2012-09-12 06:23:16 +00:00
|
|
|
module Gitlab
|
|
|
|
class Auth
|
2013-07-16 08:28:19 +00:00
|
|
|
def find(login, password)
|
|
|
|
user = User.find_by_email(login) || User.find_by_username(login)
|
|
|
|
|
|
|
|
if user.nil? || user.ldap_user?
|
|
|
|
# Second chance - try LDAP authentication
|
|
|
|
return nil unless ldap_conf.enabled
|
|
|
|
|
|
|
|
ldap_auth(login, password)
|
|
|
|
else
|
|
|
|
user if user.valid_password?(password)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2012-09-12 22:11:59 +00:00
|
|
|
def create_from_omniauth(auth, ldap = false)
|
2012-09-12 06:23:16 +00:00
|
|
|
provider = auth.provider
|
|
|
|
uid = auth.info.uid || auth.uid
|
2012-09-28 14:00:04 +00:00
|
|
|
uid = uid.to_s.force_encoding("utf-8")
|
|
|
|
name = auth.info.name.to_s.force_encoding("utf-8")
|
|
|
|
email = auth.info.email.to_s.downcase unless auth.info.email.nil?
|
2012-09-12 06:23:16 +00:00
|
|
|
|
|
|
|
ldap_prefix = ldap ? '(LDAP) ' : ''
|
|
|
|
raise OmniAuth::Error, "#{ldap_prefix}#{provider} does not provide an email"\
|
|
|
|
" address" if auth.info.email.blank?
|
|
|
|
|
|
|
|
log.info "#{ldap_prefix}Creating user from #{provider} login"\
|
|
|
|
" {uid => #{uid}, name => #{name}, email => #{email}}"
|
|
|
|
password = Devise.friendly_token[0, 8].downcase
|
2012-09-26 18:06:31 +00:00
|
|
|
@user = User.new({
|
2012-09-12 06:23:16 +00:00
|
|
|
extern_uid: uid,
|
|
|
|
provider: provider,
|
|
|
|
name: name,
|
2012-11-23 18:11:09 +00:00
|
|
|
username: email.match(/^[^@]*/)[0],
|
2012-09-12 06:23:16 +00:00
|
|
|
email: email,
|
|
|
|
password: password,
|
|
|
|
password_confirmation: password,
|
2013-03-11 06:44:45 +00:00
|
|
|
}, as: :admin).with_defaults
|
2013-03-04 14:52:30 +00:00
|
|
|
@user.save!
|
|
|
|
|
2012-09-12 22:11:59 +00:00
|
|
|
if Gitlab.config.omniauth['block_auto_created_users'] && !ldap
|
2013-03-04 14:52:30 +00:00
|
|
|
@user.block
|
2012-09-12 06:23:16 +00:00
|
|
|
end
|
2013-03-04 14:52:30 +00:00
|
|
|
|
2012-09-12 06:23:16 +00:00
|
|
|
@user
|
|
|
|
end
|
|
|
|
|
|
|
|
def find_or_new_for_omniauth(auth)
|
|
|
|
provider, uid = auth.provider, auth.uid
|
2012-10-19 21:38:07 +00:00
|
|
|
email = auth.info.email.downcase unless auth.info.email.nil?
|
2012-09-12 06:23:16 +00:00
|
|
|
|
|
|
|
if @user = User.find_by_provider_and_extern_uid(provider, uid)
|
|
|
|
@user
|
2012-10-19 21:38:07 +00:00
|
|
|
elsif @user = User.find_by_email(email)
|
2013-05-05 14:01:10 +00:00
|
|
|
@user.update_attributes(extern_uid: uid, provider: provider)
|
2012-10-19 21:38:07 +00:00
|
|
|
@user
|
2012-09-12 06:23:16 +00:00
|
|
|
else
|
2012-09-12 22:11:59 +00:00
|
|
|
if Gitlab.config.omniauth['allow_single_sign_on']
|
2012-09-12 06:23:16 +00:00
|
|
|
@user = create_from_omniauth(auth)
|
|
|
|
@user
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def log
|
|
|
|
Gitlab::AppLogger
|
|
|
|
end
|
2013-05-24 17:36:28 +00:00
|
|
|
|
|
|
|
def ldap_conf
|
|
|
|
@ldap_conf ||= Gitlab.config.ldap
|
|
|
|
end
|
2013-09-02 20:50:45 +00:00
|
|
|
|
|
|
|
def ldap_auth(login, password)
|
|
|
|
Gitlab::LDAP::User.auth(login, password)
|
|
|
|
end
|
2012-09-12 06:23:16 +00:00
|
|
|
end
|
|
|
|
end
|