delta/gitlab/gitlab-ce.git/app/controllers/omniauth_callbacks_controller.rb, branch backport-gitlab-database gitlab.com: gitlab-org/gitlab-ce.git Honor saml assurance level to allow 2FA bypassing 2018-06-25T15:32:03+00:00 Roger Rüttimann roger.ruettimann@gmail.com 2018-06-25T15:32:03+00:00 2efe27ba181daa18db9e227b13be428ebdfc23f1 






[Rails5] Force the `protect_from_forgery` callback run first
2018-06-21T10:44:31+00:00

blackst0ne
blackst0ne.ru@gmail.com

2018-06-21T10:44:31+00:00

6fef87f17fa6fde7c15668faa43b563eebc0a918

Since Rails 5.0 the `protect_from_forgery` callback doesn't run first by
default anymore. [1]

Instead it gets inserted into callbacks chain where callbacks get
called in order.

This commit forces the callback to run first.

[1]: https://github.com/rails/rails/commit/39794037817703575c35a75f1961b01b83791191





Since Rails 5.0 the `protect_from_forgery` callback doesn't run first by
default anymore. [1]

Instead it gets inserted into callbacks chain where callbacks get
called in order.

This commit forces the callback to run first.

[1]: https://github.com/rails/rails/commit/39794037817703575c35a75f1961b01b83791191







Backport helpers from GroupSAML failure messages
2018-05-21T15:43:12+00:00

James Edwards-Jones
jedwardsjones@gitlab.com

2018-04-22T23:17:49+00:00

b98a88cfe9033b5d694ac237a50ad4fe923ad95d












Backport IdentityLinker#failed? from GroupSaml callback flow
2018-05-04T14:00:59+00:00

James Edwards-Jones
jedwardsjones@gitlab.com

2018-04-22T23:05:12+00:00

7425f2b32217f71f99ff8642664a6642dfaeff87












Exclude LDAP from OmniauthCallbackController base methods
2018-04-30T16:32:23+00:00

James Edwards-Jones
jedwardsjones@gitlab.com

2018-04-22T23:15:48+00:00

c741f95a3b599971aaf3dfc1ff3ca43a8ba938b8












Replace define_method with alias_method in Omniauth Controllers
2018-04-23T15:24:47+00:00

James Edwards-Jones
jedwardsjones@gitlab.com

2018-04-23T15:03:01+00:00

795cd7f95206db318c58939698f63eee5abedb34












Unify Saml::IdentityLinker and OAuth::IdentityLinker
2018-04-23T12:53:32+00:00

James Edwards-Jones
jedwardsjones@gitlab.com

2018-04-23T10:56:44+00:00

d3a8a07423dccf1709b6432e017ae4679143dbce












Show error on failed OAuth account link
2018-04-22T22:50:56+00:00

James Edwards-Jones
jedwardsjones@gitlab.com

2018-04-22T18:08:08+00:00

f8d54913bb6f846d1204704d3a6e457956461b35












Refactor OmniauthCallbacksController to remove duplication
2018-04-22T22:50:55+00:00

James Edwards-Jones
jedwardsjones@gitlab.com

2018-04-18T14:03:27+00:00

f10c999bca2b5b37b068ff3680a6e35a6707828d

Moves LDAP to its own controller with tests
Provides path forward for implementing GroupSaml





Moves LDAP to its own controller with tests
Provides path forward for implementing GroupSaml







Writes specs
2018-03-22T16:05:15+00:00

Tiago Botelho
tiagonbotelho@hotmail.com

2018-03-22T10:34:42+00:00

161a05b963b83fe50961ef41eebc5d1c28c3110e