP::Config.new(provider)
+          Gitlab::Auth::Ldap::Config.new(provider)
         end
 
         def users(fields, value, limit = nil)
@@ -75,7 +75,7 @@ module Gitlab
             renew_connection_adapter
             retry
           else
-            raise LDAPConnectionError, error_message
+            raise LdapConnectionError, error_message
           end
         end
 
@@ -91,13 +91,13 @@ module Gitlab
           end
 
           entries.map do |entry|
-            Gitlab::Auth::LDAP::Person.new(entry, provider)
+            Gitlab::Auth::Ldap::Person.new(entry, provider)
           end
         end
 
         def user_options(fields, value, limit)
           options = {
-            attributes: Gitlab::Auth::LDAP::Person.ldap_attributes(config),
+            attributes: Gitlab::Auth::Ldap::Person.ldap_attributes(config),
             base: config.base
           }
 

lib/gitlab/auth/ldap/auth_hash.rb

@@ -4,10 +4,10 @@
 #
 module Gitlab
   module Auth
-    module LDAP
+    module Ldap
       class AuthHash < Gitlab::Auth::OAuth::AuthHash
         def uid
-          @uid ||= Gitlab::Auth::LDAP::Person.normalize_dn(super)
+          @uid ||= Gitlab::Auth::Ldap::Person.normalize_dn(super)
         end
 
         def username
@@ -42,7 +42,7 @@ module Gitlab
         end
 
         def ldap_config
-          @ldap_config ||= Gitlab::Auth::LDAP::Config.new(self.provider)
+          @ldap_config ||= Gitlab::Auth::Ldap::Config.new(self.provider)
         end
       end
     end

lib/gitlab/auth/ldap/authentication.rb

@@ -8,10 +8,10 @@
 
 module Gitlab
   module Auth
-    module LDAP
+    module Ldap
       class Authentication < Gitlab::Auth::OAuth::Authentication
         def self.login(login, password)
-          return unless Gitlab::Auth::LDAP::Config.enabled?
+          return unless Gitlab::Auth::Ldap::Config.enabled?
           return unless login.present? && password.present?
 
           # return found user that was authenticated by first provider for given login credentials
@@ -22,7 +22,7 @@ module Gitlab
         end
 
         def self.providers
-          Gitlab::Auth::LDAP::Config.providers
+          Gitlab::Auth::Ldap::Config.providers
         end
 
         def login(login, password)
@@ -33,7 +33,7 @@ module Gitlab
           )
           return unless result
 
-          @user = Gitlab::Auth::LDAP::User.find_by_uid_and_provider(result.dn, provider)
+          @user = Gitlab::Auth::Ldap::User.find_by_uid_and_provider(result.dn, provider)
         end
 
         def adapter
@@ -41,7 +41,7 @@ module Gitlab
         end
 
         def config
-          Gitlab::Auth::LDAP::Config.new(provider)
+          Gitlab::Auth::Ldap::Config.new(provider)
         end
 
         def user_filter(login)

lib/gitlab/auth/ldap/config.rb

@@ -3,9 +3,9 @@
 # Load a specific server configuration
 module Gitlab
   module Auth
-    module LDAP
+    module Ldap
       class Config
-        prepend_if_ee('::EE::Gitlab::Auth::LDAP::Config') # rubocop: disable Cop/InjectEnterpriseEditionModule
+        prepend_if_ee('::EE::Gitlab::Auth::Ldap::Config') # rubocop: disable Cop/InjectEnterpriseEditionModule
 
         NET_LDAP_ENCRYPTION_METHOD = {
           simple_tls: :simple_tls,

lib/gitlab/auth/ldap/dn.rb

@@ -21,7 +21,7 @@
 # class also helps take care of that.
 module Gitlab
   module Auth
-    module LDAP
+    module Ldap
       class DN
         FormatError = Class.new(StandardError)
         MalformedError = Class.new(FormatError)

lib/gitlab/auth/ldap/ldap_connection_error.rb

@@ -2,8 +2,8 @@
 
 module Gitlab
   module Auth
-    module LDAP
-      LDAPConnectionError = Class.new(StandardError)
+    module Ldap
+      LdapConnectionError = Class.new(StandardError)
     end
   end
 end

lib/gitlab/auth/ldap/person.rb

@@ -2,9 +2,9 @@
 
 module Gitlab
   module Auth
-    module LDAP
+    module Ldap
       class Person
-        prepend_if_ee('::EE::Gitlab::Auth::LDAP::Person') # rubocop: disable Cop/InjectEnterpriseEditionModule
+        prepend_if_ee('::EE::Gitlab::Auth::Ldap::Person') # rubocop: disable Cop/InjectEnterpriseEditionModule
 
