From 2793352ed376ba0d844ef823ae398afd1a235e6d Mon Sep 17 00:00:00 2001
From: Tiago Teresa Teodosio <tiago.teodosio@co.sapo.pt>
Date: Thu, 13 Sep 2012 19:17:48 +0100
Subject: [PATCH 01/23] Alloww Shibboleth OmniAuth users to login, just like
LDAP users.
---
app/controllers/omniauth_callbacks_controller.rb | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index 2fb783b289b..c5016e2edcc 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -24,6 +24,12 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
sign_in_and_redirect @user
end
+ def shibboleth
+ # We are here because there is a valid Shibboleth session.
+ # Let's do exactly the same as it is done with LDAP users.
+ ldap
+ end
+
private
def handle_omniauth
--
GitLab
From 068a6778e2cf77f53eddb1db774b4c85ca05aa4d Mon Sep 17 00:00:00 2001
From: Tiago Teresa Teodosio <tiago.teodosio@co.sapo.pt>
Date: Thu, 13 Sep 2012 19:34:56 +0100
Subject: [PATCH 02/23] Shibboleth authentication configuration.
---
config/gitlab.yml.example | 9 +++++++++
config/initializers/1_settings.rb | 6 ++++++
config/initializers/devise.rb | 13 +++++++++++++
3 files changed, 28 insertions(+)
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 28323484a37..2945d19ef82 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -39,6 +39,15 @@ ldap:
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
password: '_the_password_of_the_bind_user'
+shibboleth:
+ enabled: false
+ shib_session_id_var: 'HTTP_SHIB_SESSION_ID'
+ shib_application_id_var: 'HTTP_SHIB_APPLICATION_ID'
+ uid_var: 'HTTP_SSOUNIXNAME'
+ name_var: 'HTTP_SSONAME'
+ email: 'HTTP_SSOCONTACTMAIL'
+ debug: false
+
omniauth:
# Enable ability for users
# to login via twitter, google ..
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 7a7ca43f1d0..adf7f4d32df 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -126,6 +126,12 @@ class Settings < Settingslogic
false
end
+ def shibboleth_enabled?
+ shibboleth && shibboleth['enabled']
+ rescue Settingslogic::MissingSetting
+ false
+ end
+
def omniauth_enabled?
omniauth && omniauth['enabled']
rescue Settingslogic::MissingSetting
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 8f3cef5a2ac..4e58b624abf 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -218,6 +218,19 @@ Devise.setup do |config|
:password => gl.ldap['password']
end
+ if gl.shibboleth_enabled?
+ config.omniauth :shibboleth, {
+ :shib_session_id_var => gl.shibboleth['shib_session_id_var'],
+ :shib_application_id_var => gl.shibboleth['shib_application_id_var'],
+ :fields => {
+ :uid => gl.shibboleth['uid_var'],
+ :name => gl.shibboleth['name_var'],
+ :email => gl.shibboleth['email'],
+ },
+ :debug => gl.shibboleth['debug']
+ }
+ end
+
gl.omniauth_providers.each do |gl_provider|
config.omniauth gl_provider['name'].to_sym, gl_provider['app_id'], gl_provider['app_secret']
end
--
GitLab
From 3eff041033a010b627c657a3b05a7fd6ceb0c51b Mon Sep 17 00:00:00 2001
From: Tiago Teresa Teodosio <tiago.teodosio@co.sapo.pt>
Date: Thu, 13 Sep 2012 20:22:52 +0100
Subject: [PATCH 03/23] Gemfile and Gemfile.lock update. Adding a patched
version of omniauth-shibboleth gem.
---
Gemfile | 1 +
Gemfile.lock | 8 ++++++++
2 files changed, 9 insertions(+)
diff --git a/Gemfile b/Gemfile
index 8e569c5b2e5..5452d61e7b8 100644
--- a/Gemfile
+++ b/Gemfile
@@ -26,6 +26,7 @@ gem "grit", :git => "https://github.com/gitlabhq/grit.git",
gem "gitolite", :git => "https://github.com/gitlabhq/gitolite-client.git", :ref => "9b715ca8bab6529f6c92204a25f84d12f25a6eb0"
gem "pygments.rb", :git => "https://github.com/gitlabhq/pygments.rb.git", :ref => "2cada028da5054616634a1d9ca6941b65b3ce188"
gem "omniauth-ldap", :git => "https://github.com/gitlabhq/omniauth-ldap.git", :ref => "f038dd852d7bd473a557e385d5d7c2fd5dc1dc2e"
+gem "omniauth-shibboleth", :git => "https://github.com/TiagoTT/omniauth-shibboleth.git", :ref => "6c9ad5e8f4f9ab9f5e56d0926c571a0174617f4f"
gem 'yaml_db', :git => "https://github.com/gitlabhq/yaml_db.git"
gem 'grack', :git => "https://github.com/gitlabhq/grack.git"
gem "linguist", "~> 1.0.0", :git => "https://github.com/gitlabhq/linguist.git"
diff --git a/Gemfile.lock b/Gemfile.lock
index 3d27d3fbe81..7d73f715e36 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -51,6 +51,13 @@ GIT
pyu-ruby-sasl (~> 0.0.3.1)
rubyntlm (~> 0.1.1)
+GIT
+ remote: https://github.com/TiagoTT/omniauth-shibboleth.git
+ revision: 6c9ad5e8f4f9ab9f5e56d0926c571a0174617f4f
+ ref: 6c9ad5e8f4f9ab9f5e56d0926c571a0174617f4f
+ specs:
+ omniauth-shibboleth (1.0.6)
+
GIT
remote: https://github.com/gitlabhq/pygments.rb.git
revision: 2cada028da5054616634a1d9ca6941b65b3ce188
@@ -452,6 +459,7 @@ DEPENDENCIES
omniauth-github
omniauth-google-oauth2
omniauth-ldap!
+ omniauth-shibboleth!
omniauth-twitter
pry
pygments.rb!
--
GitLab
From 8587f0b8b56d4fa2cf536a65fa6a8ae42d5320d8 Mon Sep 17 00:00:00 2001
From: Tiago Teresa Teodosio <tiago.teodosio@co.sapo.pt>
Date: Tue, 18 Sep 2012 19:20:41 +0100
Subject: [PATCH 04/23] Unifying Omniauth configuration.
Merging LDAP and Shibboleth Omniauth configurations and code into the common Omniauth configuration and code.
---
.../omniauth_callbacks_controller.rb | 23 ++----
app/models/user.rb | 8 --
config/gitlab.yml.example | 61 ++++++++-------
config/initializers/1_settings.rb | 12 ---
config/initializers/devise.rb | 34 ++-------
lib/gitlab/auth.rb | 74 ++++++++-----------
6 files changed, 79 insertions(+), 133 deletions(-)
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index c5016e2edcc..001d67b31d4 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -1,6 +1,6 @@
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
- Gitlab.config.omniauth_providers.each do |provider|
- define_method provider['name'] do
+ Gitlab.config.omniauth_providers.each_pair do |provider,args|
+ define_method provider do
handle_omniauth
end
end
@@ -15,21 +15,6 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
error.to_s.humanize if error
end
- def ldap
- # We only find ourselves here if the authentication to LDAP was successful.
