gitlab-org--gitlab-foss/lib/gitlab/auth/o_auth/auth_hash.rb

# frozen_string_literal: true

# Class to parse and transform the info provided by omniauth
#
module Gitlab
  module Auth
    module OAuth
      class AuthHash
        attr_reader :auth_hash

        def initialize(auth_hash)
          @auth_hash = auth_hash
        end

        def uid
          @uid ||= Gitlab::Utils.force_utf8(auth_hash.uid.to_s)
        end

        def provider
          @provider ||= auth_hash.provider.to_s
        end

        def name
          @name ||= get_info(:name) || "#{get_info(:first_name)} #{get_info(:last_name)}"
        end

        def username
          @username ||= username_and_email[:username].to_s
        end

        def email
          @email ||= username_and_email[:email].to_s
        end

        def password
          @password ||= Gitlab::Utils.force_utf8(::User.random_password)
        end

        def location
          location = get_info(:address)
          if location.is_a?(Hash)
            [location.locality.presence, location.country.presence].compact.join(', ')
          else
            location
          end
        end

        def has_attribute?(attribute)
          if attribute == :location
            get_info(:address).present?
          else
            get_info(attribute).present?
          end
        end

        private

        def info
          auth_hash['info']
        end

        def coerce_utf8(value)
          value.is_a?(String) ? Gitlab::Utils.force_utf8(value) : value
        end

        def get_info(key)
          coerce_utf8(info[key])
        end

        def provider_config
          Gitlab::Auth::OAuth::Provider.config_for(@provider) || {}
        end

        def provider_args
          @provider_args ||= provider_config['args'].presence || {}
        end

        def get_from_auth_hash_or_info(key)
          coerce_utf8(auth_hash[key]) || get_info(key)
        end

        # Allow for configuring a custom username claim per provider from
        # the auth hash or use the canonical username or nickname fields
        def gitlab_username_claim
          provider_args.dig('gitlab_username_claim')&.to_sym
        end

        def username_claims
          [gitlab_username_claim, :username, :nickname].compact
        end

        def get_username
          username_claims.map { |claim| get_from_auth_hash_or_info(claim) }.find { |name| name.presence }
        end

        def username_and_email
          @username_and_email ||= begin
            username  = get_username
            email     = get_info(:email).presence

            username ||= generate_username(email)             if email
            email    ||= generate_temporarily_email(username) if username

            {
              username: username,
              email: email
            }
          end
        end

        # Get the first part of the email address (before @)
        # In addition in removes illegal characters
        def generate_username(email)
          email.match(/^[^@]*/)[0].mb_chars.unicode_normalize(:nfkd).gsub(/[^\x00-\x7F]/, '').to_s
        end

        def generate_temporarily_email(username)
          "temp-email-for-oauth-#{username}@gitlab.localhost"
        end
      end
    end
  end
end

Gitlab::Auth::OAuth::AuthHash.prepend_mod_with('Gitlab::Auth::OAuth::AuthHash')
Enable some frozen string in lib/gitlab Enable frozen string for the following files: * lib/gitlab/auth/*/.rb * lib/gitlab/badge/*/.rb * lib/gitlab/bare_repository_import/*/.rb * lib/gitlab/bitbucket_import/*/.rb * lib/gitlab/bitbucket_server_import/*/.rb * lib/gitlab/cache/*/.rb * lib/gitlab/checks/*/.rb Partially addresses #47424. 2018-10-11 16:12:21 -04:00			`# frozen_string_literal: true`

Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`# Class to parse and transform the info provided by omniauth`
			`#`
			`module Gitlab`
			`module Auth`
			`module OAuth`
			`class AuthHash`
			`attr_reader :auth_hash`
Add latest changes from gitlab-org/gitlab@master 2022-02-28 13:14:03 -05:00
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`def initialize(auth_hash)`
			`@auth_hash = auth_hash`
			`end`

			`def uid`
			`@uid \|\|= Gitlab::Utils.force_utf8(auth_hash.uid.to_s)`
			`end`

			`def provider`
			`@provider \|\|= auth_hash.provider.to_s`
			`end`

			`def name`
			`@name \|\|= get_info(:name) \|\| "#{get_info(:first_name)} #{get_info(:last_name)}"`
			`end`

