Commits · e5df66e1af47ea9bbd526657f9af913618e6f3ee · gpt / large_projects / gitlabhq1

Feb 15, 2018
- Fixed bug with the user synced attributes when the user doesn't exist · a7ac4580
  Francisco Javier López authored 7 years ago
  
  Unverified
  
  a7ac4580
- Fixed user synced attributes metadata after removing current provider · 26af0e2d
  Francisco Javier López authored 7 years ago and Douwe Maan committed 7 years ago
  
  26af0e2d
Feb 06, 2018
- Validate User username only on Namespace, and bubble up appropriately · a03d29da
  Douwe Maan authored 7 years ago
  
  a03d29da
Jan 30, 2018
- Only new users get marked as external · 1ab85b96
  Tiago Botelho authored 7 years ago
  
  1ab85b96
Jan 17, 2018

Merge branch 'jej/fix-disabled-oauth-access-10-3' into 'security-10-3' · 4493ec08

Robert Speicher authored 7 years ago

[10.3] Prevent login with disabled OAuth providers

See merge request gitlab/gitlabhq!2296

(cherry picked from commit 4936650427ffc88e6ee927aedbb2c724d24b094c)

a0f9d222 Prevents login with disabled OAuth providers

4493ec08

Dec 15, 2017
- Make sure user email is read only when synced with LDAP · 481b8a71
  Douwe Maan authored 7 years ago
  
  481b8a71
Nov 17, 2017
- Changing OAuth lookup to be case insensitive · c7cf68bd
  Francisco Javier López authored 7 years ago and Douwe Maan committed 7 years ago
  
  c7cf68bd
Nov 06, 2017
- Reallow project paths ending in periods · a10925e1
  Douwe Maan authored 7 years ago
  
  a10925e1
Oct 05, 2017
- Only add identities to a user if we find one in Gitlab::OAuth::User. · 4e2ddad2
  Tiago Botelho authored 7 years ago
  
  4e2ddad2
Oct 02, 2017
- Refactors SAML identity creation in gl_user. · 011c168b
  Tiago Botelho authored 7 years ago
  
  011c168b
Sep 28, 2017
- refactor users update service · 67d06dee
  James Lopez authored 7 years ago
  
  67d06dee
- refactor services to match EE signature · 9621dd0c
  James Lopez authored 7 years ago
  
  9621dd0c
Sep 25, 2017
- Attempt to link saml users to ldap by email · 718e5b08
  Tiago Botelho authored 7 years ago
  
  718e5b08
Sep 14, 2017

Don't force the encoding of the OAuth provider in Gitlab::OAuth::AuthHash#provider · cc66c3fd

Rémy Coutable authored 7 years ago

Some providers freeze their name (e.g.
https://github.com/zquestz/omniauth-google-oauth2/blob/414c43ef3ffec37d473321f262e80f1e46dda89f/lib/omniauth/strategies/google_oauth2.rb#L1),
so trying to modify the string would fail with a `can't modify frozen
String` exception (see
https://gitlab.com/gitlab-org/gitlab-ce/issues/37845#note_40308148

).

In this case, we can just stop trying to force the encoding of the
provider name as they should always be in utf8 by default.

Signed-off-by: Rémy Coutable <remy@rymai.me>

Verified

cc66c3fd

Sep 06, 2017
- Profile updates from providers · 4df54f26
  Alexander Keramidas authored 7 years ago
  
  4df54f26
Aug 11, 2017
- Better categorize test coverage results · d0622b79
  Robert Speicher authored 7 years ago
  
  Also marks a few things as uncovered, and removes an unused class.
  d0622b79
Aug 02, 2017
- Uniquify reserved word usernames on OAuth user creation · 71951fc3
  Robin Bobbitt authored 7 years ago
  
  71951fc3
Jul 12, 2017
- Extract the finder portion of ldap_person so it can be overridden in EE · 7f350ba1
  Nick Thomas authored 7 years ago
  