- @user = User.find_for_ldap_auth(request.env["omniauth.auth"], current_user)
- if @user.persisted?
- @user.remember_me = true
- end
- sign_in_and_redirect @user
- end
-
- def shibboleth
- # We are here because there is a valid Shibboleth session.
- # Let's do exactly the same as it is done with LDAP users.
- ldap
- end
-
private
def handle_omniauth
@@ -44,6 +29,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
redirect_to profile_path
else
@user = User.find_or_new_for_omniauth(oauth)
+ # From old ldap callback, if persisted then remember_me.
+ if @user.persisted?
+ @user.remember_me = true
+ end
if @user
sign_in_and_redirect @user
diff --git a/app/models/user.rb b/app/models/user.rb
index 47876722755..91297629852 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -86,18 +86,10 @@ class User < ActiveRecord::Base
where('id NOT IN (SELECT DISTINCT(user_id) FROM users_projects)')
end
- def self.create_from_omniauth(auth, ldap = false)
- gitlab_auth.create_from_omniauth(auth, ldap)
- end
-
def self.find_or_new_for_omniauth(auth)
gitlab_auth.find_or_new_for_omniauth(auth)
end
- def self.find_for_ldap_auth(auth, signed_in_resource = nil)
- gitlab_auth.find_for_ldap_auth(auth, signed_in_resource)
- end
-
def self.gitlab_auth
Gitlab::Auth.new
end
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 2945d19ef82..7e683db89b8 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -29,25 +29,6 @@ app:
#
# 2. Auth settings
# ==========================
-ldap:
- enabled: false
- host: '_your_ldap_server'
- base: '_the_base_where_you_search_for_users'
- port: 636
- uid: 'sAMAccountName'
- method: 'ssl' # plain
- bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
- password: '_the_password_of_the_bind_user'
-
-shibboleth:
- enabled: false
- shib_session_id_var: 'HTTP_SHIB_SESSION_ID'
- shib_application_id_var: 'HTTP_SHIB_APPLICATION_ID'
- uid_var: 'HTTP_SSOUNIXNAME'
- name_var: 'HTTP_SSONAME'
- email: 'HTTP_SSOCONTACTMAIL'
- debug: false
-
omniauth:
# Enable ability for users
# to login via twitter, google ..
@@ -57,17 +38,45 @@ omniauth:
# It allows user to login without having user account
allow_single_sign_on: false
block_auto_created_users: true
+ # Please note that ldap and shibboleth authentication methods need this settings:
+ # allow_single_sign_on: true
+ # block_auto_created_users: false
# Auth providers
providers:
- # - { name: 'google_oauth2', app_id: 'YOUR APP ID',
- # app_secret: 'YOUR APP SECRET',
- # args: { access_type: 'offline', approval_prompt: '' } }
- # - { name: 'twitter', app_id: 'YOUR APP ID',
- # app_secret: 'YOUR APP SECRET'}
- # - { name: 'github', app_id: 'YOUR APP ID',
- # app_secret: 'YOUR APP SECRET' }
+ google_oauth2:
+ - 'YOUR APP ID'
+ - 'YOUR APP SECRET'
+ - args:
+ access_type: 'offline'
+ approval_prompt: ''
+
+ twitter:
+ - 'YOUR APP ID'
+ - 'YOUR APP SECRET'
+
+ github:
+ - 'YOUR APP ID'
+ - 'YOUR APP SECRET'
+
+ ldap:
+ host: '_your_ldap_server'
+ base: '_the_base_where_you_search_for_users'
+ port: 636
+ uid: 'sAMAccountName'
+ method: 'ssl' # plain
+ bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
+ password: '_the_password_of_the_bind_user'
+
+ shibboleth:
+ shib_session_id_var: 'HTTP_SHIB_SESSION_ID'
+ shib_application_id_var: 'HTTP_SHIB_APPLICATION_ID'
+ fields:
+ uid: 'HTTP_SSOUNIXNAME'
+ name: 'HTTP_SSONAME'
+ email: 'HTTP_SSOCONTACTMAIL'
+ debug: false
#
# 3. Advanced settings:
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index adf7f4d32df..a0bbb587c13 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -120,18 +120,6 @@ class Settings < Settingslogic
app['backup_keep_time'] || 0
end
- def ldap_enabled?
- ldap && ldap['enabled']
- rescue Settingslogic::MissingSetting
- false
- end
-
- def shibboleth_enabled?
- shibboleth && shibboleth['enabled']
- rescue Settingslogic::MissingSetting
- false
- end
-
def omniauth_enabled?
omniauth && omniauth['enabled']
rescue Settingslogic::MissingSetting
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 4e58b624abf..3532a24f697 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -207,31 +207,13 @@ Devise.setup do |config|
gl = Gitlab.config
- if gl.ldap_enabled?
- config.omniauth :ldap,
- :host => gl.ldap['host'],
- :base => gl.ldap['base'],
- :uid => gl.ldap['uid'],
- :port => gl.ldap['port'],
- :method => gl.ldap['method'],
- :bind_dn => gl.ldap['bind_dn'],
- :password => gl.ldap['password']
- end
-
- if gl.shibboleth_enabled?
- config.omniauth :shibboleth, {
- :shib_session_id_var => gl.shibboleth['shib_session_id_var'],
- :shib_application_id_var => gl.shibboleth['shib_application_id_var'],
- :fields => {
- :uid => gl.shibboleth['uid_var'],
- :name => gl.shibboleth['name_var'],
- :email => gl.shibboleth['email'],
- },
- :debug => gl.shibboleth['debug']
- }
- end
-
- gl.omniauth_providers.each do |gl_provider|
- config.omniauth gl_provider['name'].to_sym, gl_provider['app_id'], gl_provider['app_secret']
+ gl.omniauth_providers.each_pair do |provider,args|
+ if Array == args.class
+ # An Array from the configuration will be expanded.
+ config.omniauth provider.to_sym, *args
+ elsif Hash == args.class
+ # A Hash from the configuration will be passed as is.
+ config.omniauth provider.to_sym, args
+ end
end
end
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index 90bd5d74081..e815b44a288 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -1,61 +1,47 @@
module Gitlab
class Auth
- def find_for_ldap_auth(auth, signed_in_resource = nil)
- uid = auth.info.uid
+
+ def find_or_new_for_omniauth(auth)
provider = auth.provider
+ uid = auth.info.uid || auth.uid
+ name = auth.info.name.force_encoding("utf-8")
email = auth.info.email.downcase unless auth.info.email.nil?
- raise OmniAuth::Error, "LDAP accounts must provide an uid and email address" if uid.nil? or email.nil?