         # Active Directory-specific LDAP filter that checks if bit 2 of the
         # userAccountControl attribute is set.
@@ -45,8 +45,8 @@ module Gitlab
         end
 
         def self.normalize_dn(dn)
-          ::Gitlab::Auth::LDAP::DN.new(dn).to_normalized_s
-        rescue ::Gitlab::Auth::LDAP::DN::FormatError => e
+          ::Gitlab::Auth::Ldap::DN.new(dn).to_normalized_s
+        rescue ::Gitlab::Auth::Ldap::DN::FormatError => e
           Rails.logger.info("Returning original DN \"#{dn}\" due to error during normalization attempt: #{e.message}") # rubocop:disable Gitlab/RailsLogger
 
           dn
@@ -57,8 +57,8 @@ module Gitlab
         # 1. Excess spaces are stripped
         # 2. The string is downcased (for case-insensitivity)
         def self.normalize_uid(uid)
-          ::Gitlab::Auth::LDAP::DN.normalize_value(uid)
-        rescue ::Gitlab::Auth::LDAP::DN::FormatError => e
+          ::Gitlab::Auth::Ldap::DN.normalize_value(uid)
+        rescue ::Gitlab::Auth::Ldap::DN::FormatError => e
           Rails.logger.info("Returning original UID \"#{uid}\" due to error during normalization attempt: #{e.message}") # rubocop:disable Gitlab/RailsLogger
 
           uid
@@ -103,7 +103,7 @@ module Gitlab
         attr_reader :entry
 
         def config
-          @config ||= Gitlab::Auth::LDAP::Config.new(provider)
+          @config ||= Gitlab::Auth::Ldap::Config.new(provider)
         end
 
         # Using the LDAP attributes configuration, find and return the first

lib/gitlab/auth/ldap/user.rb

@@ -8,10 +8,10 @@
 #
 module Gitlab
   module Auth
-    module LDAP
+    module Ldap
       class User < Gitlab::Auth::OAuth::User
         extend ::Gitlab::Utils::Override
-        prepend_if_ee('::EE::Gitlab::Auth::LDAP::User') # rubocop: disable Cop/InjectEnterpriseEditionModule
+        prepend_if_ee('::EE::Gitlab::Auth::Ldap::User') # rubocop: disable Cop/InjectEnterpriseEditionModule
 
         class << self
           # rubocop: disable CodeReuse/ActiveRecord
@@ -46,7 +46,7 @@ module Gitlab
         end
 
         def allowed?
-          Gitlab::Auth::LDAP::Access.allowed?(gl_user)
+          Gitlab::Auth::Ldap::Access.allowed?(gl_user)
         end
 
         def valid_sign_in?
@@ -54,11 +54,11 @@ module Gitlab
         end
 
         def ldap_config
-          Gitlab::Auth::LDAP::Config.new(auth_hash.provider)
+          Gitlab::Auth::Ldap::Config.new(auth_hash.provider)
         end
 
         def auth_hash=(auth_hash)
-          @auth_hash = Gitlab::Auth::LDAP::AuthHash.new(auth_hash)
+          @auth_hash = Gitlab::Auth::Ldap::AuthHash.new(auth_hash)
         end
       end
     end

lib/gitlab/auth/o_auth/provider.rb

@@ -18,7 +18,7 @@ module Gitlab
           authenticator =
             case provider
             when /^ldap/
-              Gitlab::Auth::LDAP::Authentication
+              Gitlab::Auth::Ldap::Authentication
             when 'database'
               Gitlab::Auth::Database::Authentication
             end
@@ -60,8 +60,8 @@ module Gitlab
         def self.config_for(name)
           name = name.to_s
           if ldap_provider?(name)
-            if Gitlab::Auth::LDAP::Config.valid_provider?(name)
-              Gitlab::Auth::LDAP::Config.new(name).options
+            if Gitlab::Auth::Ldap::Config.valid_provider?(name)
+              Gitlab::Auth::Ldap::Config.new(name).options
             else
               nil
             end

lib/gitlab/auth/o_auth/user.rb

@@ -111,7 +111,7 @@ module Gitlab
         def find_or_build_ldap_user
           return unless ldap_person
 
-          user = Gitlab::Auth::LDAP::User.find_by_uid_and_provider(ldap_person.dn, ldap_person.provider)
+          user = Gitlab::Auth::Ldap::User.find_by_uid_and_provider(ldap_person.dn, ldap_person.provider)
           if user
             log.info "LDAP account found for user #{user.username}. Building new #{auth_hash.provider} identity."
             return user
@@ -141,8 +141,8 @@ module Gitlab
           return @ldap_person if defined?(@ldap_person)
 
