Add proper nil and error handling to SAML login process (!3609) · Merge requests · GitLab.org / GitLab FOSS

Patricio Cano requested to merge fix-missing-saml-error-handling into master Apr 07, 2016

While writing the feature that would allow certain Omniauth providers to be marked as external I noticed that there is a scenario where the gl_user method can return nil and if this is not properly checked, it will lead to exceptions that will cause 500 errors. It is quite easy to land in this scenario, so I added nil checks.

I also noticed that the saml method in the omniauth_callbacks_controller.rb file lacked a rescue for Gitlab::OAuth::SignupDisabledError, which can happen if the default configuration from 1_settings.rb is applied. So I also added this check.

/cc @DouweM

Admin message

Admin message

Add proper nil and error handling to SAML login process

Merge request reports