- if @user = User.find_by_extern_uid_and_provider(uid, provider)
+ if @user = User.find_by_provider_and_extern_uid(provider, uid)
@user
- elsif @user = User.find_by_email(email)
- log.info "Updating legacy LDAP user #{email} with extern_uid => #{uid}"
+
+ elsif email and @user = User.find_by_email(email)
+ log.info "Updating legacy user #{email} with extern_uid => #{uid} from"\
+ " #{provider} {uid => #{uid}, name => #{name}, email => #{email}}"
@user.update_attributes(:extern_uid => uid, :provider => provider)
@user
- else
- create_from_omniauth(auth, true)
- end
- end
- def create_from_omniauth(auth, ldap = false)
- provider = auth.provider
- uid = auth.info.uid || auth.uid
- name = auth.info.name.force_encoding("utf-8")
- email = auth.info.email.downcase unless auth.info.email.nil?
+ elsif Gitlab.config.omniauth['allow_single_sign_on']
- ldap_prefix = ldap ? '(LDAP) ' : ''
- raise OmniAuth::Error, "#{ldap_prefix}#{provider} does not provide an email"\
- " address" if auth.info.email.blank?
+ raise OmniAuth::Error, "#{provider} does not provide an email"\
+ " address" if auth.info.email.blank?
- log.info "#{ldap_prefix}Creating user from #{provider} login"\
- " {uid => #{uid}, name => #{name}, email => #{email}}"
- password = Devise.friendly_token[0, 8].downcase
- @user = User.new(
- extern_uid: uid,
- provider: provider,
- name: name,
- email: email,
- password: password,
- password_confirmation: password,
- projects_limit: Gitlab.config.default_projects_limit,
- )
- if Gitlab.config.omniauth['block_auto_created_users'] && !ldap
- @user.blocked = true
- end
- @user.save!
- @user
- end
+ log.info "Creating user from #{provider} login"\
+ " {uid => #{uid}, name => #{name}, email => #{email}}"
- def find_or_new_for_omniauth(auth)
- provider, uid = auth.provider, auth.uid
+ password = Devise.friendly_token[0, 8].downcase
- if @user = User.find_by_provider_and_extern_uid(provider, uid)
- @user
- else
- if Gitlab.config.omniauth['allow_single_sign_on']
- @user = create_from_omniauth(auth)
- @user
+ @user = User.new(
+ extern_uid: uid,
+ provider: provider,
+ name: name,
+ email: email,
+ password: password,
+ password_confirmation: password,
+ projects_limit: Gitlab.config.default_projects_limit,
+ )
+
+ if Gitlab.config.omniauth['block_auto_created_users']
+ @user.blocked = true
end
+
+ @user.save!
+ @user
end
end
--
GitLab
From a4766d8a3e8cf18f741672f72a741dcef94ca42c Mon Sep 17 00:00:00 2001
From: Tiago TT <tiago.teodosio@telecom.pt>
Date: Tue, 18 Sep 2012 19:06:33 +0000
Subject: [PATCH 05/23] Updating omniauth-shibboleth module version.
---
Gemfile | 2 +-
Gemfile.lock | 4 ++--
config/gitlab.yml.example | 11 +++++------
config/initializers/1_settings.rb | 2 +-
4 files changed, 9 insertions(+), 10 deletions(-)
diff --git a/Gemfile b/Gemfile
index 5452d61e7b8..8ef8518b177 100644
--- a/Gemfile
+++ b/Gemfile
@@ -26,7 +26,7 @@ gem "grit", :git => "https://github.com/gitlabhq/grit.git",
gem "gitolite", :git => "https://github.com/gitlabhq/gitolite-client.git", :ref => "9b715ca8bab6529f6c92204a25f84d12f25a6eb0"
gem "pygments.rb", :git => "https://github.com/gitlabhq/pygments.rb.git", :ref => "2cada028da5054616634a1d9ca6941b65b3ce188"
gem "omniauth-ldap", :git => "https://github.com/gitlabhq/omniauth-ldap.git", :ref => "f038dd852d7bd473a557e385d5d7c2fd5dc1dc2e"
-gem "omniauth-shibboleth", :git => "https://github.com/TiagoTT/omniauth-shibboleth.git", :ref => "6c9ad5e8f4f9ab9f5e56d0926c571a0174617f4f"
+gem "omniauth-shibboleth", :git => "https://github.com/TiagoTT/omniauth-shibboleth.git", :ref => "c7a8e9a1cac4e64607cc73aaaca2b532988adfcf"
gem 'yaml_db', :git => "https://github.com/gitlabhq/yaml_db.git"
gem 'grack', :git => "https://github.com/gitlabhq/grack.git"
gem "linguist", "~> 1.0.0", :git => "https://github.com/gitlabhq/linguist.git"
diff --git a/Gemfile.lock b/Gemfile.lock
index 7d73f715e36..ccecc4d52f3 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -53,8 +53,8 @@ GIT
GIT
remote: https://github.com/TiagoTT/omniauth-shibboleth.git
- revision: 6c9ad5e8f4f9ab9f5e56d0926c571a0174617f4f
- ref: 6c9ad5e8f4f9ab9f5e56d0926c571a0174617f4f
+ revision: c7a8e9a1cac4e64607cc73aaaca2b532988adfcf
+ ref: c7a8e9a1cac4e64607cc73aaaca2b532988adfcf
specs:
omniauth-shibboleth (1.0.6)
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 7e683db89b8..c9201610be6 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -70,12 +70,11 @@ omniauth:
password: '_the_password_of_the_bind_user'
shibboleth:
- shib_session_id_var: 'HTTP_SHIB_SESSION_ID'
- shib_application_id_var: 'HTTP_SHIB_APPLICATION_ID'
- fields:
- uid: 'HTTP_SSOUNIXNAME'
- name: 'HTTP_SSONAME'
- email: 'HTTP_SSOCONTACTMAIL'
+ shib_session_id_field: 'HTTP_SHIB_SESSION_ID'
+ shib_application_id_field: 'HTTP_SHIB_APPLICATION_ID'
+ uid_field: 'HTTP_SSOUNIXNAME'
+ name_field: 'HTTP_SSONAME'
+ email_field: 'HTTP_SSOCONTACTMAIL'
debug: false
#
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index a0bbb587c13..f7845e5dfba 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -127,7 +127,7 @@ class Settings < Settingslogic
end
def omniauth_providers
- (omniauth_enabled? && omniauth['providers']) || []
+ (omniauth_enabled? && omniauth['providers']) || {}
end
def disable_gravatar?
--
GitLab
From f659ec0f26f4d569f68dd1ad3196bf01a54d4cd8 Mon Sep 17 00:00:00 2001
From: Tiago Teresa Teodosio <tiago.teodosio@co.sapo.pt>
Date: Wed, 19 Sep 2012 10:37:07 +0100
Subject: [PATCH 06/23] Removing the tests for the functions removed before.
Please review this carefuly. I am not sure this is good.