			`def username`
			`@username \|\|= username_and_email[:username].to_s`
			`end`

			`def email`
			`@email \|\|= username_and_email[:email].to_s`
			`end`

			`def password`
Add latest changes from gitlab-org/gitlab@master 2022-09-01 14:09:55 -04:00			`@password \|\|= Gitlab::Utils.force_utf8(::User.random_password)`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`end`

			`def location`
			`location = get_info(:address)`
			`if location.is_a?(Hash)`
			`[location.locality.presence, location.country.presence].compact.join(', ')`
			`else`
			`location`
			`end`
			`end`

			`def has_attribute?(attribute)`
			`if attribute == :location`
			`get_info(:address).present?`
			`else`
			`get_info(attribute).present?`
			`end`
			`end`

			`private`

			`def info`
Add no-tabs class and externalize strings - Add .no-tabs to login-box - Externalize strings in common signup box - Leverage render_if_exists - Update PO file 2019-05-27 09:20:27 -04:00			`auth_hash['info']`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`end`

Add latest changes from gitlab-org/gitlab@master 2022-08-09 17:09:21 -04:00			`def coerce_utf8(value)`
Frozen string cannot change encoding This was shown in specs but surely this will be happening in application code as well if this method is passes a frozen string. We were also trying to force_encode a OmniAuth::AuthHash which had the very confusing behaviour of returning nil when it was sent a method that it did not define. Fix that by only force_encoding a String. 2019-07-25 05:33:32 -04:00			`value.is_a?(String) ? Gitlab::Utils.force_utf8(value) : value`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`end`

Add latest changes from gitlab-org/gitlab@master 2022-08-09 17:09:21 -04:00			`def get_info(key)`
			`coerce_utf8(info[key])`
			`end`

			`def provider_config`
			`Gitlab::Auth::OAuth::Provider.config_for(@provider) \|\| {}`
			`end`

			`def provider_args`
			`@provider_args \|\|= provider_config['args'].presence \|\| {}`
			`end`

			`def get_from_auth_hash_or_info(key)`
			`coerce_utf8(auth_hash[key]) \|\| get_info(key)`
			`end`

			`# Allow for configuring a custom username claim per provider from`
			`# the auth hash or use the canonical username or nickname fields`
			`def gitlab_username_claim`
			`provider_args.dig('gitlab_username_claim')&.to_sym`
			`end`

			`def username_claims`
			`[gitlab_username_claim, :username, :nickname].compact`
			`end`

			`def get_username`
			`username_claims.map { \|claim\| get_from_auth_hash_or_info(claim) }.find { \|name\| name.presence }`
			`end`

Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`def username_and_email`
			`@username_and_email \|\|= begin`
Add latest changes from gitlab-org/gitlab@master 2022-08-09 17:09:21 -04:00			`username = get_username`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`email = get_info(:email).presence`

			`username \|\|= generate_username(email) if email`
			`email \|\|= generate_temporarily_email(username) if username`

			`{`
			`username: username,`
Add latest changes from gitlab-org/gitlab@master 2022-08-18 11:12:17 -04:00			`email: email`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`}`
			`end`
			`end`

			`# Get the first part of the email address (before @)`
Fix typos in comments and specs 2018-10-30 06:53:01 -04:00			`# In addition in removes illegal characters`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`def generate_username(email)`
Add latest changes from gitlab-org/gitlab@master 2021-04-22 02:09:47 -04:00			`email.match(/^[^@]*/)[0].mb_chars.unicode_normalize(:nfkd).gsub(/[^\x00-\x7F]/, '').to_s`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`end`

			`def generate_temporarily_email(username)`
			`"temp-email-for-oauth-#{username}@gitlab.localhost"`
			`end`
			`end`
			`end`
			`end`
			`end`
Add latest changes from gitlab-org/gitlab@master 2020-04-28 08:09:44 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-11 17:10:21 -04:00			`Gitlab::Auth::OAuth::AuthHash.prepend_mod_with('Gitlab::Auth::OAuth::AuthHash')`