gitlab-org--gitlab-foss/config/initializers/omniauth.rb

if Gitlab::Auth::LDAP::Config.enabled?
  module OmniAuth::Strategies
    Gitlab::Auth::LDAP::Config.available_servers.each do |server|
      # do not redeclare LDAP
      next if server['provider_name'] == 'ldap'

      const_set(server['provider_class'], Class.new(LDAP))
    end
  end
end

OmniAuth.config.full_host = Settings.gitlab['base_url']
OmniAuth.config.allowed_request_methods = [:post]
# In case of auto sign-in, the GET method is used (users don't get to click on a button)
OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present?
OmniAuth.config.before_request_phase do |env|
  Gitlab::RequestForgeryProtection.call(env)
end
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`if Gitlab::Auth::LDAP::Config.enabled?`
Only enable LDAP providers if LDAP is enabled 2014-10-15 03:53:16 -04:00			`module OmniAuth::Strategies`
Moved o_auth/saml/ldap modules under gitlab/auth 2018-02-23 07:10:39 -05:00			`Gitlab::Auth::LDAP::Config.available_servers.each do \|server\|`
Backport some recent changes related to LDAP from EE 2017-07-26 19:12:20 -04:00			`# do not redeclare LDAP`
			`next if server['provider_name'] == 'ldap'`
Adds Rubocop rule for line break after guard clause Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses. 2017-11-14 04:02:39 -05:00
Backport some recent changes related to LDAP from EE 2017-07-26 19:12:20 -04:00			`const_set(server['provider_class'], Class.new(LDAP))`
			`end`
Only enable LDAP providers if LDAP is enabled 2014-10-15 03:53:16 -04:00			`end`
Rubocop: no trailing newlines 2015-02-03 00:53:27 -05:00			`end`
Protect OmniAuth request phase against CSRF. 2015-04-24 11:03:18 -04:00
Only include base URL in OmniAuth full_host parameter Closes #2335 2015-08-23 16:31:02 -04:00			`OmniAuth.config.full_host = Settings.gitlab['base_url']`
Protect OmniAuth request phase against CSRF. 2015-04-24 11:03:18 -04:00			`OmniAuth.config.allowed_request_methods = [:post]`
Add leading comment space cop 2016-05-31 18:33:46 -04:00			`# In case of auto sign-in, the GET method is used (users don't get to click on a button)`
Add an option to automatically sign-in with an Omniauth provider without showing the GitLab sign-in page This is useful when integrating with existing SSO environments and we want to use a single Omniauth provider for all user authentication. 2015-05-27 11:40:21 -04:00			`OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present?`
Protect OmniAuth request phase against CSRF. 2015-04-24 11:03:18 -04:00			`OmniAuth.config.before_request_phase do \|env\|`
Add `rescue false`. 2017-06-22 01:19:14 -04:00			`Gitlab::RequestForgeryProtection.call(env)`
Protect OmniAuth request phase against CSRF. 2015-04-24 11:03:18 -04:00			`end`