---
spec/lib/auth_spec.rb | 53 -------------------------------------------
1 file changed, 53 deletions(-)
diff --git a/spec/lib/auth_spec.rb b/spec/lib/auth_spec.rb
index 1e03bc591b4..b4c707501e9 100644
--- a/spec/lib/auth_spec.rb
+++ b/spec/lib/auth_spec.rb
@@ -13,37 +13,6 @@ describe Gitlab::Auth do
)
end
- describe :find_for_ldap_auth do
- before do
- @auth = mock(
- uid: '12djsak321',
- info: @info,
- provider: 'ldap'
- )
- end
-
- it "should find by uid & provider" do
- User.should_receive :find_by_extern_uid_and_provider
- gl_auth.find_for_ldap_auth(@auth)
- end
-
- it "should update credentials by email if missing uid" do
- user = double('User')
- User.stub find_by_extern_uid_and_provider: nil
- User.stub find_by_email: user
- user.should_receive :update_attributes
- gl_auth.find_for_ldap_auth(@auth)
- end
-
-
- it "should create from auth if user doesnot exist"do
- User.stub find_by_extern_uid_and_provider: nil
- User.stub find_by_email: nil
- gl_auth.should_receive :create_from_omniauth
- gl_auth.find_for_ldap_auth(@auth)
- end
- end
-
describe :find_or_new_for_omniauth do
before do
@auth = mock(
@@ -55,41 +24,19 @@ describe Gitlab::Auth do
it "should find user"do
User.should_receive :find_by_provider_and_extern_uid
- gl_auth.should_not_receive :create_from_omniauth
gl_auth.find_or_new_for_omniauth(@auth)
end
it "should not create user"do
User.stub find_by_provider_and_extern_uid: nil
- gl_auth.should_not_receive :create_from_omniauth
gl_auth.find_or_new_for_omniauth(@auth)
end
it "should create user if single_sing_on"do
Gitlab.config.omniauth['allow_single_sign_on'] = true
User.stub find_by_provider_and_extern_uid: nil
- gl_auth.should_receive :create_from_omniauth
gl_auth.find_or_new_for_omniauth(@auth)
end
end
- describe :create_from_omniauth do
- it "should create user from LDAP" do
- @auth = mock(info: @info, provider: 'ldap')
- user = gl_auth.create_from_omniauth(@auth, true)
-
- user.should be_valid
- user.extern_uid.should == @info.uid
- user.provider.should == 'ldap'
- end
-
- it "should create user from Omniauth" do
- @auth = mock(info: @info, provider: 'twitter')
- user = gl_auth.create_from_omniauth(@auth, false)
-
- user.should be_valid
- user.extern_uid.should == @info.uid
- user.provider.should == 'twitter'
- end
- end
end
--
GitLab
From dd8bc79ca316914874256bc056bb4d1bde5f32ea Mon Sep 17 00:00:00 2001
From: Tiago Teresa Teodosio <tiago.teodosio@co.sapo.pt>
Date: Wed, 19 Sep 2012 11:13:07 +0100
Subject: [PATCH 07/23] Changes to omniauth-shibboleth gem were accepted by
upstream.
Changed Gemfile and updated configuration example.
---
Gemfile | 2 +-
Gemfile.lock | 11 +++--------
config/gitlab.yml.example | 3 ++-
3 files changed, 6 insertions(+), 10 deletions(-)
diff --git a/Gemfile b/Gemfile
index 8ef8518b177..82f5a2c5466 100644
--- a/Gemfile
+++ b/Gemfile
@@ -20,13 +20,13 @@ gem 'omniauth'
gem 'omniauth-google-oauth2'
gem 'omniauth-twitter'
gem 'omniauth-github'
+gem "omniauth-shibboleth", "~> 1.0.7"
# GITLAB patched libs
gem "grit", :git => "https://github.com/gitlabhq/grit.git", :ref => "7f35cb98ff17d534a07e3ce6ec3d580f67402837"
gem "gitolite", :git => "https://github.com/gitlabhq/gitolite-client.git", :ref => "9b715ca8bab6529f6c92204a25f84d12f25a6eb0"
gem "pygments.rb", :git => "https://github.com/gitlabhq/pygments.rb.git", :ref => "2cada028da5054616634a1d9ca6941b65b3ce188"
gem "omniauth-ldap", :git => "https://github.com/gitlabhq/omniauth-ldap.git", :ref => "f038dd852d7bd473a557e385d5d7c2fd5dc1dc2e"
-gem "omniauth-shibboleth", :git => "https://github.com/TiagoTT/omniauth-shibboleth.git", :ref => "c7a8e9a1cac4e64607cc73aaaca2b532988adfcf"
gem 'yaml_db', :git => "https://github.com/gitlabhq/yaml_db.git"
gem 'grack', :git => "https://github.com/gitlabhq/grack.git"
gem "linguist", "~> 1.0.0", :git => "https://github.com/gitlabhq/linguist.git"
diff --git a/Gemfile.lock b/Gemfile.lock
index ccecc4d52f3..839c18c4104 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -51,13 +51,6 @@ GIT
pyu-ruby-sasl (~> 0.0.3.1)
rubyntlm (~> 0.1.1)
-GIT
- remote: https://github.com/TiagoTT/omniauth-shibboleth.git
- revision: c7a8e9a1cac4e64607cc73aaaca2b532988adfcf
- ref: c7a8e9a1cac4e64607cc73aaaca2b532988adfcf
- specs:
- omniauth-shibboleth (1.0.6)
-
GIT
remote: https://github.com/gitlabhq/pygments.rb.git
revision: 2cada028da5054616634a1d9ca6941b65b3ce188
@@ -263,6 +256,8 @@ GEM
omniauth-oauth2 (1.1.0)
oauth2 (~> 0.8.0)
omniauth (~> 1.0)
+ omniauth-shibboleth (1.0.7)
+ omniauth-oauth (~> 1.0)
omniauth-twitter (0.0.13)
multi_json (~> 1.3)
omniauth-oauth (~> 1.0)
@@ -459,7 +454,7 @@ DEPENDENCIES
omniauth-github
omniauth-google-oauth2
omniauth-ldap!
- omniauth-shibboleth!
+ omniauth-shibboleth
omniauth-twitter
pry
pygments.rb!
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index c9201610be6..82089ae02d9 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -74,7 +74,8 @@ omniauth:
shib_application_id_field: 'HTTP_SHIB_APPLICATION_ID'
uid_field: 'HTTP_SSOUNIXNAME'
name_field: 'HTTP_SSONAME'
- email_field: 'HTTP_SSOCONTACTMAIL'
+ info_fields:
+ email: 'HTTP_SSOCONTACTMAIL'
debug: false
#
--
GitLab
From f5252a037b7d1aa23b51411cc0a1976b13a71e64 Mon Sep 17 00:00:00 2001
From: Tiago TT <tiago.teodosio@telecom.pt>
Date: Wed, 19 Sep 2012 10:57:21 +0000
Subject: [PATCH 08/23] Updated Gemfile.lock after bundle install.
---
Gemfile.lock | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Gemfile.lock b/Gemfile.lock
index 839c18c4104..23295fa1b2b 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -454,7 +454,7 @@ DEPENDENCIES
omniauth-github
omniauth-google-oauth2
omniauth-ldap!
- omniauth-shibboleth
+ omniauth-shibboleth (~> 1.0.7)
omniauth-twitter
pry
pygments.rb!
