gitlab-org--gitlab-foss/lib/gitlab/auth/o_auth/provider.rb

# frozen_string_literal: true

module Gitlab
  module Auth
    module OAuth
      class Provider
        LABELS = {
          "alicloud" => "AliCloud",
          "dingtalk" => "DingTalk",
          "github" => "GitHub",
          "gitlab" => "GitLab.com",
          "google_oauth2" => "Google",
          "azure_oauth2" => "Azure AD",
          "azure_activedirectory_v2" => "Azure AD v2",
          'atlassian_oauth2' => 'Atlassian'
        }.freeze

        def self.authentication(user, provider)
          return unless user
          return unless enabled?(provider)

          authenticator =
            case provider
            when /crowd/
              Gitlab::Auth::Crowd::Authentication
            when /^ldap/
              Gitlab::Auth::Ldap::Authentication
            when 'database'
              Gitlab::Auth::Database::Authentication
            end

          authenticator&.new(provider, user)
        end

        def self.providers
          Devise.omniauth_providers
        end

        def self.enabled?(name)
          return true if name == 'database'
          return true if self.ldap_provider?(name) && providers.include?(name.to_sym)

          Gitlab::Auth.omniauth_enabled? && providers.include?(name.to_sym)
        end

        def self.ldap_provider?(name)
          name.to_s.start_with?('ldap')
        end

        def self.sync_profile_from_provider?(provider)
          return true if ldap_provider?(provider)

          providers = Gitlab.config.omniauth.sync_profile_from_provider

          if providers.is_a?(Array)
            providers.include?(provider)
          else
            providers
          end
        end

        def self.config_for(name)
          name = name.to_s
          if ldap_provider?(name)
            if Gitlab::Auth::Ldap::Config.valid_provider?(name)
              Gitlab::Auth::Ldap::Config.new(name).options
            else
              nil
            end
          else
            provider = Gitlab.config.omniauth.providers.find do |provider|
              provider.name == name || (provider.name == 'openid_connect' && provider.args.name == name)
            end
            merge_provider_args_with_defaults!(provider)

            provider
          end
        end

        def self.label_for(name)
          name = name.to_s
          config = config_for(name)
          (config && config['label']) || LABELS[name] || name.titleize
        end

        def self.icon_for(name)
          name = name.to_s
          config = config_for(name)
          config && config['icon']
        end

        def self.merge_provider_args_with_defaults!(provider)
          return unless provider

          provider['args'] ||= {}

          defaults = Gitlab::OmniauthInitializer.default_arguments_for(provider['name'])
          provider['args'].deep_merge!(defaults.deep_stringify_keys)
        end
      end
    end
  end
end
Enable some frozen string in lib/gitlab Enable frozen string for the following files: * lib/gitlab/auth/*/.rb * lib/gitlab/badge/*/.rb * lib/gitlab/bare_repository_import/*/.rb * lib/gitlab/bitbucket_import/*/.rb * lib/gitlab/bitbucket_server_import/*/.rb * lib/gitlab/cache/*/.rb * lib/gitlab/checks/*/.rb Partially addresses #47424. 2018-10-11 16:12:21 -04:00			`# frozen_string_literal: true`

Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`module Gitlab`
			`module Auth`
			`module OAuth`
			`class Provider`
			`LABELS = {`
Add latest changes from gitlab-org/gitlab@master 2022-08-18 11:12:17 -04:00			`"alicloud" => "AliCloud",`
			`"dingtalk" => "DingTalk",`
			`"github" => "GitHub",`
			`"gitlab" => "GitLab.com",`
			`"google_oauth2" => "Google",`
			`"azure_oauth2" => "Azure AD",`
Add latest changes from gitlab-org/gitlab@master 2021-02-17 16:09:06 -05:00			`"azure_activedirectory_v2" => "Azure AD v2",`
Add latest changes from gitlab-org/gitlab@master 2022-08-18 11:12:17 -04:00			`'atlassian_oauth2' => 'Atlassian'`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`}.freeze`

