GitLab FOSS merge requestshttps://staging.gitlab.com/gitlab-org/gitlab-foss/-/merge_requests2017-07-20T16:20:38Zhttps://staging.gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5809Added git http requests tests for user with LDAP identity2017-07-20T16:20:38Zusername-removed-384663Added git http requests tests for user with LDAP identity## What does this MR do?
Added tests to git http request for a user with ldap identity.
## Are there points in the code the reviewer needs to double check?
In order to stick to the way the existing tests are defined in spec file...## What does this MR do?
Added tests to git http request for a user with ldap identity.
## Are there points in the code the reviewer needs to double check?
In order to stick to the way the existing tests are defined in spec files, I have added the new tests in the same spec file that coveres the git http request feature and thus it seems to be a lot of changes in the git_http_spec.rb when looking at the commit git in Gitlab, but the largest change is indentation so please check with a better diff tool (i.e. kdiff3).
Let me know if this is OK with you or do you want to have a new file introduced (i.e. `git_http_ldap_spec.rb`)
## Why was this MR needed?
To increase test coverage and to make sure the changes that will be introduced by #20820 will not introduce any regressions.
## What are the relevant issue numbers?
#20820
## Screenshots (if relevant)
N/A
## Does this MR meet the acceptance criteria?
- [x] Tests
- [x] Added for this feature/bug
- [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)8.13username-removed-128633username-removed-128633https://staging.gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/10501Improvements to authentication with a personal access token2017-07-07T18:52:56Zusername-removed-1113013Improvements to authentication with a personal access token## What does this MR do?
Makes two improvements to the authentication logic when using access tokens:
1. The current logic ignores a login (username) value when passed in with the token. The proposed change ensures the login value, whe...## What does this MR do?
Makes two improvements to the authentication logic when using access tokens:
1. The current logic ignores a login (username) value when passed in with the token. The proposed change ensures the login value, when provided, matches the user associated with the provided token.
1. The current logic accepts a personal access token in lieu of a password. This requires an awkward and likely unexpected repo URL format of https://:*personal_access_token*@gitlab.com/owner/repo. This is the opposite of the format supported by GitHub, which accepts the personal access token in lieu of the username. The proposed change would allow the personal access token to be accepted in lieu of the username or the password.
## Are there points in the code the reviewer needs to double check?
Auth changes are always worthy of a double-check!
## Why was this MR needed?
We implemented our own version of impersonation tokens in our GitLab fork, and we accepted this token as a username. The change to accept it as a password requires adoption by our users, and I feel the better solution is for GitLab to accept it as a username.
## Screenshots (if relevant)
N/A
## Does this MR meet the acceptance criteria?
- [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added, if necessary
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
- [x] Added for this feature/bug
- [x] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
N/ADouwe MaanDouwe Maanhttps://staging.gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/12667Fix the `migration-paths` build for "Fix API Scoping"2017-07-07T18:52:53Zusername-removed-407765Fix the `migration-paths` build for "Fix API Scoping"- https://gitlab.com/gitlab-org/gitlab-ce/issues/18000 was fixed in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11963, which was merged in on 5th July.
- The `migration-paths` build, which only runs on master, failed once htt...- https://gitlab.com/gitlab-org/gitlab-ce/issues/18000 was fixed in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11963, which was merged in on 5th July.
- The `migration-paths` build, which only runs on master, failed once https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11963 was merged in.
- https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11963 (and the associated EE MR) were reverted in !12660 and gitlab-ee!2345
- This MR fixes the `migration-paths` build.9.4https://staging.gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5773Authenticate with login and password generic implementation.2017-03-22T18:43:40Zusername-removed-384663Authenticate with login and password generic implementation.## What does this MR do?
This MR is implementing the authentication with login and password in a more generic way with delegation of the specific implementation to the corresponding provider login implementation.
The provider name ...## What does this MR do?
This MR is implementing the authentication with login and password in a more generic way with delegation of the specific implementation to the corresponding provider login implementation.
The provider name to be used for the login call is retrieved from the list of known identities of the User the tries to authenticate. The provider name is matching the configured name for each provider (i.e. *ldapmain*, *ldapsecondary*) and the `login` factory method is checking if the this provider name starts with the name of the provider implementation for the match. This approach provides the login implementation, support for multiple configured providers of the same type like *oauth2internal* and *oauth2external* that make use of the same `omniauth-oauth2` implementation (same approach has to be applied also to the `omniauth-callbacks-controller`to have a complete support).
## Are there points in the code the reviewer needs to double check?
Check if approach matches the Gitlab software architecture.
## Why was this MR needed?
Allow to implement a login specific to the provider that can support different mechanism for password checks like DB stored password or external password check (i.e. LDAP bind).
## What are the relevant issue numbers?
This is the first MR for #20820 that introduce the generic implementation for the login part.
Test added in MR !5809
## Does this MR meet the acceptance criteria?
- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- [x] Tests
- [x] Added for this feature/bug
- [x] All builds are passing
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)Douwe MaanDouwe Maanhttps://staging.gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/219Omniauth shibboleth version2016-11-09T14:23:52Zusername-removed-52168Omniauth shibboleth versionFixes #641
Set minimum version of omniauth-shibboleth gem to 1.1.2 since lower versions cannot use session state passed in headers which is, at least for now, the only way to make it work with Shibboleth SP and Apache/nginx.Fixes #641
Set minimum version of omniauth-shibboleth gem to 1.1.2 since lower versions cannot use session state passed in headers which is, at least for now, the only way to make it work with Shibboleth SP and Apache/nginx.7.6https://staging.gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5651WIP: Add SHA256 fingerprints to SSH keys2016-08-24T16:43:59Zusername-removed-14714WIP: Add SHA256 fingerprints to SSH keys## What does this MR do?
Display SHA256 fingerprints for user SSH keys and deployment keys.
## Are there points in the code the reviewer needs to double check?
Integration into GitLab EE.
## Why was this MR needed?
SHA256 ...## What does this MR do?
Display SHA256 fingerprints for user SSH keys and deployment keys.
## Are there points in the code the reviewer needs to double check?
Integration into GitLab EE.
## Why was this MR needed?
SHA256 fingerprints are default for OpenSSH since [6.8] but not displayed at GitLab.
## What are the relevant issue numbers?
closes #20502
[6.8]: http://www.openssh.com/txt/release-6.8username-removed-14714username-removed-14714https://staging.gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/3001omniauth-auth0 gem support2016-04-13T16:26:29Zusername-removed-8513omniauth-auth0 gem support## What does this MR do?
This MR adds the omniauth-auth0 gem (and in turn, Auth0 Support as an Auth Provider).
## Are there points in the code the reviewer needs to double check?
Nothing comes to mind. The changes are very minim...## What does this MR do?
This MR adds the omniauth-auth0 gem (and in turn, Auth0 Support as an Auth Provider).
## Are there points in the code the reviewer needs to double check?
Nothing comes to mind. The changes are very minimal.
## Why was this MR needed?
I'm using the Omnibus package which has no custom Gem support, and a project came up which required Auth0 support. This MR allows me to continue using the Omnibus package and still complete this project.
## What are the relevant issue numbers?
#13731
## Additional Notes:
I've included Documentation in line with the other Auth providers (e.g. Facebook/Google). Hopefully this is sufficient.
If there's any questions/issues, don't hesitate to let me know.
Thanks!8.6Robert SpeicherRobert Speicher