--
GitLab
From 84622be620a193c688ebf2e7fd8d7040be95f4cd Mon Sep 17 00:00:00 2001
From: Tiago Teresa Teodosio <tiago.teodosio@co.sapo.pt>
Date: Wed, 19 Sep 2012 15:17:15 +0100
Subject: [PATCH 09/23] Adding Shibboleth logo in sizes 32x32 and 64x64 pixels
in PNG format.
The logo consists of an orange dragon and was croped from the banner found at:
http://shibboleth.net/
http://shibboleth.net/images/shibboleth_logo.png
The created files have the following specifications:
shibboleth_32.png: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
shibboleth_64.png: PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
---
.../assets/images/authbuttons/shibboleth_32.png | Bin 0 -> 1832 bytes
.../assets/images/authbuttons/shibboleth_64.png | Bin 0 -> 5332 bytes
2 files changed, 0 insertions(+), 0 deletions(-)
create mode 100644 vendor/assets/images/authbuttons/shibboleth_32.png
create mode 100644 vendor/assets/images/authbuttons/shibboleth_64.png
diff --git a/vendor/assets/images/authbuttons/shibboleth_32.png b/vendor/assets/images/authbuttons/shibboleth_32.png
new file mode 100644
index 0000000000000000000000000000000000000000..e27b497e9600910a7df3a9a8b65c67e76df19ecd
GIT binary patch
literal 1832
zcmV+@2iN$CP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800001b5ch_0Itp)
z=>Px#24YJ`L;(K){{a7>y{D4^000SaNLh0L04^8+04^8-Dyk<S00007bV*G`2iyr0
z4i5^8M>H=000yW@L_t(o!>yNjP}SEJ$3OSI$KnGQL`2buRs-U$v09RG!&EdGjoYX(
ziA&-VHICbmMx&XmI*m(eh>c^lk+|#F(xKIws);RCGsYOyO2l>$P%7$!3JOmi+;9JQ
zn9{iLh&liK?(d#+?>YCJd(Qb@czALH&+=oF)9DBfP;_Q;a`%h?<XYTo(se)S>S|lr
zt!u2jUhii)7mB_F3=j#lbvFoZSyf$CR#|C>Oda23Vf#lst^)^10uF!YmWBqWf+)LL
z2{6$Zo|ky4zK+--9nf2EKBw~1&63iUwrafg@0+iGUtXhDZMx>~TZLB6#Ewfs_wnV<
zWlM(&X!AoN5tFj$8A*S)&6_t>spnU!(#J~QGsBja=2+>f(spgPU#FsZL)l+zT`UkD
z-;N@cHWqNPUAyR`_0nw2cf)A|`p4_+nRo1^+-3G!{t~-k{Rq2b>nOYCqha<^$zuEZ
zPy`&QkzW?yp_z6qMLLQ4#JTO|f_VZK-&0Qjw){rgHLd*WS=_;vTfTDEuHUM0)8b9W
zi<u-ggK~o|mSbMcY;oks(d7d!O?Z(r6>zvA>^q3U8ez(-1JZRjO?v(@$@i|cH{O=L
zHdiVbt-@~y*<Nm>6r@+s@n^6D1}9o6O|xGLwO!g{tM?+$hv@0#Zd#o3a}PjRXg#u^
zhLT5)jE9meD9uKWa10exU(IGnb08P;%V0^=5WYx{H&X{rreAx^{1`ND79^#h1<#!`
zPfj}B9pIL?{tkFwzFGR_V3M_YL#-_wYi$-*-(m-W)i7+l%W0*@?3@wU<(;ry6R}$t
zW3>Z2wif~hKS+V24g<QOOfKXVW13tyrsR-8Z4G7c#4DH)`!Vz1t2SIXN$GJ+*TI;G
zW0=gnusR=e6|Mk>9;P6Eb*pfIbg8Y~mx^@KDSIM9_AgkSL&<%RPNVa`#&&6i-du=0
zFQL@Y*!Wfmh^tFMT^{hdn;v1q^6P{~_lAl_n5LaE6|iL!y!8Tb23Bl_5v?J6J8UV1
z<^$mTHTW?M$o3v}GHFRP;WxgLFWhR~`b<#`y<<_|V1x%bF2fmv8oJTf7g5A{@V<*C
z^dJMc;&2dhznrftHy34XW7U?uXvJL2x-BsM1#o*1MHq_V^FnYnL;W7bPyyTmgeb!h
zg0in*I;{nlA*@Q2*VllE$w?G%UWRslj+rn8)~|%AeNl)HBMYVy@FDpymp#y;C%8Pw
zmSN0IWQ4hL8(OZWxTcx?f2XMH4rJvr#(Id(&x09nz`Q~5#}n|=7>v9%C%6qJ1e1Ce
z2KM&<V==~HxB=ll)F24=!2<GtZ|Yl$TleZf!O8a#KHwT4zzbAD-eIWx8MFoF7s9%+
zKnZXYGP2<Dn-J*$f-q(ydH6*GyM&AS18}J<4_eK@a07$<vG(4^$c2f01T!lQzAVB-
zgkuQ75DElihWErwKa9Z(l%OGz#MUbdR{s@%w46B*RR(4Tp2=x&Bp37EVPqoV55>?j
z!jH>VZ34O@8Uc-gC@8)OQ~)KIzF`3LysyH=zZiLE*sJEdG-nNJ<RTAfQj3?mdlCA_
za%^jVKm_~}*w`uxjZ30B<8ADi!KmU%te(KCFIw#{PQxD<@Rw%}*P)Dwx_qLSioQT^
zOu8HC3`-=p>~ClRC@~ZdIKykPS03MvuKpeYxxb4;>WNin>^qSNNPdw1fn!D|o}V&#
zpwiQy)|eqCA9x+;(Wg&`jiDhS$Ht9nU!fZ)+E5+qWOvQFHsi-9Dt*UD6`blVT|`O#
zMno`3U9gHn3z{IHU7&rSQLXWxHf@-#)2Ba>eABh(V}}~RoLc-(KK*2#q;1-^p}$V-
zj}kDchIdLGkrGgx^M1JTZhGqR#JJyfii<e_j*n_!`q@GK6O{VFFx`RJ5n<oSHv>K$
z*uP_On;3UCu%gyp$CQBdC<6W*a2pH>aUYO(qEysSUD{x4rh5QEfvk5q{Uv6U8z}+%
