Download as
Browse Code »

Commit 71abf70458ca1f6d85bc828b215931eaf3639b5d

Authored by Dmitriy Zaporozhets
1 parent 6bf117c6
Exists in master and in 4 other branches 6-8-stable, 7-0-stable, 7-0-stable-spb, spb-stable

Move ldap auth to LDAP::User. Removed unused code

Showing 3 changed files with 28 additions and 40 deletions   Show diff stats
lib/gitlab/auth.rb
  Diff comments   View file @71abf70
@@ -66,23 +66,12 @@ module Gitlab @@ -66,23 +66,12 @@ module Gitlab
66 Gitlab::AppLogger 66 Gitlab::AppLogger
67 end 67 end
68 68
69 - def ldap_auth(login, password)  
70 - # Check user against LDAP backend if user is not authenticated  
71 - # Only check with valid login and password to prevent anonymous bind results  
72 - return nil unless ldap_conf.enabled && !login.blank? && !password.blank?  
73 -  
74 - ldap = OmniAuth::LDAP::Adaptor.new(ldap_conf)  
75 - ldap_user = ldap.bind_as(  
76 - filter: Net::LDAP::Filter.eq(ldap.uid, login),  
77 - size: 1,  
78 - password: password  
79 - )  
80 -  
81 - User.find_by_extern_uid_and_provider(ldap_user.dn, 'ldap') if ldap_user  
82 - end  
83 -  
84 def ldap_conf 69 def ldap_conf
85 @ldap_conf ||= Gitlab.config.ldap 70 @ldap_conf ||= Gitlab.config.ldap
86 end 71 end
  72 +
  73 + def ldap_auth(login, password)
  74 + Gitlab::LDAP::User.auth(login, password)
  75 + end
87 end 76 end
88 end 77 end
lib/gitlab/backend/grack_ldap.rb
View file @6bf117c
@@ -1,24 +0,0 @@ @@ -1,24 +0,0 @@
1 -require 'omniauth-ldap'  
2 -  
3 -module Grack  
4 - module LDAP  
5 - def ldap_auth(login, password)  
6 - # Check user against LDAP backend if user is not authenticated  
7 - # Only check with valid login and password to prevent anonymous bind results  
8 - return nil unless ldap_conf.enabled && !login.blank? && !password.blank?  
9 -  
10 - ldap = OmniAuth::LDAP::Adaptor.new(ldap_conf)  
11 - ldap_user = ldap.bind_as(  
12 - filter: Net::LDAP::Filter.eq(ldap.uid, login),  
13 - size: 1,  
14 - password: password  
15 - )  
16 -  
17 - User.find_by_extern_uid_and_provider(ldap_user.dn, 'ldap') if ldap_user  
18 - end  
19 -  
20 - def ldap_conf  
21 - @ldap_conf ||= Gitlab.config.ldap  
22 - end  
23 - end  
24 -end  
lib/gitlab/ldap/user.rb
  Diff comments   View file @71abf70
@@ -9,7 +9,7 @@ module Gitlab @@ -9,7 +9,7 @@ module Gitlab
9 class << self 9 class << self
10 def find(uid, email) 10 def find(uid, email)
11 # Look for user with ldap provider and same uid 11 # Look for user with ldap provider and same uid
12 - user = model.ldap.where(extern_uid: uid).last 12 + user = find_by_uid(uid)
13 return user if user 13 return user if user
14 14
15 # Look for user with same emails 15 # Look for user with same emails
@@ -61,6 +61,25 @@ module Gitlab @@ -61,6 +61,25 @@ module Gitlab
61 user 61 user
62 end 62 end
63 63
  64 + def find_by_uid(uid)
  65 + model.ldap.where(extern_uid: uid).last
  66 + end
  67 +
  68 + def auth(login, password)
  69 + # Check user against LDAP backend if user is not authenticated
  70 + # Only check with valid login and password to prevent anonymous bind results
  71 + return nil unless ldap_conf.enabled && login.present? && password.present?
  72 +
  73 + ldap = OmniAuth::LDAP::Adaptor.new(ldap_conf)
  74 + ldap_user = ldap.bind_as(
  75 + filter: Net::LDAP::Filter.eq(ldap.uid, login),
  76 + size: 1,
  77 + password: password
  78 + )
  79 +
  80 + find_by_uid(ldap_user.dn) if ldap_user
  81 + end
  82 +
64 private 83 private
65 84
66 def uid(auth) 85 def uid(auth)
@@ -86,6 +105,10 @@ module Gitlab @@ -86,6 +105,10 @@ module Gitlab
86 def model 105 def model
87 ::User 106 ::User
88 end 107 end
  108 +
  109 + def ldap_conf
  110 + Gitlab.config.ldap
  111 + end
89 end 112 end
90 end 113 end
91 end 114 end