diff options
author | Douwe Maan <douwe@gitlab.com> | 2018-07-23 07:48:00 +0000 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2018-07-23 07:48:00 +0000 |
commit | 8bc7845fbf424b9f451247459dcb3a8bbe953242 (patch) | |
tree | c379386a488bbbf34244880624742fc09c2baea9 /lib | |
parent | 10698db7aa0979a5c6e7cadc5eadc69b8c86f58c (diff) | |
parent | d0afab482f1157d0b41631cb4dbdfdfeadabb7c8 (diff) | |
download | gitlab-ce-8bc7845fbf424b9f451247459dcb3a8bbe953242.tar.gz |
Merge branch '48932-disable-saml-if-omniauth-is-disabled' into 'master'
Resolve "Disable SAML and Bitbucket if OmniAuth is disabled"
Closes #48932
See merge request gitlab-org/gitlab-ce!20608
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/auth.rb | 19 | ||||
-rw-r--r-- | lib/gitlab/auth/o_auth/provider.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/omniauth_initializer.rb | 30 | ||||
-rw-r--r-- | lib/gitlab/usage_data.rb | 2 | ||||
-rw-r--r-- | lib/tasks/gitlab/info.rake | 4 |
5 files changed, 29 insertions, 28 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 7de66539848..111e18b2076 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -14,23 +14,8 @@ module Gitlab DEFAULT_SCOPES = [:api].freeze class << self - def omniauth_customized_providers - @omniauth_customized_providers ||= %w[bitbucket jwt] - end - - def omniauth_setup_providers(provider_names) - provider_names.each do |provider| - omniauth_setup_a_provider(provider) - end - end - - def omniauth_setup_a_provider(provider) - case provider - when 'kerberos' - require 'omniauth-kerberos' - when *omniauth_customized_providers - require_dependency "omni_auth/strategies/#{provider}" - end + def omniauth_enabled? + Gitlab.config.omniauth.enabled end def find_for_git_client(login, password, project:, ip:) diff --git a/lib/gitlab/auth/o_auth/provider.rb b/lib/gitlab/auth/o_auth/provider.rb index 5fb61ffe00d..e73743944a9 100644 --- a/lib/gitlab/auth/o_auth/provider.rb +++ b/lib/gitlab/auth/o_auth/provider.rb @@ -30,7 +30,7 @@ module Gitlab def self.enabled?(name) return true if name == 'database' - providers.include?(name.to_sym) + Gitlab::Auth.omniauth_enabled? && providers.include?(name.to_sym) end def self.ldap_provider?(name) diff --git a/lib/gitlab/omniauth_initializer.rb b/lib/gitlab/omniauth_initializer.rb index a71acda8701..f33ea0880df 100644 --- a/lib/gitlab/omniauth_initializer.rb +++ b/lib/gitlab/omniauth_initializer.rb @@ -1,23 +1,21 @@ module Gitlab class OmniauthInitializer - def self.enabled? - Gitlab.config.omniauth.enabled || - Gitlab.config.omniauth.auto_sign_in_with_provider.present? - end - def initialize(devise_config) @devise_config = devise_config end def execute(providers) providers.each do |provider| - add_provider(provider['name'].to_sym, *arguments_for(provider)) + name = provider['name'].to_sym + + add_provider_to_devise(name, *arguments_for(provider)) + setup_provider(name) end end private - def add_provider(*args) + def add_provider_to_devise(*args) @devise_config.omniauth(*args) end @@ -76,5 +74,23 @@ module Gitlab end end end + + def omniauth_customized_providers + @omniauth_customized_providers ||= build_omniauth_customized_providers + end + + # We override this in EE + def build_omniauth_customized_providers + %i[bitbucket jwt] + end + + def setup_provider(provider) + case provider + when :kerberos + require 'omniauth-kerberos' + when *omniauth_customized_providers + require_dependency "omni_auth/strategies/#{provider}" + end + end end end diff --git a/lib/gitlab/usage_data.rb b/lib/gitlab/usage_data.rb index dff0c97eeb4..22c9638ecc0 100644 --- a/lib/gitlab/usage_data.rb +++ b/lib/gitlab/usage_data.rb @@ -95,7 +95,7 @@ module Gitlab gravatar_enabled: Gitlab::CurrentSettings.gravatar_enabled?, ldap_enabled: Gitlab.config.ldap.enabled, mattermost_enabled: Gitlab.config.mattermost.enabled, - omniauth_enabled: Gitlab.config.omniauth.enabled, + omniauth_enabled: Gitlab::Auth.omniauth_enabled?, reply_by_email_enabled: Gitlab::IncomingEmail.enabled?, signup_enabled: Gitlab::CurrentSettings.allow_signup? } diff --git a/lib/tasks/gitlab/info.rake b/lib/tasks/gitlab/info.rake index 6de739e9515..e97d77d20e0 100644 --- a/lib/tasks/gitlab/info.rake +++ b/lib/tasks/gitlab/info.rake @@ -54,8 +54,8 @@ namespace :gitlab do puts "HTTP Clone URL:\t#{http_clone_url}" puts "SSH Clone URL:\t#{ssh_clone_url}" puts "Using LDAP:\t#{Gitlab.config.ldap.enabled ? "yes".color(:green) : "no"}" - puts "Using Omniauth:\t#{Gitlab.config.omniauth.enabled ? "yes".color(:green) : "no"}" - puts "Omniauth Providers: #{omniauth_providers.join(', ')}" if Gitlab.config.omniauth.enabled + puts "Using Omniauth:\t#{Gitlab::Auth.omniauth_enabled? ? "yes".color(:green) : "no"}" + puts "Omniauth Providers: #{omniauth_providers.join(', ')}" if Gitlab::Auth.omniauth_enabled? # check Gitolite version gitlab_shell_version_file = "#{Gitlab.config.gitlab_shell.hooks_path}/../VERSION" |