Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
d2a55fc0
Commit
d2a55fc0
authored
Jul 11, 2017
by
Nick Thomas
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Move EE-only code in Gitlab::OAuth::AuthHash into a prepended module
parent
d16c3015
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
75 additions
and
37 deletions
+75
-37
lib/ee/gitlab/o_auth/auth_hash.rb
lib/ee/gitlab/o_auth/auth_hash.rb
+31
-0
lib/gitlab/o_auth/auth_hash.rb
lib/gitlab/o_auth/auth_hash.rb
+3
-14
spec/lib/ee/gitlab/o_auth/auth_hash_spec.rb
spec/lib/ee/gitlab/o_auth/auth_hash_spec.rb
+41
-0
spec/lib/gitlab/o_auth/auth_hash_spec.rb
spec/lib/gitlab/o_auth/auth_hash_spec.rb
+0
-23
No files found.
lib/ee/gitlab/o_auth/auth_hash.rb
0 → 100644
View file @
d2a55fc0
module
EE
module
Gitlab
module
OAuth
module
AuthHash
def
kerberos_default_realm
::
Gitlab
::
Kerberos
::
Authentication
.
kerberos_default_realm
end
# For Kerberos, usernames `principal` and `principal@DEFAULT.REALM` are equivalent and
# may be used indifferently, but omniauth_kerberos does not normalize them as of version 0.3.0.
# Normalize here the uid to always have the canonical Kerberos principal name with realm.
def
kerberos_normalized_uid
@kerberos_normalized_uid
||=
begin
uid
=
::
Gitlab
::
Utils
.
force_utf8
(
auth_hash
.
uid
.
to_s
)
uid
+=
'@'
+
kerberos_default_realm
unless
uid
.
include?
(
'@'
)
uid
end
end
def
uid
if
provider
==
'kerberos'
kerberos_normalized_uid
else
super
end
end
end
end
end
end
lib/gitlab/o_auth/auth_hash.rb
View file @
d2a55fc0
...
@@ -3,26 +3,15 @@
...
@@ -3,26 +3,15 @@
module
Gitlab
module
Gitlab
module
OAuth
module
OAuth
class
AuthHash
class
AuthHash
prepend
::
EE
::
Gitlab
::
OAuth
::
AuthHash
attr_reader
:auth_hash
attr_reader
:auth_hash
def
initialize
(
auth_hash
)
def
initialize
(
auth_hash
)
@auth_hash
=
auth_hash
@auth_hash
=
auth_hash
end
end
def
kerberos_default_realm
Gitlab
::
Kerberos
::
Authentication
.
kerberos_default_realm
end
def
normalized_uid
return
auth_hash
.
uid
.
to_s
unless
provider
==
'kerberos'
# For Kerberos, usernames `principal` and `principal@DEFAULT.REALM` are equivalent and
# may be used indifferently, but omniauth_kerberos does not normalize them as of version 0.3.0.
# Normalize here the uid to always have the canonical Kerberos principal name with realm.
return
auth_hash
.
uid
if
auth_hash
.
uid
.
include?
(
"@"
)
auth_hash
.
uid
+
"@"
+
kerberos_default_realm
end
def
uid
def
uid
@uid
||=
Gitlab
::
Utils
.
force_utf8
(
normalized_uid
)
@uid
||=
Gitlab
::
Utils
.
force_utf8
(
auth_hash
.
uid
.
to_s
)
end
end
def
provider
def
provider
...
...
spec/lib/ee/gitlab/o_auth/auth_hash_spec.rb
0 → 100644
View file @
d2a55fc0
require
'spec_helper'
describe
Gitlab
::
OAuth
::
AuthHash
,
lib:
true
do
let
(
:auth_hash
)
do
Gitlab
::
OAuth
::
AuthHash
.
new
(
OmniAuth
::
AuthHash
.
new
(
provider:
ascii
(
'kerberos'
),
uid:
ascii
(
uid
),
info:
{
uid:
ascii
(
uid
)
}
)
)
end
describe
'#uid'
do
subject
{
auth_hash
.
uid
}
context
'contains a kerberos realm'
do
let
(
:uid
)
{
'mylogin@BAR.COM'
}
it
'preserves the canonical uid'
do
is_expected
.
to
eq
(
'mylogin@BAR.COM'
)
end
end
context
'does not contain a kerberos realm'
do
let
(
:uid
)
{
'mylogin'
}
before
do
allow
(
Gitlab
::
Kerberos
::
Authentication
).
to
receive
(
:kerberos_default_realm
).
and_return
(
'FOO.COM'
)
end
it
'canonicalizes uid with kerberos realm'
do
is_expected
.
to
eq
(
'mylogin@FOO.COM'
)
end
end
end
def
ascii
(
text
)
text
.
force_encoding
(
Encoding
::
ASCII_8BIT
)
end
end
spec/lib/gitlab/o_auth/auth_hash_spec.rb
View file @
d2a55fc0
...
@@ -54,29 +54,6 @@ describe Gitlab::OAuth::AuthHash, lib: true do
...
@@ -54,29 +54,6 @@ describe Gitlab::OAuth::AuthHash, lib: true do
it
{
expect
(
auth_hash
.
password
).
not_to
be_empty
}
it
{
expect
(
auth_hash
.
password
).
not_to
be_empty
}
end
end
context
'with kerberos provider'
do
let
(
:provider_ascii
)
{
'kerberos'
.
force_encoding
(
Encoding
::
ASCII_8BIT
)
}
context
"and uid contains a kerberos realm"
do
let
(
:uid_ascii
)
{
'mylogin@BAR.COM'
.
force_encoding
(
Encoding
::
ASCII_8BIT
)
}
it
"preserves the canonical uid"
do
expect
(
auth_hash
.
uid
).
to
eq
(
'mylogin@BAR.COM'
)
end
end
context
"and uid does not contain a kerberos realm"
do
let
(
:uid_ascii
)
{
'mylogin'
.
force_encoding
(
Encoding
::
ASCII_8BIT
)
}
before
do
allow
(
Gitlab
::
Kerberos
::
Authentication
).
to
receive
(
:kerberos_default_realm
).
and_return
(
"FOO.COM"
)
end
it
"canonicalizes uid with kerberos realm"
do
expect
(
auth_hash
.
uid
).
to
eq
(
'mylogin@FOO.COM'
)
end
end
end
context
'email not provided'
do
context
'email not provided'
do
before
do
before
do
info_hash
.
delete
(
:email
)
info_hash
.
delete
(
:email
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment