Lazy-load the krb5_auth gem

Signed-off-by: Rémy Coutable <remy@rymai.me>

Lazy-load the krb5_auth gem
Signed-off-by: Rémy Coutable <remy@rymai.me>
b84baef6 · Rémy Coutable · e3de18ab · b84baef6 · b84baef6
Commit b84baef6 authored Jul 04, 2016 by Rémy Coutable
Showing with 20 additions and 12 deletions

lib/gitlab/kerberos/authentication.rb lib/gitlab/kerberos/authentication.rb +10 -5

spec/lib/gitlab/kerberos/authentication_spec.rb spec/lib/gitlab/kerberos/authentication_spec.rb +10 -7

No files found.
--- a/lib/gitlab/kerberos/authentication.rb
+++ b/lib/gitlab/kerberos/authentication.rb
-require "krb5_auth"
 # This calls helps to authenticate to Kerberos by providing username and password
-
 module Gitlab
  module Kerberos
    class Authentication
      def self.kerberos_default_realm
-        krb5 = ::Krb5Auth::Krb5.new
+        krb5 = krb5_class.new
        default_realm = krb5.get_default_realm
        krb5.close # release memory allocated by the krb5 library
        default_realm
@@ -19,15 +17,22 @@ module Gitlab
        auth.login
      end

+      def self.krb5_class
+        @krb5_class ||= begin
+          require "krb5_auth"
+          Krb5Auth::Krb5
+        end
+      end
+
      def initialize(login, password)
        @login = login
        @password = password
-        @krb5 = ::Krb5Auth::Krb5.new
+        @krb5 = self.class.krb5_class.new
      end

      def valid?
        @krb5.get_init_creds_password(@login, @password)
-      rescue ::Krb5Auth::Krb5::Exception
+      rescue self.class.krb5_class::Exception
        false
      end


--- a/spec/lib/gitlab/kerberos/authentication_spec.rb
+++ b/spec/lib/gitlab/kerberos/authentication_spec.rb
 require 'spec_helper'

 describe Gitlab::Kerberos::Authentication do
-  let(:klass) { Gitlab::Kerberos::Authentication }
  let(:user) { create(:omniauth_user, provider: :kerberos, extern_uid: 'gitlab@FOO.COM') }
  let(:login) { 'john' }
  let(:password) { 'password' }

-  describe :kerberos_default_realm do
+  before do
+    described_class.krb5_class # eager load the krb5_auth gem
+  end
+
+  describe '.kerberos_default_realm' do
    it "returns the default realm exposed by the Kerberos library" do
      allow_any_instance_of(::Krb5Auth::Krb5).to receive_messages(get_default_realm: "FOO.COM")

-      expect(klass.kerberos_default_realm).to eq("FOO.COM")
+      expect(described_class.kerberos_default_realm).to eq("FOO.COM")
    end
  end

-  describe :login do
+  describe '.login' do
    before do
      allow(Devise).to receive_messages(omniauth_providers: [:kerberos])
      user # make sure user is instanciated
@@ -23,20 +26,20 @@ describe Gitlab::Kerberos::Authentication do
    it "finds the user if authentication is successful (login without kerberos realm)" do
      allow_any_instance_of(::Krb5Auth::Krb5).to receive_messages(get_init_creds_password: true, get_default_principal: 'gitlab@FOO.COM')

-      expect(klass.login('gitlab', password)).to be_truthy
+      expect(described_class.login('gitlab', password)).to be_truthy
    end

    it "finds the user if authentication is successful (login with a kerberos realm)" do
      allow_any_instance_of(::Krb5Auth::Krb5).to receive_messages(get_init_creds_password: true, get_default_principal: 'gitlab@FOO.COM')

-      expect(klass.login('gitlab@FOO.COM', password)).to be_truthy
+      expect(described_class.login('gitlab@FOO.COM', password)).to be_truthy
    end

    it "returns false if there is no such user in kerberos" do
      kerberos_login = "some-login"
      allow_any_instance_of(::Krb5Auth::Krb5).to receive_messages(get_init_creds_password: true, get_default_principal: 'some-login@FOO.COM')

-      expect(klass.login(kerberos_login, password)).to be_falsy
+      expect(described_class.login(kerberos_login, password)).to be_falsy
    end
  end
 end