Make oauth provider login generic 2018-03-05 17:26:40 -05:00			`def self.authentication(user, provider)`
			`return unless user`
			`return unless enabled?(provider)`

			`authenticator =`
			`case provider`
Add latest changes from gitlab-org/gitlab@master 2020-12-08 07:09:53 -05:00			`when /crowd/`
			`Gitlab::Auth::Crowd::Authentication`
Make oauth provider login generic 2018-03-05 17:26:40 -05:00			`when /^ldap/`
Add latest changes from gitlab-org/gitlab@master 2020-03-12 11:09:39 -04:00			`Gitlab::Auth::Ldap::Authentication`
Make oauth provider login generic 2018-03-05 17:26:40 -05:00			`when 'database'`
			`Gitlab::Auth::Database::Authentication`
			`end`

			`authenticator&.new(provider, user)`
			`end`

Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`def self.providers`
			`Devise.omniauth_providers`
			`end`

			`def self.enabled?(name)`
Make oauth provider login generic 2018-03-05 17:26:40 -05:00			`return true if name == 'database'`
Fix broken Git over HTTP clones with LDAP users Due to a regression in !20608, the LDAP authenticator was not being used unless OmniAuth was enabled. This change allows the LDAP provider to be used if it is configured regardless of the OmniAuth setting. Closes #50579 2018-08-22 16:05:01 -04:00			`return true if self.ldap_provider?(name) && providers.include?(name.to_sym)`
Make oauth provider login generic 2018-03-05 17:26:40 -05:00
Disable SAML if OmniAuth is disabled We also try to unify the way we setup OmniAuth, and how we check if it's enabled or not. 2018-07-13 06:39:31 -04:00			`Gitlab::Auth.omniauth_enabled? && providers.include?(name.to_sym)`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`end`

			`def self.ldap_provider?(name)`
			`name.to_s.start_with?('ldap')`
			`end`

			`def self.sync_profile_from_provider?(provider)`
			`return true if ldap_provider?(provider)`

			`providers = Gitlab.config.omniauth.sync_profile_from_provider`

			`if providers.is_a?(Array)`
			`providers.include?(provider)`
			`else`
			`providers`
			`end`
			`end`

			`def self.config_for(name)`
			`name = name.to_s`
			`if ldap_provider?(name)`
Add latest changes from gitlab-org/gitlab@master 2020-03-12 11:09:39 -04:00			`if Gitlab::Auth::Ldap::Config.valid_provider?(name)`
			`Gitlab::Auth::Ldap::Config.new(name).options`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`else`
			`nil`
			`end`
			`else`
Add latest changes from gitlab-org/gitlab@master 2022-08-23 17:10:34 -04:00			`provider = Gitlab.config.omniauth.providers.find do \|provider\|`
			`provider.name == name \|\| (provider.name == 'openid_connect' && provider.args.name == name)`
			`end`
Add latest changes from gitlab-org/gitlab@master 2020-05-18 08:08:08 -04:00			`merge_provider_args_with_defaults!(provider)`

			`provider`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`end`
			`end`

			`def self.label_for(name)`
			`name = name.to_s`
			`config = config_for(name)`
			`(config && config['label']) \|\| LABELS[name] \|\| name.titleize`
			`end`
Add latest changes from gitlab-org/gitlab@master 2020-03-05 16:08:13 -05:00
			`def self.icon_for(name)`
			`name = name.to_s`
			`config = config_for(name)`
			`config && config['icon']`
			`end`
Add latest changes from gitlab-org/gitlab@master 2020-05-18 08:08:08 -04:00
			`def self.merge_provider_args_with_defaults!(provider)`
			`return unless provider`

			`provider['args'] \|\|= {}`

			`defaults = Gitlab::OmniauthInitializer.default_arguments_for(provider['name'])`
			`provider['args'].deep_merge!(defaults.deep_stringify_keys)`
			`end`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`end`
			`end`
			`end`
			`end`