           # Look for a corresponding person with same uid in any of the configured LDAP providers
-          Gitlab::Auth::LDAP::Config.providers.each do |provider|
-            adapter = Gitlab::Auth::LDAP::Adapter.new(provider)
+          Gitlab::Auth::Ldap::Config.providers.each do |provider|
+            adapter = Gitlab::Auth::Ldap::Adapter.new(provider)
             @ldap_person = find_ldap_person(auth_hash, adapter)
             break if @ldap_person
           end
@@ -150,15 +150,15 @@ module Gitlab
         end
 
         def find_ldap_person(auth_hash, adapter)
-          Gitlab::Auth::LDAP::Person.find_by_uid(auth_hash.uid, adapter) ||
-            Gitlab::Auth::LDAP::Person.find_by_email(auth_hash.uid, adapter) ||
-            Gitlab::Auth::LDAP::Person.find_by_dn(auth_hash.uid, adapter)
-        rescue Gitlab::Auth::LDAP::LDAPConnectionError
+          Gitlab::Auth::Ldap::Person.find_by_uid(auth_hash.uid, adapter) ||
+            Gitlab::Auth::Ldap::Person.find_by_email(auth_hash.uid, adapter) ||
+            Gitlab::Auth::Ldap::Person.find_by_dn(auth_hash.uid, adapter)
+        rescue Gitlab::Auth::Ldap::LdapConnectionError
           nil
         end
 
         def ldap_config
-          Gitlab::Auth::LDAP::Config.new(ldap_person.provider) if ldap_person
+          Gitlab::Auth::Ldap::Config.new(ldap_person.provider) if ldap_person
         end
 
         def needs_blocking?

lib/gitlab/user_access.rb

@@ -33,7 +33,7 @@ module Gitlab
       return false unless can_access_git?
 
       if user.requires_ldap_check? && user.try_obtain_ldap_lease
-        return false unless Gitlab::Auth::LDAP::Access.allowed?(user)
+        return false unless Gitlab::Auth::Ldap::Access.allowed?(user)
       end
 
       true

lib/system_check/ldap_check.rb

@@ -6,7 +6,7 @@ module SystemCheck
     set_name 'LDAP:'
 
     def multi_check
-      if Gitlab::Auth::LDAP::Config.enabled?
+      if Gitlab::Auth::Ldap::Config.enabled?
         # Only show up to 100 results because LDAP directories can be very big.
         # This setting only affects the `rake gitlab:check` script.
         limit = ENV['LDAP_CHECK_LIMIT']
@@ -21,13 +21,13 @@ module SystemCheck
     private
 
     def check_ldap(limit)
-      servers = Gitlab::Auth::LDAP::Config.providers
+      servers = Gitlab::Auth::Ldap::Config.providers
 
       servers.each do |server|
         $stdout.puts "Server: #{server}"
 
         begin
-          Gitlab::Auth::LDAP::Adapter.open(server) do |adapter|
+          Gitlab::Auth::Ldap::Adapter.open(server) do |adapter|
             check_ldap_auth(adapter)
 
             $stdout.puts "LDAP users with access to your GitLab server (only showing the first #{limit} results)"

lib/tasks/gitlab/cleanup.rake

@@ -13,7 +13,7 @@ namespace :gitlab do
 
         print "#{user.name} (#{user.ldap_identity.extern_uid}) ..."
 
-        if Gitlab::Auth::LDAP::Access.allowed?(user)
+        if Gitlab::Auth::Ldap::Access.allowed?(user)
           puts " [OK]".color(:green)
         else
           if block_flag

spec/helpers/auth_helper_spec.rb

@@ -56,7 +56,7 @@ describe AuthHelper do
 
   describe 'any_form_based_providers_enabled?' do
     before do
-      allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
+      allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
     end
 
     it 'detects form-based providers' do

spec/lib/gitlab/auth/ldap/access_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::Access do
+describe Gitlab::Auth::Ldap::Access do
   include LdapHelpers
 
   let(:user) { create(:omniauth_user) }
@@ -64,7 +64,7 @@ describe Gitlab::Auth::LDAP::Access do
 
       context 'and the user is disabled via active directory' do
         before do
-          allow(Gitlab::Auth::LDAP::Person).to receive(:disabled_via_active_directory?).and_return(true)
+          allow(Gitlab::Auth::Ldap::Person).to receive(:disabled_via_active_directory?).and_return(true)
         end
 
