Add missing proper nil and error handling to SAML login process.
This commit is contained in:
Patricio Cano
parent
4361cc395c
commit
1d2429af9b
2 changed files with 30 additions and 18 deletions
|
|
@ -60,6 +60,8 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
|
|||
|
||||
continue_login_process
|
||||
end
|
||||
rescue Gitlab::OAuth::SignupDisabledError
|
||||
handle_signup_error
|
||||
end
|
||||
|
||||
def omniauth_error
|
||||
|
|
@ -92,16 +94,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
|
|||
continue_login_process
|
||||
end
|
||||
rescue Gitlab::OAuth::SignupDisabledError
|
||||
label = Gitlab::OAuth::Provider.label_for(oauth['provider'])
|
||||
message = "Signing in using your #{label} account without a pre-existing GitLab account is not allowed."
|
||||
|
||||
if current_application_settings.signup_enabled?
|
||||
message << " Create a GitLab account first, and then connect it to your #{label} account."
|
||||
end
|
||||
|
||||
flash[:notice] = message
|
||||
|
||||
redirect_to new_user_session_path
|
||||
handle_signup_error
|
||||
end
|
||||
|
||||
def handle_service_ticket provider, ticket
|
||||
|
|
@ -122,6 +115,19 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
|
|||
end
|
||||
end
|
||||
|
||||
def handle_signup_error
|
||||
label = Gitlab::OAuth::Provider.label_for(oauth['provider'])
|
||||
message = "Signing in using your #{label} account without a pre-existing GitLab account is not allowed."
|
||||
|
||||
if current_application_settings.signup_enabled?
|
||||
message << " Create a GitLab account first, and then connect it to your #{label} account."
|
||||
end
|
||||
|
||||
flash[:notice] = message
|
||||
|
||||
redirect_to new_user_session_path
|
||||
end
|
||||
|
||||
def oauth
|
||||
@oauth ||= request.env['omniauth.auth']
|
||||
end
|
||||
|
|
|
|||
|
|
@ -26,13 +26,15 @@ module Gitlab
|
|||
@user ||= build_new_user
|
||||
end
|
||||
|
||||
if external_users_enabled?
|
||||
# Check if there is overlap between the user's groups and the external groups
|
||||
# setting then set user as external or internal.
|
||||
if (auth_hash.groups & Gitlab::Saml::Config.external_groups).empty?
|
||||
@user.external = false
|
||||
else
|
||||
@user.external = true
|
||||
unless @user.nil?
|
||||
if external_users_enabled?
|
||||
# Check if there is overlap between the user's groups and the external groups
|
||||
# setting then set user as external or internal.
|
||||
if (auth_hash.groups & Gitlab::Saml::Config.external_groups).empty?
|
||||
@user.external = false
|
||||
else
|
||||
@user.external = true
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
@ -48,7 +50,11 @@ module Gitlab
|
|||
end
|
||||
|
||||
def changed?
|
||||
gl_user.changed? || gl_user.identities.any?(&:changed?)
|
||||
if gl_user
|
||||
gl_user.changed? || gl_user.identities.any?(&:changed?)
|
||||
else
|
||||
true
|
||||
end
|
||||
end
|
||||
|
||||
protected
|
||||
|
|
|
|||
Loading…
Reference in a new issue