Commit graph

7 commits

Author SHA1 Message Date
Sebastian Arcila Valenzuela
3692e9f8a2
Validate that SAML requests are originated from gitlab
If the request wasn't initiated by gitlab we shouldn't add the new
identity to the user, and instead show that we weren't able to link
the identity to the user.

This should fix: https://gitlab.com/gitlab-org/gitlab-ce/issues/56509
2019-09-30 14:22:06 +02:00
Michael Tsyganov
a009381380
Support RSA and ECDSA algorithms in Omniauth JWT
Signed-off-by: Rémy Coutable <remy@rymai.me>
2018-12-05 18:17:40 +01:00
gfyoung
c8755543f0 Enable even more frozen string in lib/**/*.rb
Enables frozen string for the following files:

* lib/generators/**/*.rb
* lib/gitaly/**/*.rb
* lib/google_api/**/*.rb
* lib/haml_lint/**/*.rb
* lib/json_web_token/**/*.rb
* lib/mattermost/**/*.rb
* lib/microsoft_teams/**/*.rb
* lib/object_storage/**/*.rb
* lib/omni_auth/**/*.rb
* lib/peek/**/*.rb
* lib/rouge/**/*.rb
* lib/rspec_flaky/**/*.rb
* lib/system_check/**/*.rb

Partially addresses #47424.
2018-10-08 11:16:49 -07:00
Lin Jen-Shin
39b6f31c66 Eliminate constants warnings by:
* Replace `require` or `require_relative` with `require_dependency`
* Remove unneeded `autoload`
2018-06-01 13:46:46 +08:00
Tiago Botelho
699ecad78c Ports omniauth-jwt gem onto GitLab OmniAuth Strategies suite 2018-04-26 10:13:29 +01:00
Jarka Kadlecova
7d8eb4ddb0 Fix bitbucket login 2017-10-26 17:14:32 +03:00
Rémy Coutable
c5e34da01d
Remove explicit require calls, and use require_dependency when needed
See
http://guides.rubyonrails.org/autoloading_and_reloading_constants.html
for more info.

Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-03-13 14:29:55 +01:00