         it 'returns false' do
@@ -90,7 +90,7 @@ describe Gitlab::Auth::LDAP::Access do
 
       context 'and has no disabled flag in active directory' do
         before do
-          allow(Gitlab::Auth::LDAP::Person).to receive(:disabled_via_active_directory?).and_return(false)
+          allow(Gitlab::Auth::Ldap::Person).to receive(:disabled_via_active_directory?).and_return(false)
         end
 
         it { is_expected.to be_truthy }
@@ -135,8 +135,8 @@ describe Gitlab::Auth::LDAP::Access do
 
       context 'without ActiveDirectory enabled' do
         before do
-          allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
-          allow_next_instance_of(Gitlab::Auth::LDAP::Config) do |instance|
+          allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
+          allow_next_instance_of(Gitlab::Auth::Ldap::Config) do |instance|
             allow(instance).to receive(:active_directory).and_return(false)
           end
         end

spec/lib/gitlab/auth/ldap/adapter_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::Adapter do
+describe Gitlab::Auth::Ldap::Adapter do
   include LdapHelpers
 
   let(:ldap) { double(:ldap) }
@@ -138,7 +138,7 @@ describe Gitlab::Auth::LDAP::Adapter do
 
         it 'as many times as MAX_SEARCH_RETRIES' do
           expect(ldap).to receive(:search).exactly(3).times
-          expect { subject }.to raise_error(Gitlab::Auth::LDAP::LDAPConnectionError)
+          expect { subject }.to raise_error(Gitlab::Auth::Ldap::LdapConnectionError)
         end
 
         context 'when no more retries' do
@@ -147,11 +147,11 @@ describe Gitlab::Auth::LDAP::Adapter do
           end
 
           it 'raises the exception' do
-            expect { subject }.to raise_error(Gitlab::Auth::LDAP::LDAPConnectionError)
+            expect { subject }.to raise_error(Gitlab::Auth::Ldap::LdapConnectionError)
           end
 
           it 'logs the error' do
-            expect { subject }.to raise_error(Gitlab::Auth::LDAP::LDAPConnectionError)
+            expect { subject }.to raise_error(Gitlab::Auth::Ldap::LdapConnectionError)
             expect(Rails.logger).to have_received(:warn).with(
               "LDAP search raised exception Net::LDAP::Error: some error")
           end
@@ -161,6 +161,6 @@ describe Gitlab::Auth::LDAP::Adapter do
   end
 
   def ldap_attributes
-    Gitlab::Auth::LDAP::Person.ldap_attributes(Gitlab::Auth::LDAP::Config.new('ldapmain'))
+    Gitlab::Auth::Ldap::Person.ldap_attributes(Gitlab::Auth::Ldap::Config.new('ldapmain'))
   end
 end

spec/lib/gitlab/auth/ldap/auth_hash_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::AuthHash do
+describe Gitlab::Auth::Ldap::AuthHash do
   include LdapHelpers
 
   let(:auth_hash) do
@@ -58,7 +58,7 @@ describe Gitlab::Auth::LDAP::AuthHash do
     end
 
     before do
-      allow_next_instance_of(Gitlab::Auth::LDAP::Config) do |instance|
+      allow_next_instance_of(Gitlab::Auth::Ldap::Config) do |instance|
         allow(instance).to receive(:attributes).and_return(attributes)
       end
     end

spec/lib/gitlab/auth/ldap/authentication_spec.rb

@@ -2,15 +2,15 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::Authentication do
+describe Gitlab::Auth::Ldap::Authentication do
   let(:dn)       { 'uid=John Smith, ou=People, dc=example, dc=com' }
-  let(:user)     { create(:omniauth_user, extern_uid: Gitlab::Auth::LDAP::Person.normalize_dn(dn)) }
+  let(:user)     { create(:omniauth_user, extern_uid: Gitlab::Auth::Ldap::Person.normalize_dn(dn)) }
   let(:login)    { 'john' }
   let(:password) { 'password' }
 
   describe 'login' do
     before do
-      allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
+      allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
     end
 
     it "finds the user if authentication is successful" do
@@ -48,7 +48,7 @@ describe Gitlab::Auth::LDAP::Authentication do
     end
 
     it "fails if ldap is disabled" do
-      allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(false)
+      allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(false)
       expect(described_class.login(login, password)).to be_falsey
     end
 

spec/lib/gitlab/auth/ldap/config_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::Config do
+describe Gitlab::Auth::Ldap::Config do
   include LdapHelpers
 
   let(:config) { described_class.new('ldapmain') }

spec/lib/gitlab/auth/ldap/person_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::Person do
+describe Gitlab::Auth::Ldap::Person do
   include LdapHelpers
 