zn&18X>h<Dzbpq0d*z%VVu(Dp|%TIH!`~+G5>Ce?041@<!pb4lr0Rbrh4FYekahsx$
zI-?kW>|H+ukVFF8fW5n#BVhLT1yY*abKPsZTlkf?bs-=c@b~10pc#8wpjnOa0t<le
zW85HM;goQE>WDI1qagUFKNBDD{s`!K<bXo|HH>~XjL)Vtrkj8)A2=;kIiOPz3~vZ&
z|ADn0uAi!6F0ixC2T;ISVc_=vvN#Hu8RsG)#z}jx#pd|<S25%On}LEmn7^uyeg6xT
WiS^{A-fsv10000<MNUMnLSTXdYHA(;
literal 0
HcmV?d00001
diff --git a/vendor/assets/images/authbuttons/shibboleth_64.png b/vendor/assets/images/authbuttons/shibboleth_64.png
new file mode 100644
index 0000000000000000000000000000000000000000..60c22751f85b0d02b596206b98ecc016a893d3e5
GIT binary patch
literal 5332
zcmV;_6f5hAP)<h;3K|Lk000e1NJLTq002M$002M;1^@s6s%dfF00001b5ch_0Itp)
z=>Px#24YJ`L;(K){{a7>y{D4^000SaNLh0L04^8+04^8-Dyk<S00007bV*G`2iyr0
z4h$>o19!3j02EY7L_t(|+U1*fbX8T_#((>k1kxa(g-}8VK>=wZDx#o*VgYdk6|7kJ
ztcVUOx@_ntq9{6`$bf)?iVbNF79x&_N)c%a(xn*)>EY(yv!CyeeTW&If<mIRzP;92
z=iYPA*=N7~-Ou}8_+yN^KtKK;kDfq*|JnSvEIM!u=bDy~7%!kc5d3c-z6Q|rXV-#2
zsNC_N2q}|v%^FFXHT^mPw;uy7NCz%I(wjrS@g;e{eqamm4lpki3Vsudd4;}a1c6k4
zF&VyOYXC_=1jqtD_UGz*UhhoWHOd8Of0!pg_HS5MOW<3eS7m6y@;6?))82nyf3<9p
zA>f}LRjP!QQMbC9HmR+Xx-`+by^mK?QoMk7{dvC4Um35JZ-xZS0xkiT|AzHkRqnlM
zmBD~}F7Dq^(h|FN)svFu+vuS=wzTARTbMV^dXX7cdP6FDLD|JGN_tsd(L_lzCB0^A
z*9-`_Yt)rU8?nn@MnLXqZ4vOruUyNdMh$E0nX#98z&DlU2dV&)-qM1(Bh{*9x@}Ou
zx`thUhP=o$$xczu-f<dyLl5<KQn5=u9<D|6uhHm-hib-*skTGMu4-EkTlgXRZVGnB
zJt*=K0+t-f0uqu<5csZF_r{VQ_u@jRLH(2#z8O|ZG?{<Rm8VHsXr*`U!2^@kt!py@
zQgo^mnILJZKKgv5q!;bOqt4W;GhdZdB59ALm{xzYO!4ta+A#yG57DwG5b)FyIL|Wy
zJv^eSq}F!ytziMvfuX?qN>PEt#P|e2Go}uc^sa2l1W9iT&@*HDNp_-a!B|PpYWAyx
z?2PFTOIjiuo97>MC4H!ETjwYv0jtH>2l^x6lwVM7NCYPOU*D=(9c`G4v;(_!9u`p3
zCbbLtUD!#$&6N_%i;5z}p-}LY!B<aUK)*-W^<zX(#HMu*DJ3~9Yy_iH;YFA{brn|(
z&J?V`1h>cpH_HUK0&A7oXg39=0Vu?q`#A+2GFby8mXr4R5{1B7iE%`p8&3c1Pf@F6
zh^~UheKC(bc%HuB{B**SC2Of&EAg!(rQulF$+Y_QQ-{<@O`t|vA|GXq0E$pvAtp||
zH0evc(0-*=uVOx1x{sWkT!O(E@4R0?_wEgu@zRMj$(XIp<E&|LGkIQ+YKLO91U3S1
zpLSa7e)Tfb)hOp<^Y|@5K2QYfw?mtUVAe~gXyA1j=F0vbG5wvKPk<hkoe?VghbOEw
zO`F$@RAKfbvIifOaz{z|_vqc3m+0;hsdmrKE-K3FCh2UQ(yN9hUx>2rN1bb-^dzjt
zV!d&wO%0+zJz)Qc;pa>G$OEKjkVYbnKv!hCkoWb1fRq!m^TuO=!ba&P#h4@4>|>G6
z-q5a1IyLK6H_HEkMh&Wv7#GD5fmjJd3b=4k1}nczFq<})kdTr{oyJQT5;(xMU7%V7
zz8nr&gD~V^0uk7F0DvEsWQ|UJ@~P_>cIyLy$xVO-aNUbw#zOMRpf%90p=HJF7=3TW
z7{l&udzB)g$~1v*r%oE!@~WXHLvA(-CO|9?V@r@N!PqD^T1=o$fXgn<;+vfXWb7$o
z(NIu67y}ZRAP^5-CZOHbYMRa8J*D`nd1k}PuW8+J3O%YoRsbF!0(TC8a1bbg*XF^X
z2_e?685`}=^{z-^Q8d}7OO?TZnn1Q9kBX84@T^g=3V4MO&4X|%lx)J-QoKV23fA>Z
zsM;4~UnQymCQ#<#$ty+Gr(w?R+ll#eheKoo2eLPF+;KDcaT}!6MfnRbY;*Qc1TLNg
zStaQl*mbMMJ~YSN_23s*120#m{omECb3I9;tzDmLm2<DOsj=+NKC(YtB>VmGvfFyf
zZs{m*b91|NMuLJMU5)HOcW5ArUFH&{`|j;4=>_S~|7i8!Pf=O|(k66f7xYq3tnP5n
zj&JYmf8@<!DVAy1%|+!hz+Yw7p`&ELMdzK939({hYF{M9@-e{_H?3CyfkcSz0`Erx
zfgBDTgk*q1FcDuzt3aPc(5YKf9vyu;<SgRdxnFYU&>uK30cMSa=4;`i<KfoH@LU0$
z*$r|&fz-^XR?paO+F#9Hpsl|qTbUZ5rHe0>^t4tl>}hSmC~NmzExYe(tCC69epg>w
zAFy@}imk$KdfO!|-q~1tCRV-B>XY5Il08GM_kBBSx1w5LH5B_|6GR-gS^!n6j=k?X
zZ0TI2EUex_<1a<Phet!e(P%(pfDSE;_;IFLwjx5Krf-<4UWjm9z$lsvDn&7Ch=GYh
zvz8dbFm4m(&IZl{UAY2t#h)^$Qe`ge-D?(o1{q*7UV`2Opm-6cP8-Od0PM%G4BlIX
zxoCmYAOjo4?=#K^r2I=|HzaHQCr#|>?T~gM`wh}sq*cg%f%Fy9GOSjjmq$7Kozwtr
zZS6kW4M<;M^$qIR6Ln8UdH0}$3s6;%`k@^sVFx9l5a{$CXyt5FH4Xu-elJw$mgK~c
zbnrxJYa1#5Htk!}M%vy;Ucq0a?=q#WXUXorRa%1V-;uW%X$^Yts-N(Jy9Xn!NA?4x
zrKnjF(f~B^Z1;PIFscr!-2{!l7il~8+eKy1pZ<HoVxwxMAn7sf`XDUr>?G|wTZ^7Y
z+MOi3F<o{=ytMm#*~Lg%$bN*p_nk(3{InxNUn4C-(K+b*7f=Ey3DoyoG+_)H+!1LO
