Merge pull request #1 from patthoyts/pt/failure-reporting

Report missing credentials to the Rails application.

Merge pull request #1 from patthoyts/pt/failure-reporting
f038dd85 · Dmitriy Zaporozhets · 7edf27d0 · 536c3212 · f038dd85
Commit f038dd85 authored 12 years ago by Dmitriy Zaporozhets
--- a/lib/omniauth/strategies/ldap.rb
+++ b/lib/omniauth/strategies/ldap.rb
@@ -38,13 +38,13 @@ module OmniAuth
      def callback_phase
        @adaptor = OmniAuth::LDAP::Adaptor.new @options
  
-        # GITLAB security patch
-        # Dont allow blank password for ldap auth
-        if request['username'].nil? || request['username'].empty? || request['password'].nil? || request['password'].empty?
-          raise MissingCredentialsError.new("Missing login credentials") 
-        end
-
        begin
+          # GITLAB security patch
+          # Dont allow blank password for ldap auth
+          if request['username'].nil? || request['username'].empty? || request['password'].nil? || request['password'].empty?
+            raise MissingCredentialsError.new("Missing login credentials")
+          end
+
          @ldap_user_info = @adaptor.bind_as(:filter => Net::LDAP::Filter.eq(@adaptor.uid, @options[:name_proc].call(request['username'])),:size => 1, :password => request['password'])
          return fail!(:invalid_credentials) if !@ldap_user_info