   let(:entry) { ldap_user_entry('john.doe') }
@@ -61,7 +61,7 @@ describe Gitlab::Auth::LDAP::Person do
           }
         }
       )
-      config = Gitlab::Auth::LDAP::Config.new('ldapmain')
+      config = Gitlab::Auth::Ldap::Config.new('ldapmain')
       ldap_attributes = described_class.ldap_attributes(config)
 
       expect(ldap_attributes).to match_array(%w(dn uid cn mail memberof))

spec/lib/gitlab/auth/ldap/user_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Gitlab::Auth::LDAP::User do
+describe Gitlab::Auth::Ldap::User do
   include LdapHelpers
 
   let(:ldap_user) { described_class.new(auth_hash) }

spec/lib/gitlab/auth/o_auth/user_spec.rb

@@ -22,7 +22,7 @@ describe Gitlab::Auth::OAuth::User do
       }
     }
   end
-  let(:ldap_user) { Gitlab::Auth::LDAP::Person.new(Net::LDAP::Entry.new, 'ldapmain') }
+  let(:ldap_user) { Gitlab::Auth::Ldap::Person.new(Net::LDAP::Entry.new, 'ldapmain') }
 
   describe '#persisted?' do
     let!(:existing_user) { create(:omniauth_user, extern_uid: 'my-uid', provider: 'my-provider') }
@@ -230,7 +230,7 @@ describe Gitlab::Auth::OAuth::User do
 
             context "and no account for the LDAP user" do
               before do
-                allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_uid).and_return(ldap_user)
+                allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_uid).and_return(ldap_user)
 
                 oauth_user.save
               end
@@ -269,7 +269,7 @@ describe Gitlab::Auth::OAuth::User do
               let!(:existing_user) { create(:omniauth_user, name: 'John Doe', email: 'john@example.com', extern_uid: dn, provider: 'ldapmain', username: 'john') }
 
               it "adds the omniauth identity to the LDAP account" do
-                allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_uid).and_return(ldap_user)
+                allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_uid).and_return(ldap_user)
 
                 oauth_user.save
 
@@ -290,8 +290,8 @@ describe Gitlab::Auth::OAuth::User do
 
             context 'when an LDAP person is not found by uid' do
               it 'tries to find an LDAP person by email and adds the omniauth identity to the user' do
-                allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_uid).and_return(nil)
-                allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_email).and_return(ldap_user)
+                allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_uid).and_return(nil)
+                allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_email).and_return(ldap_user)
 
                 oauth_user.save
 
@@ -301,9 +301,9 @@ describe Gitlab::Auth::OAuth::User do
 
               context 'when also not found by email' do
                 it 'tries to find an LDAP person by DN and adds the omniauth identity to the user' do
-                  allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_uid).and_return(nil)
-                  allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_email).and_return(nil)
-                  allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_dn).and_return(ldap_user)
+                  allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_uid).and_return(nil)
+                  allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_email).and_return(nil)
+                  allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_dn).and_return(ldap_user)
 
                   oauth_user.save
 
@@ -344,7 +344,7 @@ describe Gitlab::Auth::OAuth::User do
 
             context 'and no account for the LDAP user' do
               it 'creates a user favoring the LDAP username and strips email domain' do
-                allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_uid).and_return(ldap_user)
+                allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_uid).and_return(ldap_user)
 
                 oauth_user.save
 
@@ -356,7 +356,7 @@ describe Gitlab::Auth::OAuth::User do
 
           context "and no corresponding LDAP person" do
             before do
-              allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_uid).and_return(nil)
+              allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_uid).and_return(nil)
             end
 
             include_examples "to verify compliance with allow_single_sign_on"
@@ -405,13 +405,13 @@ describe Gitlab::Auth::OAuth::User do
           allow(ldap_user).to receive(:username) { uid }
           allow(ldap_user).to receive(:email) { ['johndoe@example.com', 'john2@example.com'] }
           allow(ldap_user).to receive(:dn) { dn }
-          allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_uid).and_return(ldap_user)
+          allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_uid).and_return(ldap_user)
         end
 
         context "and no account for the LDAP user" do
           context 'dont block on create (LDAP)' do
             before do
-              allow_next_instance_of(Gitlab::Auth::LDAP::Config) do |instance|
+              allow_next_instance_of(Gitlab::Auth::Ldap::Config) do |instance|
                 allow(instance).to receive_messages(block_auto_created_users: false)
               end
             end
@@ -425,7 +425,7 @@ describe Gitlab::Auth::OAuth::User do
 
