Commits · e5df66e1af47ea9bbd526657f9af913618e6f3ee · gpt / large_projects / gitlabhq1

Feb 15, 2018
- Fixed bug with the user synced attributes when the user doesn't exist · a7ac4580
  Francisco Javier López authored 7 years ago
  
  Unverified
  
  a7ac4580
- Fixed user synced attributes metadata after removing current provider · 26af0e2d
  Francisco Javier López authored 7 years ago and Douwe Maan committed 7 years ago
  
  26af0e2d
Feb 06, 2018
- Validate User username only on Namespace, and bubble up appropriately · a03d29da
  Douwe Maan authored 7 years ago
  
  a03d29da
Jan 30, 2018
- Only new users get marked as external · 1ab85b96
  Tiago Botelho authored 7 years ago
  
  1ab85b96
Jan 17, 2018

Merge branch 'jej/fix-disabled-oauth-access-10-3' into 'security-10-3' · 4493ec08

Robert Speicher authored 7 years ago

[10.3] Prevent login with disabled OAuth providers

See merge request gitlab/gitlabhq!2296

(cherry picked from commit 4936650427ffc88e6ee927aedbb2c724d24b094c)

a0f9d222 Prevents login with disabled OAuth providers

4493ec08

Dec 15, 2017
- Make sure user email is read only when synced with LDAP · 481b8a71
  Douwe Maan authored 7 years ago
  
  481b8a71
Nov 17, 2017
- Changing OAuth lookup to be case insensitive · c7cf68bd
  Francisco Javier López authored 7 years ago and Douwe Maan committed 7 years ago
  
  c7cf68bd
Nov 06, 2017
- Reallow project paths ending in periods · a10925e1
  Douwe Maan authored 7 years ago
  
  a10925e1
Oct 05, 2017
- Only add identities to a user if we find one in Gitlab::OAuth::User. · 4e2ddad2
  Tiago Botelho authored 7 years ago
  
  4e2ddad2
Oct 02, 2017
- Refactors SAML identity creation in gl_user. · 011c168b
  Tiago Botelho authored 7 years ago
  
  011c168b
Sep 28, 2017
- refactor users update service · 67d06dee
  James Lopez authored 7 years ago
  
  67d06dee
- refactor services to match EE signature · 9621dd0c
  James Lopez authored 7 years ago
  
  9621dd0c
Sep 25, 2017
- Attempt to link saml users to ldap by email · 718e5b08
  Tiago Botelho authored 7 years ago
  
  718e5b08
Sep 06, 2017
- Profile updates from providers · 4df54f26
  Alexander Keramidas authored 7 years ago
  
  4df54f26
Aug 02, 2017
- Uniquify reserved word usernames on OAuth user creation · 71951fc3
  Robin Bobbitt authored 7 years ago
  
  71951fc3
Jul 12, 2017
- Extract the finder portion of ldap_person so it can be overridden in EE · 7f350ba1
  Nick Thomas authored 7 years ago
  
  7f350ba1
Jun 23, 2017
- refactor update user service not to do auth checks · b804db26
  James Lopez authored 7 years ago
  
  b804db26
- use update service on ldap call and updated specs and service · 59c3968c
  James Lopez authored 7 years ago
  
  59c3968c
Jun 07, 2017
- Sync email address from specified omniauth provider · 469acd19
  Robin Bobbitt authored 7 years ago
  
  469acd19
Apr 25, 2017
- Fix OAuth, LDAP and SAML SSO when regular sign-ups are disabled · d7e2ac72
  Douwe Maan authored 7 years ago
  
  d7e2ac72
Apr 13, 2017
- Implement Users::BuildService · defbff48
  geoandri authored 7 years ago
  
  defbff48
Mar 27, 2017
- Implement new service for creating user · 7c74a020
  George Andrinopoulos authored 7 years ago
  
  7c74a020
Mar 01, 2017
- Enable and autocorrect the CustomErrorClass cop · 811e598f
  Sean McGivern authored 8 years ago
  
  811e598f
Feb 23, 2017
- Fix OAuth/SAML user blocking behavior · 6f5cd03f
  Douwe Maan authored 8 years ago
  
  6f5cd03f
- Update rubocop and rubocop-rspec and regenerate .rubocop_todo.yml · ba0d27fe
  Douwe Maan authored 8 years ago
  
  ba0d27fe
Nov 30, 2016

Improve the `Gitlab::OAuth::User` error message · 374033fe

Drew Blessing authored 8 years ago

The error saving the user is logged to application.log. Previously,
the entry had no context and was unusable - 'Error saving user:
[Email address already taken]'. Adding the auth hash UID and email
makes the error more helpful.

374033fe

Nov 10, 2016
- Omniauth auto link LDAP user falls back to find by DN when user cannot be found by uid · 3cff3a2e
  Drew Blessing authored 8 years ago
  
  3cff3a2e
Jun 29, 2016

Fixed privilege escalation issue where manually set external users would be... · 10444f61

Patricio Cano authored 8 years ago

Fixed privilege escalation issue where manually set external users would be reverted back to internal users if they logged in via OAuth and that provider was not in the `external_providers` list.

10444f61

Jun 22, 2016
- Fix subsequent SAML sign ins · 938f2b99
  Drew Blessing authored 8 years ago
  
  938f2b99
Jun 08, 2016
- Syntax fixes and better logging around the `ldap_person` method. · 9282810f
  Patricio Cano authored 8 years ago
  
  9282810f
Jun 07, 2016
- Moved `find_or_create_ldap_user` method to parent class and added logging. · c593154c
  Patricio Cano authored 8 years ago
  
  c593154c
Jun 06, 2016
- Adjust the SAML control flow to allow LDAP identities to be added to an existing SAML user. · 7038440e
  Patricio Cano authored 8 years ago
  
  7038440e
Apr 11, 2016
- Better control flow. · 61fc9aa8
  Patricio Cano authored 8 years ago
  
  61fc9aa8
- Allow `external_providers` for Omniauth to be defined to mark these users as external · 12e60846
  Patricio Cano authored 8 years ago
  
  12e60846
Feb 18, 2016
- Make new `allow_single_sign_on` feature backwards compatible · bb4fa3a1
  Patricio Cano authored 9 years ago
  
  bb4fa3a1
- Decouple SAML authentication from the default Omniauth logic · 06376be5
  Patricio Cano authored 9 years ago
  
  06376be5
- Revert "Merge branch 'saml-decoupling' into 'master' · 873b0db2
  Douwe Maan authored 9 years ago
  
  This reverts commit c04e22fb, reversing changes made to 0feab326.
  873b0db2
- Decouple SAML authentication from the default Omniauth logic · f014127e
  Patricio Cano authored 9 years ago
  
  f014127e
Jan 19, 2016
- Allow LDAP users to change their email if it was not set by the LDAP server · 98e1a5b6
  Douwe Maan authored 9 years ago
  
  98e1a5b6
Jan 15, 2016

Fix signup for some OAuth providers · 2444c040

Steffen Köhler authored 9 years ago

some OAuth providers (kerberos for example) only provide a username and an email, but no name. Therefore
a signup fails because the name is empty. Best guess for the name is
probably the username, therefore use it as name.

2444c040

Admin message

Admin message