z(rl#3=n{t)c;OJ||K7l6ya@n@K4e>=$KtumMd>0|Z-kYL3Nbl*AwPn4%>@sLA`=5+
zo$MZ&3@`l|$N?2VD2N_@720OPs%K&PFc^C`OwWYR$3edvk+}|<o{Z9x2}EOD@p}WK
z_ogHw?LgXs>Ly~NuR9g54LUd(>FWlvTh5n#-$)Cwnve81w0s<@lY;aGvacgM4QVE}
zbr|V-^u&oyJJLaM@#wS;=+)=2%13uykANSK6%j`h1#<F>{H)AYXZe!$tX-K!`?yT@
z6<<s7ifNEg4B;G1qqeYqHH08P3TOTqa^3+p0i|F(cry#uM<L}ksFw*h)`y7~`?+R3
zEM5mD#f4s=mVdqvc<lGmfV08b^WOJsO8MtnZEb0{zHX$Q8CH9`*jMgE(G^&&NA_)O
z?km`v&q11x)pV?#g!CL%lTdmxcHO<$#gDtJ@cOFQo}g+ju~D;B?9w~1v9ajxGq6>H
zPD=uYQXd`qO{x9S>;*D_T^na3Eaua7=$h*>2fu=e3*g>Sz*cBJ0EYL6oBE*A2qrE8
zw9n-QihwDFPq)LS_t2CQj7fo>ZNLjc<7&{c4z$UDP$HrTM{WY(!RYyD)CXlWJPF+G
z`!!n`3;@vd`(f~<aMRsr$x6)93Gn7(xb8Vv_ad~e15*~lHNB8ZG35JdAMq;$0cbZC
zLbcF4*J2u`yWfeq!;63|bxzXYcG(D`7Q%_JKMy)Qi``jBz`%6DmA{4wN6Ucamv^V*
zD^I#o$dXT>dnaeNTQ)<JLg0AkX|x;64!1PrfhloPj3q)K2?Ak=9du4fo+Hx8k)di%
zV>kpH)*R2h(^?25p)>yii+5lQJTJJVvH+2}?|cpvBTAurS6H~z&DyB8s|CG0)j3KN
z^xc-{qkU<PQNb{nV&EWzEGXuPHr8pvkMUrt{8V_;;R2j-_XaH3T+GMA;FJuk93XmL
zr7*x4CKg9w${R3s3ZlRj%x=5aEer!om%*G_uxmB?c01UZFU2URoT?K;c)sF#KpZ@~
z3~Dzkt30Z#;ur$?@k@e$z}pXhzlK0+92l5aDcfO*AAzr?XVJM;JrwyX4DJNyJ_V^U
zNK1opS3>Gd5EbN)hgd0ujZdU4clgPzu}&<jHb7CjyQYwT-8$8muSq84P$5|e#++#_
zABdVx#{ka)w^artb~3Q^i$~Dq&ttyd2eH?n`#rF9D-=zDghY6M1?t@zBj1S~CfxW^
zB!-MIctA3o_%JN|E2IZNhrk>{l)5NzIC`kmWs=4NJfs-LB*2AlqxW`Te0{MM4vPm2
zpIUKh>@8Ti8ag*a!~q2uJVXpb2&n{&FtW%9l#4MN(T>`fhAmL+AcO)K&qJYyKwo0W
zMk>LWQbYt4!BC2f2Q$9HoDoFzlQ2Ym6A~t;2-TR4!8ya{D;gEXin9Q(#vtf?9C$?z
z;iVK5#mEDS!FaxeEk+*3gn(4c`uQ+;I)vge1mW%Vm{2^1s-U355d5wKQ+AHWtlAA(
zKlpP-fl`c0Agv0fT`~aIRt7ANAE0*Sl|s@G$cqA1!A6~fGg05><wBhCl~cw!yWY*<
z+ZFKqQulrNF2B3NZ?!PxS}#nw){9F!z>SOj(0a(vFG}5N&QGU&zd^+^ATB_sFf?4;
z2^B@5#;x%DLI|XQ3HyXwCn*zzmD?O4#sFcL>n{g$YKCK2%!5e8N!5h?dw!BWgq<5X
z=>$lw2CuFJ0|uYr6vKd8Ww3as3THs6<@FDGLyzW|?>oB}-|`03z8NMjapB7xuJi?9
z^b(*tDByB}`MG|rvBXLDtj6y9oR5JNKjf7=OxV|gcxX`rKH1|Fe%LWapj}*<e><@v
zQDK0`hPJ24>0QyspJIA`<pe8uF1whkhQ2}a&^O?WM$o$@{FsZn9fzUBX+drt^!?1`
zHANm~;zzLcfP?$`-;QGI-Tr_)9|BB)1Dl{mB4qD_C0pQceOxJ$7>1ZjkW2s)3>1rI
z6}cn4xl;qA8QAIPxoB=+=Fg%_Z(L$hayS6$4W#j|))x+x!CU3BfpRT2VKiqPcFP>>
zC*x83Otj`%r1w$1G<0_+(s{`C!0I%lQ;<CgsVmBGJH{Eug3wO54z3ZnhQ@}#(`U6q
z`T#rcMi<qMq1}I&=ZWdVkzR8!S8576JB02^EF*pm&>Gh`83IO?V}`97L|;!r`UH&`
zg5p5B0C|pZtFB0$k?nwVB5Dyvz-vcK{GSK(J5fdZACcXEy>>1=Rqwr&q#=EgKE>+Y
zvIS=Rhk3f3+zM$KF)hTlX@VVA1+A}7%zu8$zj<~~dNrgiu8Sl(?{G{(lbT|6Dzcri
z>VUQFkUbu&<FR#}cFjC0>f4@BU(%=cj$3=!8?S1wEzA2$dpk-yk=9_fhFE4Aa_;J%
z`<1E*f!2v}NZ&Z*_ktd1Od|IEI%SgY4-gCnf&ec(Hz3~MNA?580Q&lMtd=9KMi+EJ
zz&*fjKt)dCRwp3a8rhaeEgirLj6WJDxGxYeto>%KS+HP@zTNZ!upAWB?yt6+2gmF;
zS)UWkJwz@r0l31CEPa6EfNDU^L&Xd`xZF9hv9q8!3wEVo?%v1#ngQDHx9kFfo@YH^
z{Qunc=Jf;mw~p`9Hh~6dB@o-L`gID8=Rs*6dhbgN@Hnszm~;D9G^wE<Hp?Zx#qPB2
zH*fa*^YK7QYHEUp-Oyck-f^<JcBmo0Pov)j-AE{lse!;iK;xgeMwbmdRds47>#<QM
zE4rtrXV;(upSmUn3||9d|H(T)9`vV^B)u9txMQSM$#ALkGHGWAX#>(W)VnM4nO#O_
z{UA~+q!vico%FwNSf*Wlj)fC!8we5tE(Hevo8%&vpYwL4>q#y2-a8|#G+FDGT`ukH
zBW+8v+J#Pa)u3~KQD?82oRN?al9Uyzo1SECWV~b_)T8%xR_?kU(x$rFkwp|xa)PU_
z`;Wc?KH)8pZSI)ym((%_q*P9yOu*a#=+4{w=$WU7Ncx-3>Df}T{E<@O#dg}bG^Hkz
z>oc&<&!4Z6mQ*h#xvFMPzsZ|2>1r!Y)4uHws8_eTl5UZ_(`-g9BNO29pTqNj)B>yK
zKQW+B)nf~vmmg`kUfe5yfj~$9dVT+#cUG^q`s#}()UR)AD?Mx9fAb6h8;)S^CjqrR
zp@C+-a-#-a(oqfSCF#a1Td7uBoNztHKi|a;4<Ba0VGU@BjFbK|$CB_=AU7>FNyBdJ
zr6HG{r1Q^dsTNJD35XcuN>#=%+24hIos<}_F^`_DBW+hHpJ3s-MPCM<@VB)8%9fu$
zA%xV@F+i=*d$r5d|M+7n`ffd104%wD;7O9kNwJ%y$f<Vo2PnZM9ru>IeW;&2T@#Ft
zi>pBE+b}8xsTJ01j#VqvI)n^tt%#Q$R=sV{KG4u=TY~IoNFSi+>n@>5j;DJi7H4V!