           context 'block on create (LDAP)' do
             before do
-              allow_next_instance_of(Gitlab::Auth::LDAP::Config) do |instance|
+              allow_next_instance_of(Gitlab::Auth::Ldap::Config) do |instance|
                 allow(instance).to receive_messages(block_auto_created_users: true)
               end
             end
@@ -443,7 +443,7 @@ describe Gitlab::Auth::OAuth::User do
 
           context 'dont block on create (LDAP)' do
             before do
-              allow_next_instance_of(Gitlab::Auth::LDAP::Config) do |instance|
+              allow_next_instance_of(Gitlab::Auth::Ldap::Config) do |instance|
                 allow(instance).to receive_messages(block_auto_created_users: false)
               end
             end
@@ -457,7 +457,7 @@ describe Gitlab::Auth::OAuth::User do
 
           context 'block on create (LDAP)' do
             before do
-              allow_next_instance_of(Gitlab::Auth::LDAP::Config) do |instance|
+              allow_next_instance_of(Gitlab::Auth::Ldap::Config) do |instance|
                 allow(instance).to receive_messages(block_auto_created_users: true)
               end
             end
@@ -503,7 +503,7 @@ describe Gitlab::Auth::OAuth::User do
 
         context 'dont block on create (LDAP)' do
           before do
-            allow_next_instance_of(Gitlab::Auth::LDAP::Config) do |instance|
+            allow_next_instance_of(Gitlab::Auth::Ldap::Config) do |instance|
               allow(instance).to receive_messages(block_auto_created_users: false)
             end
           end
@@ -517,7 +517,7 @@ describe Gitlab::Auth::OAuth::User do
 
         context 'block on create (LDAP)' do
           before do
-            allow_next_instance_of(Gitlab::Auth::LDAP::Config) do |instance|
+            allow_next_instance_of(Gitlab::Auth::Ldap::Config) do |instance|
               allow(instance).to receive_messages(block_auto_created_users: true)
             end
           end
@@ -806,7 +806,7 @@ describe Gitlab::Auth::OAuth::User do
       end
 
       it 'returns nil' do
-        adapter = Gitlab::Auth::LDAP::Adapter.new('ldapmain')
+        adapter = Gitlab::Auth::Ldap::Adapter.new('ldapmain')
         hash = OmniAuth::AuthHash.new(uid: 'whatever', provider: 'ldapmain')
 
         expect(oauth_user.send(:find_ldap_person, hash, adapter)).to be_nil

spec/lib/gitlab/auth/saml/user_spec.rb

@@ -19,7 +19,7 @@ describe Gitlab::Auth::Saml::User do
       email: 'john@mail.com'
     }
   end
-  let(:ldap_user) { Gitlab::Auth::LDAP::Person.new(Net::LDAP::Entry.new, 'ldapmain') }
+  let(:ldap_user) { Gitlab::Auth::Ldap::Person.new(Net::LDAP::Entry.new, 'ldapmain') }
 
   describe '#save' do
     before do
@@ -161,10 +161,10 @@ describe Gitlab::Auth::Saml::User do
               allow(ldap_user).to receive(:username) { uid }
               allow(ldap_user).to receive(:email) { %w(john@mail.com john2@example.com) }
               allow(ldap_user).to receive(:dn) { dn }
-              allow(Gitlab::Auth::LDAP::Adapter).to receive(:new).and_return(adapter)
-              allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_uid).with(uid, adapter).and_return(ldap_user)
-              allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_dn).with(dn, adapter).and_return(ldap_user)
-              allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_email).with('john@mail.com', adapter).and_return(ldap_user)
+              allow(Gitlab::Auth::Ldap::Adapter).to receive(:new).and_return(adapter)
+              allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_uid).with(uid, adapter).and_return(ldap_user)
+              allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_dn).with(dn, adapter).and_return(ldap_user)
+              allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_email).with('john@mail.com', adapter).and_return(ldap_user)
             end
 
             context 'and no account for the LDAP user' do
@@ -212,10 +212,10 @@ describe Gitlab::Auth::Saml::User do
                   nil_types = uid_types - [uid_type]
 
                   nil_types.each do |type|
-                    allow(Gitlab::Auth::LDAP::Person).to receive(:"find_by_#{type}").and_return(nil)
+                    allow(Gitlab::Auth::Ldap::Person).to receive(:"find_by_#{type}").and_return(nil)
                   end
 
-                  allow(Gitlab::Auth::LDAP::Person).to receive(:"find_by_#{uid_type}").and_return(ldap_user)
+                  allow(Gitlab::Auth::Ldap::Person).to receive(:"find_by_#{uid_type}").and_return(ldap_user)
                 end
 
                 it 'adds the omniauth identity to the LDAP account' do
@@ -282,7 +282,7 @@ describe Gitlab::Auth::Saml::User do
               it 'adds the LDAP identity to the existing SAML user' do
                 create(:omniauth_user, email: 'john@mail.com', extern_uid: dn, provider: 'saml', username: 'john')
 
