1. 06 Jul, 2017 8 commits
    • Timothy Andrew's avatar
      Add CHANGELOG entry for CE MR 11963 · 5f685391
      Timothy Andrew authored
      5f685391
    • Timothy Andrew's avatar
    • Timothy Andrew's avatar
      Add Omniauth OAuth config to the test section of `gitlab.yml` · 0784dc11
      Timothy Andrew authored
      - I tried to get this to work by stubbing out portions of the config within the
        test. This didn't work as expected because Devise/Omniauth loaded before the
        stub could run, and the stubbed config was ignored.
      
      - I attempted to fix this by reloading Devise/Omniauth after stubbing the
        config. This successfully got Devise to load the stubbed providers, but failed
        while trying to access a route such as `user_gitlab_omniauth_authorize_path`.
      
      - I spent a while trying to figure this out (even trying
        `Rails.application.reload_routes!`), but nothing seemed to work.
      
      - I settled for adding this config directly to `gitlab.yml` rather than go down
        this path any further.
      0784dc11
    • Timothy Andrew's avatar
      Add more providers to the OAuth login integration tests. · af3150cf
      Timothy Andrew authored
      - Added saml, authentiq, cas3, and auth0
      - Crowd seems to be a special case that will be handled separately.
      af3150cf
    • Timothy Andrew's avatar
      d6023d33
    • Timothy Andrew's avatar
      dbe6cc6e
    • Timothy Andrew's avatar
      Add integration tests around OAuth login. · cd3aa1f5
      Timothy Andrew authored
      - There was previously a test for `saml` login in `login_spec`, but this didn't
        seem to be passing. A lot of things didn't seem right here, and I suspect that
        this test hasn't been running. I'll investigate this further.
      
      - It took almost a whole working day to figure out this line:
      
          OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(request['REQUEST_PATH'], '') }
      
        As always, it's obvious in retrospect, but it took some digging to figure out
        tests were failing and returning 404s during the callback phase.
      
      - Test all OAuth providers - github, twitter, bitbucket, gitlab, google, and facebook
      cd3aa1f5
    • Timothy Andrew's avatar
      Implement "remember me" for OAuth-based login. · 370e8e33
      Timothy Andrew authored
      - Pass a `remember_me` query parameter along with the initial OAuth request, and
        pick this parameter up during the omniauth callback from
        request.env['omniauth.params']`.
      
      - For 2FA-based login, copy the `remember_me` param from `omniauth.params` to
        `params`, which the 2FA process will pick up.
      
      - For non-2FA-based login, simply call the `remember_me` devise method to set
        the session cookie.
      370e8e33
  2. 05 Jul, 2017 31 commits
  3. 04 Jul, 2017 1 commit