diff options
| author | Bob Van Landuyt <bob@vanlanduyt.co> | 2017-07-26 11:57:05 +0200 |
|---|---|---|
| committer | Bob Van Landuyt <bob@vanlanduyt.co> | 2017-07-26 14:34:37 +0200 |
| commit | 13d9dd1a68358abed220797037ad3f45f2c02105 (patch) | |
| tree | 309ecc9b4610b154426e276297bb56e8b91ad372 | |
| parent | 49b99d835daf86014adf5cdccae8857f0ab48247 (diff) | |
| download | gitlab-ce-bvl-alternative-fix-ldap-login.tar.gz | |
Define ldap methods at runtimebvl-alternative-fix-ldap-login
This avoids loading the `OmniAuthCallbacksController` at boot time so
it doesn't mess up the `before_action`-chain
| -rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 7 | ||||
| -rw-r--r-- | app/controllers/sessions_controller.rb | 8 | ||||
| -rw-r--r-- | config/initializers/omniauth.rb | 5 |
3 files changed, 7 insertions, 13 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 323d5d26eb6..8cf3707db67 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -10,6 +10,13 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController end end + if Gitlab::LDAP::Config.enabled? + server = Gitlab.config.ldap.servers.values.first + define_method server['provider_name'] do + ldap + end + end + # Extend the standard message generation to accept our custom exception def failure_message exception = env["omniauth.error"] diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 69513f4dadc..0e8a57f8e03 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -5,14 +5,6 @@ class SessionsController < Devise::SessionsController skip_before_action :check_two_factor_requirement, only: [:destroy] - # Explicitly call protect from forgery before anything else. Otherwise the - # CSFR-token might be cleared before authentication is done. This was the case - # when LDAP was enabled and the `OmniauthCallbacksController` is loaded - # - # *Note:* `prepend: true` is the default for rails4, but this will be changed - # to `prepend: false` in rails5. - protect_from_forgery prepend: true, with: :exception - prepend_before_action :check_initial_setup, only: [:new] prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create] diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index f7fa6d1c2de..d573de7bcea 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -4,11 +4,6 @@ if Gitlab::LDAP::Config.enabled? klass = server['provider_class'] const_set(klass, Class.new(LDAP)) unless klass == 'LDAP' end - - OmniauthCallbacksController.class_eval do - server = Gitlab.config.ldap.servers.values.first - alias_method server['provider_name'], :ldap - end end OmniAuth.config.full_host = Settings.gitlab['base_url'] |