-                allow(Gitlab::Auth::LDAP::Person).to receive(:find_by_uid).with(dn, adapter).and_return(ldap_user)
+                allow(Gitlab::Auth::Ldap::Person).to receive(:find_by_uid).with(dn, adapter).and_return(ldap_user)
 
                 local_hash = OmniAuth::AuthHash.new(uid: dn, provider: provider, info: info_hash)
                 local_saml_user = described_class.new(local_hash)

spec/lib/gitlab/auth_spec.rb

@@ -590,23 +590,23 @@ describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
 
     context "with ldap enabled" do
       before do
-        allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
+        allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
       end
 
       it "tries to autheticate with db before ldap" do
-        expect(Gitlab::Auth::LDAP::Authentication).not_to receive(:login)
+        expect(Gitlab::Auth::Ldap::Authentication).not_to receive(:login)
 
         expect(gl_auth.find_with_user_password(username, password)).to eq(user)
       end
 
       it "does not find user by using ldap as fallback to for authentication" do
-        expect(Gitlab::Auth::LDAP::Authentication).to receive(:login).and_return(nil)
+        expect(Gitlab::Auth::Ldap::Authentication).to receive(:login).and_return(nil)
 
         expect(gl_auth.find_with_user_password('ldap_user', 'password')).to be_nil
       end
 
       it "find new user by using ldap as fallback to for authentication" do
-        expect(Gitlab::Auth::LDAP::Authentication).to receive(:login).and_return(user)
+        expect(Gitlab::Auth::Ldap::Authentication).to receive(:login).and_return(user)
 
         expect(gl_auth.find_with_user_password('ldap_user', 'password')).to eq(user)
       end
@@ -623,7 +623,7 @@ describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
 
       context "with ldap enabled" do
         before do
-          allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
+          allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
         end
 
         it "does not find non-ldap user by valid login/password" do

spec/models/user_spec.rb

@@ -4197,7 +4197,7 @@ describe User, :do_not_mock_admin_mode do
   describe '#read_only_attribute?' do
     context 'when LDAP server is enabled' do
       before do
-        allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
+        allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
       end
 
       %i[name email location].each do |attribute|

spec/requests/git_http_spec.rb

@@ -639,8 +639,8 @@ describe 'Git HTTP requests' do
 
                 context 'when LDAP is configured' do
                   before do
-                    allow(Gitlab::Auth::LDAP::Config).to receive(:enabled?).and_return(true)
-                    allow_any_instance_of(Gitlab::Auth::LDAP::Authentication)
+                    allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
+                    allow_any_instance_of(Gitlab::Auth::Ldap::Authentication)
                       .to receive(:login).and_return(nil)
                   end
 
@@ -862,8 +862,8 @@ describe 'Git HTTP requests' do
 
     before do
       allow(Gitlab::Auth::OAuth::Provider).to receive(:enabled?).and_return(true)
-      allow_any_instance_of(Gitlab::Auth::LDAP::Authentication).to receive(:login).and_return(nil)
-      allow_any_instance_of(Gitlab::Auth::LDAP::Authentication).to receive(:login).with(user.username, user.password).and_return(user)
+      allow_any_instance_of(Gitlab::Auth::Ldap::Authentication).to receive(:login).and_return(nil)
+      allow_any_instance_of(Gitlab::Auth::Ldap::Authentication).to receive(:login).with(user.username, user.password).and_return(user)
     end
 
     it_behaves_like 'pulls require Basic HTTP Authentication'

spec/support/helpers/ldap_helpers.rb

@@ -2,14 +2,14 @@
 
 module LdapHelpers
   def ldap_adapter(provider = 'ldapmain', ldap = double(:ldap))
-    ::Gitlab::Auth::LDAP::Adapter.new(provider, ldap)
+    ::Gitlab::Auth::Ldap::Adapter.new(provider, ldap)
   end
 
   def user_dn(uid)
     "uid=#{uid},ou=users,dc=example,dc=com"
   end
 
-  # Accepts a hash of Gitlab::Auth::LDAP::Config keys and values.
+  # Accepts a hash of Gitlab::Auth::Ldap::Config keys and values.
   #
   # Example:
   #   stub_ldap_config(
@@ -17,7 +17,7 @@ module LdapHelpers
   #     admin_group: 'my-admin-group'
   #   )
   def stub_ldap_config(messages)
-    allow_any_instance_of(::Gitlab::Auth::LDAP::Config).to receive_messages(messages)
+    allow_any_instance_of(::Gitlab::Auth::Ldap::Config).to receive_messages(messages)
   end
 
