gitlab-org--gitlab-foss/config/initializers/omniauth.rb

if Gitlab::LDAP::Config.enabled?
  module OmniAuth::Strategies
    server = Gitlab.config.ldap.servers.values.first
    klass = server['provider_class']
    const_set(klass, Class.new(LDAP)) unless klass == 'LDAP'
  end

  OmniauthCallbacksController.class_eval do
    server = Gitlab.config.ldap.servers.values.first
    alias_method server['provider_name'], :ldap
  end
end

OmniAuth.config.full_host = Settings.gitlab['base_url']
OmniAuth.config.allowed_request_methods = [:post]
#In case of auto sign-in, the GET method is used (users don't get to click on a button)
OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present?
OmniAuth.config.before_request_phase do |env|
  OmniAuth::RequestForgeryProtection.call(env)
end

if Gitlab.config.omniauth.enabled
  Gitlab.config.omniauth.providers.each do |provider|
    if provider['name'] == 'kerberos'
      require 'omniauth-kerberos'
    end
  end
end
Only enable LDAP providers if LDAP is enabled 2014-10-15 03:53:16 -04:00			`if Gitlab::LDAP::Config.enabled?`
			`module OmniAuth::Strategies`
			`server = Gitlab.config.ldap.servers.values.first`
Prevent redeclaration of LDAP strategy 2014-10-17 12:03:34 -04:00			`klass = server['provider_class']`
			`const_set(klass, Class.new(LDAP)) unless klass == 'LDAP'`
Only enable LDAP providers if LDAP is enabled 2014-10-15 03:53:16 -04:00			`end`
Move dynamic omniauth declarations to initializer 2014-10-14 03:22:59 -04:00
Only enable LDAP providers if LDAP is enabled 2014-10-15 03:53:16 -04:00			`OmniauthCallbacksController.class_eval do`
			`server = Gitlab.config.ldap.servers.values.first`
			`alias_method server['provider_name'], :ldap`
			`end`
Rubocop: no trailing newlines 2015-02-03 00:53:27 -05:00			`end`
Protect OmniAuth request phase against CSRF. 2015-04-24 11:03:18 -04:00
Only include base URL in OmniAuth full_host parameter Closes #2335 2015-08-23 16:31:02 -04:00			`OmniAuth.config.full_host = Settings.gitlab['base_url']`
Protect OmniAuth request phase against CSRF. 2015-04-24 11:03:18 -04:00			`OmniAuth.config.allowed_request_methods = [:post]`
Add an option to automatically sign-in with an Omniauth provider without showing the GitLab sign-in page This is useful when integrating with existing SSO environments and we want to use a single Omniauth provider for all user authentication. 2015-05-27 11:40:21 -04:00			`#In case of auto sign-in, the GET method is used (users don't get to click on a button)`
			`OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present?`
Protect OmniAuth request phase against CSRF. 2015-04-24 11:03:18 -04:00			`OmniAuth.config.before_request_phase do \|env\|`
Fix signin with OmniAuth providers 2015-12-08 08:41:19 -05:00			`OmniAuth::RequestForgeryProtection.call(env)`
Protect OmniAuth request phase against CSRF. 2015-04-24 11:03:18 -04:00			`end`
If kerberos is enabled require it. 2015-06-15 12:04:30 -04:00
			`if Gitlab.config.omniauth.enabled`
			`Gitlab.config.omniauth.providers.each do \|provider\|`
Use explicit if. 2015-06-16 07:44:52 -04:00			`if provider['name'] == 'kerberos'`
			`require 'omniauth-kerberos'`
			`end`
If kerberos is enabled require it. 2015-06-15 12:04:30 -04:00			`end`
			`end`