Merge branch 'oauth_token_with_ldap' into 'master'

Retrieving oauth token with LDAP credentials

https://dev.gitlab.org/gitlab/gitlabhq/issues/2529

See merge request !1220

2 files changed, 2 insertions, 2 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 69c2c120d99..2ec3bd28b39 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -27,6 +27,7 @@ v 8.0.0 (unreleased)
   - Make all profiles public
   - Fixed login failure when extern_uid changes (Joel Koglin)
   - Don't notify users without access to the project when they are (accidentally) mentioned in a note.
+  - Retrieving oauth token with LDAP credentials
 
 v 7.14.1
   - Improve abuse reports management from admin area
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index 6139ddbe6cd..66ac88e9f4a 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -12,8 +12,7 @@ Doorkeeper.configure do
   end
 
   resource_owner_from_credentials do |routes|
-    u = User.find_by(email: params[:username]) || User.find_by(username: params[:username])
-    u if u && u.valid_password?(params[:password])
+    Gitlab::Auth.new.find(params[:username], params[:password])
   end
 
   # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.