   def stub_ldap_setting(messages)
@@ -28,29 +28,29 @@ module LdapHelpers
   # `entry` to simulate when an LDAP person is not found
   #
   # Example:
-  #  adapter = ::Gitlab::Auth::LDAP::Adapter.new('ldapmain', double(:ldap))
+  #  adapter = ::Gitlab::Auth::Ldap::Adapter.new('ldapmain', double(:ldap))
   #  ldap_user_entry = ldap_user_entry('john_doe')
   #
   #  stub_ldap_person_find_by_uid('john_doe', ldap_user_entry, adapter)
   def stub_ldap_person_find_by_uid(uid, entry, provider = 'ldapmain')
-    return_value = ::Gitlab::Auth::LDAP::Person.new(entry, provider) if entry.present?
+    return_value = ::Gitlab::Auth::Ldap::Person.new(entry, provider) if entry.present?
 
-    allow(::Gitlab::Auth::LDAP::Person)
+    allow(::Gitlab::Auth::Ldap::Person)
       .to receive(:find_by_uid).with(uid, any_args).and_return(return_value)
   end
 
   def stub_ldap_person_find_by_dn(entry, provider = 'ldapmain')
-    person = ::Gitlab::Auth::LDAP::Person.new(entry, provider) if entry.present?
+    person = ::Gitlab::Auth::Ldap::Person.new(entry, provider) if entry.present?
 
-    allow(::Gitlab::Auth::LDAP::Person)
+    allow(::Gitlab::Auth::Ldap::Person)
       .to receive(:find_by_dn)
       .and_return(person)
   end
 
   def stub_ldap_person_find_by_email(email, entry, provider = 'ldapmain')
-    person = ::Gitlab::Auth::LDAP::Person.new(entry, provider) if entry.present?
+    person = ::Gitlab::Auth::Ldap::Person.new(entry, provider) if entry.present?
 
-    allow(::Gitlab::Auth::LDAP::Person)
+    allow(::Gitlab::Auth::Ldap::Person)
       .to receive(:find_by_email)
       .with(email, anything)
       .and_return(person)
@@ -66,8 +66,8 @@ module LdapHelpers
   end
 
   def raise_ldap_connection_error
-    allow_any_instance_of(Gitlab::Auth::LDAP::Adapter)
-      .to receive(:ldap_search).and_raise(Gitlab::Auth::LDAP::LDAPConnectionError)
+    allow_any_instance_of(Gitlab::Auth::Ldap::Adapter)
+      .to receive(:ldap_search).and_raise(Gitlab::Auth::Ldap::LdapConnectionError)
   end
 end
 

spec/support/shared_contexts/controllers/ldap_omniauth_callbacks_controller_shared_context.rb

@@ -30,7 +30,7 @@ RSpec.shared_context 'Ldap::OmniauthCallbacksController' do
     @original_env_config_omniauth_auth = mock_auth_hash(provider.to_s, uid, user.email)
     stub_omniauth_provider(provider, context: request)
 
-    allow(Gitlab::Auth::LDAP::Access).to receive(:allowed?).and_return(valid_login?)
+    allow(Gitlab::Auth::Ldap::Access).to receive(:allowed?).and_return(valid_login?)
   end
 
   after do

spec/tasks/gitlab/check_rake_spec.rb

@@ -68,8 +68,8 @@ describe 'check.rake' do
 
     context 'when LDAP is not enabled' do
       it 'does not attempt to bind or search for users' do
-        expect(Gitlab::Auth::LDAP::Config).not_to receive(:providers)
-        expect(Gitlab::Auth::LDAP::Adapter).not_to receive(:open)
+        expect(Gitlab::Auth::Ldap::Config).not_to receive(:providers)
+        expect(Gitlab::Auth::Ldap::Adapter).not_to receive(:open)
 
         subject
       end
@@ -80,12 +80,12 @@ describe 'check.rake' do
       let(:adapter) { ldap_adapter('ldapmain', ldap) }
 
       before do
-        allow(Gitlab::Auth::LDAP::Config)
+        allow(Gitlab::Auth::Ldap::Config)
           .to receive_messages(
             enabled?: true,
             providers: ['ldapmain']
           )
-        allow(Gitlab::Auth::LDAP::Adapter).to receive(:open).and_yield(adapter)
+        allow(Gitlab::Auth::Ldap::Adapter).to receive(:open).and_yield(adapter)
         allow(adapter).to receive(:users).and_return([])
       end