Merge branch 'fix_saml_signin' into 'master'
Fix subsequent SAML sign ins Fixes a bug when `auto_link_ldap_user` is `true` that causes SAML users to be unable to sign in a second time. Fix the problem for https://gitlab.zendesk.com/agent/tickets/22546 See merge request !4718
This commit is contained in:
commit
cef021917f
2 changed files with 18 additions and 2 deletions
|
@ -74,7 +74,7 @@ module Gitlab
|
|||
if user
|
||||
# Case when a LDAP user already exists in Gitlab. Add the OAuth identity to existing account.
|
||||
log.info "LDAP account found for user #{user.username}. Building new #{auth_hash.provider} identity."
|
||||
user.identities.build(extern_uid: auth_hash.uid, provider: auth_hash.provider)
|
||||
user.identities.find_or_initialize_by(extern_uid: auth_hash.uid, provider: auth_hash.provider)
|
||||
else
|
||||
log.info "No existing LDAP account was found in GitLab. Checking for #{auth_hash.provider} account."
|
||||
user = find_by_uid_and_provider
|
||||
|
|
|
@ -164,7 +164,14 @@ describe Gitlab::Saml::User, lib: true do
|
|||
end
|
||||
|
||||
context 'and LDAP user has an account already' do
|
||||
let!(:existing_user) { create(:omniauth_user, email: 'john@mail.com', extern_uid: 'uid=user1,ou=People,dc=example', provider: 'ldapmain', username: 'john') }
|
||||
before do
|
||||
create(:omniauth_user,
|
||||
email: 'john@mail.com',
|
||||
extern_uid: 'uid=user1,ou=People,dc=example',
|
||||
provider: 'ldapmain',
|
||||
username: 'john')
|
||||
end
|
||||
|
||||
it 'adds the omniauth identity to the LDAP account' do
|
||||
saml_user.save
|
||||
|
||||
|
@ -177,6 +184,15 @@ describe Gitlab::Saml::User, lib: true do
|
|||
{ provider: 'saml', extern_uid: uid }
|
||||
])
|
||||
end
|
||||
|
||||
it 'saves successfully on subsequent tries, when both identities are present' do
|
||||
saml_user.save
|
||||
local_saml_user = described_class.new(auth_hash)
|
||||
local_saml_user.save
|
||||
|
||||
expect(local_saml_user.gl_user).to be_valid
|
||||
expect(local_saml_user.gl_user).to be_persisted
|
||||
end
|
||||
end
|
||||
|
||||
context 'user has SAML user, and wants to add their LDAP identity' do
|
||||
|
|
Loading…
Reference in a new issue