  7f350ba1
Jun 23, 2017
- refactor update user service not to do auth checks · b804db26
  James Lopez authored 7 years ago
  
  b804db26
- use update service on ldap call and updated specs and service · 59c3968c
  James Lopez authored 7 years ago
  
  59c3968c
Jun 07, 2017
- Sync email address from specified omniauth provider · 469acd19
  Robin Bobbitt authored 7 years ago
  
  469acd19
May 30, 2017
- Return nil when looking up config for unknown LDAP provider · 04bb8fe9
  Douwe Maan authored 7 years ago
  
  04bb8fe9
Apr 25, 2017
- Fix OAuth, LDAP and SAML SSO when regular sign-ups are disabled · d7e2ac72
  Douwe Maan authored 7 years ago
  
  d7e2ac72
Apr 13, 2017
- Implement Users::BuildService · defbff48
  geoandri authored 7 years ago
  
  defbff48
Mar 27, 2017
- Implement new service for creating user · 7c74a020
  George Andrinopoulos authored 7 years ago
  
  7c74a020
Mar 01, 2017
- Enable and autocorrect the CustomErrorClass cop · 811e598f
  Sean McGivern authored 8 years ago
  
  811e598f
Feb 23, 2017
- Fix OAuth/SAML user blocking behavior · 6f5cd03f
  Douwe Maan authored 8 years ago
  
  6f5cd03f
- Update rubocop and rubocop-rspec and regenerate .rubocop_todo.yml · ba0d27fe
  Douwe Maan authored 8 years ago
  
  ba0d27fe
Nov 30, 2016

Improve the `Gitlab::OAuth::User` error message · 374033fe

Drew Blessing authored 8 years ago

The error saving the user is logged to application.log. Previously,
the entry had no context and was unusable - 'Error saving user:
[Email address already taken]'. Adding the auth hash UID and email
makes the error more helpful.

374033fe

Nov 10, 2016
- Omniauth auto link LDAP user falls back to find by DN when user cannot be found by uid · 3cff3a2e
  Drew Blessing authored 8 years ago
  
  3cff3a2e
Jun 29, 2016
- Fixed privilege escalation issue where manually set external users would be... · 10444f61
  Patricio Cano authored 8 years ago
  
  Fixed privilege escalation issue where manually set external users would be reverted back to internal users if they logged in via OAuth and that provider was not in the `external_providers` list.
  10444f61
- Enable Style/SpaceAfterComma Rubocop cop · 28bafd53
  Grzegorz Bizon authored 8 years ago
  
  28bafd53
Jun 22, 2016
- Fix subsequent SAML sign ins · 938f2b99
  Drew Blessing authored 8 years ago
  
  938f2b99
Jun 08, 2016
- Syntax fixes and better logging around the `ldap_person` method. · 9282810f
  Patricio Cano authored 8 years ago
  
  9282810f
Jun 07, 2016
- Moved `find_or_create_ldap_user` method to parent class and added logging. · c593154c
  Patricio Cano authored 8 years ago
  
  c593154c
Jun 06, 2016
- Adjust the SAML control flow to allow LDAP identities to be added to an existing SAML user. · 7038440e
  Patricio Cano authored 8 years ago
  
  7038440e
Apr 11, 2016
- Better control flow. · 61fc9aa8
  Patricio Cano authored 8 years ago
  
  61fc9aa8
- Allow `external_providers` for Omniauth to be defined to mark these users as external · 12e60846
  Patricio Cano authored 8 years ago
  
  12e60846
Feb 18, 2016
- Make new `allow_single_sign_on` feature backwards compatible · bb4fa3a1
  Patricio Cano authored 9 years ago
  
  bb4fa3a1
- Decouple SAML authentication from the default Omniauth logic · 06376be5
  Patricio Cano authored 9 years ago
  
  06376be5

Admin message

Admin message