kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
106,665 Commits 1 Branch 0 Tags 899 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
Sebastian Arcila Valenzuela 3692e9f8a2
Validate that SAML requests are originated from gitlab 
If the request wasn't initiated by gitlab we shouldn't add the new
identity to the user, and instead show that we weren't able to link
the identity to the user.

This should fix: https://gitlab.com/gitlab-org/gitlab-ce/issues/56509
 2019-09-30 14:22:06 +02:00
James Edwards-Jones 104c8b890d Backport EE GroupSAML origin verification changes 2019-01-23 19:42:16 +00:00
gfyoung e166e5747c Enable some frozen string in lib/gitlab 
Enable frozen string for the following files:

* lib/gitlab/auth/**/*.rb
* lib/gitlab/badge/**/*.rb
* lib/gitlab/bare_repository_import/**/*.rb
* lib/gitlab/bitbucket_import/**/*.rb
* lib/gitlab/bitbucket_server_import/**/*.rb
* lib/gitlab/cache/**/*.rb
* lib/gitlab/checks/**/*.rb

Partially addresses #47424.
 2018-10-13 02:31:31 -07:00
Yorick Peterse 2039c8280d
Disable existing offenses for the CodeReuse cops 
This whitelists all existing offenses for the various CodeReuse cops, of
which most are triggered by the CodeReuse/ActiveRecord cop.
 2018-09-11 17:32:00 +02:00
James Edwards-Jones 7425f2b322 Backport IdentityLinker#failed? from GroupSaml callback flow 2018-05-04 15:00:59 +01:00
James Edwards-Jones d3a8a07423 Unify Saml::IdentityLinker and OAuth::IdentityLinker 2018-04-23 13:53:32 +01:00
James Edwards-Jones f8d54913bb Show error on failed OAuth account link 2018-04-22 23:50:56 +01:00
James Edwards-Jones f10c999bca Refactor OmniauthCallbacksController to remove duplication 
Moves LDAP to its own controller with tests
Provides path forward for implementing GroupSaml
 2018-04-22 23:50:55 +01:00