zvdyq+f%RITwe`!Se|AN_cw~b*E)lY`kR~EMft}ckQea;tGGO{uiB9cfzVsUfP!M)h
zXkjE6poVAJzwbGyUE+}7*a67fhgWkR!Kwi=N-TRSnD{opTDACTWB=4%yb-wsffjz{
zv0`9x&vF3RGIchv7qk`3cBs1B2S{9Pr^3dGi5Ot*+6KOJHL$)2jmRY!h6j$6_@f<{
z09w}_t5e<P<N5@mKV_g5m2glMD4bLKC(mEdq|EN;9!s$INX7&}nE|&oO)_YGJ>*yY
zPN;zQodM{By3XsXB|6x+jQG!wG0u6!PNWua0j_Io{545P%}@jLi=5s3w&|f|fOueb
z;{eKT>=GTdLd)uv5x<Z>(75M}IHcA@AE{o372Myw%0J}f|LQL-hH`(m>ljaUU`z-!
zF7+p=s}*`Mr3^<H{YN6c?C&gbpiK>tTH)Q7f>NDEd<F~&hN=H%I=@Jc-l|Jnd_3vE
zAmH;l0rbDsk(y(5oFjg9eM-|D;dyZ`68zzY0nix)fJLW;(SasN#}VD#82dmq)G>$>
z4S4|<uQvi41F$2>kk>wl9;k-CYlu}VVrt_Uurvd;_Pavj4EG&tiB*ih28*FRVsiU1
z9j{G-8)`y0j1ac0KzjIYSN0CzVX$arF=k>8%qf9vksC7Hmn>d9=*ld=suSe*V8B1V
z$dD;96c|zq8Z?cEj3CqrLZX3ELAHgx9{do6O`gL7ftewg5rfqgX|t6*s`zEACO&kQ
m>Ps`*H;Jt{f+H2ZkpBbYv&3vo9)ha?0000<MNUMnLSTZUh8n;C
literal 0
HcmV?d00001
--
GitLab
From 3ff9f2eb3e225f8d4caa8660523eb50365d2a3c9 Mon Sep 17 00:00:00 2001
From: Tiago Teresa Teodosio <tiago.teodosio@co.sapo.pt>
Date: Wed, 19 Sep 2012 16:51:59 +0100
Subject: [PATCH 10/23] It turns out that the Shibboleth logo is not
appropriate for this.
The authentication method is SAML and Shibboleth is an implementation that uses SAML.
---
.../assets/images/authbuttons/shibboleth_32.png | Bin 1832 -> 0 bytes
.../assets/images/authbuttons/shibboleth_64.png | Bin 5332 -> 0 bytes
2 files changed, 0 insertions(+), 0 deletions(-)
delete mode 100644 vendor/assets/images/authbuttons/shibboleth_32.png
delete mode 100644 vendor/assets/images/authbuttons/shibboleth_64.png
diff --git a/vendor/assets/images/authbuttons/shibboleth_32.png b/vendor/assets/images/authbuttons/shibboleth_32.png
deleted file mode 100644
index e27b497e9600910a7df3a9a8b65c67e76df19ecd..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 1832
zcmV+@2iN$CP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800001b5ch_0Itp)
z=>Px#24YJ`L;(K){{a7>y{D4^000SaNLh0L04^8+04^8-Dyk<S00007bV*G`2iyr0
z4i5^8M>H=000yW@L_t(o!>yNjP}SEJ$3OSI$KnGQL`2buRs-U$v09RG!&EdGjoYX(
ziA&-VHICbmMx&XmI*m(eh>c^lk+|#F(xKIws);RCGsYOyO2l>$P%7$!3JOmi+;9JQ
zn9{iLh&liK?(d#+?>YCJd(Qb@czALH&+=oF)9DBfP;_Q;a`%h?<XYTo(se)S>S|lr
zt!u2jUhii)7mB_F3=j#lbvFoZSyf$CR#|C>Oda23Vf#lst^)^10uF!YmWBqWf+)LL
z2{6$Zo|ky4zK+--9nf2EKBw~1&63iUwrafg@0+iGUtXhDZMx>~TZLB6#Ewfs_wnV<
zWlM(&X!AoN5tFj$8A*S)&6_t>spnU!(#J~QGsBja=2+>f(spgPU#FsZL)l+zT`UkD
z-;N@cHWqNPUAyR`_0nw2cf)A|`p4_+nRo1^+-3G!{t~-k{Rq2b>nOYCqha<^$zuEZ
zPy`&QkzW?yp_z6qMLLQ4#JTO|f_VZK-&0Qjw){rgHLd*WS=_;vTfTDEuHUM0)8b9W
zi<u-ggK~o|mSbMcY;oks(d7d!O?Z(r6>zvA>^q3U8ez(-1JZRjO?v(@$@i|cH{O=L
zHdiVbt-@~y*<Nm>6r@+s@n^6D1}9o6O|xGLwO!g{tM?+$hv@0#Zd#o3a}PjRXg#u^
zhLT5)jE9meD9uKWa10exU(IGnb08P;%V0^=5WYx{H&X{rreAx^{1`ND79^#h1<#!`
zPfj}B9pIL?{tkFwzFGR_V3M_YL#-_wYi$-*-(m-W)i7+l%W0*@?3@wU<(;ry6R}$t
zW3>Z2wif~hKS+V24g<QOOfKXVW13tyrsR-8Z4G7c#4DH)`!Vz1t2SIXN$GJ+*TI;G
zW0=gnusR=e6|Mk>9;P6Eb*pfIbg8Y~mx^@KDSIM9_AgkSL&<%RPNVa`#&&6i-du=0
zFQL@Y*!Wfmh^tFMT^{hdn;v1q^6P{~_lAl_n5LaE6|iL!y!8Tb23Bl_5v?J6J8UV1
z<^$mTHTW?M$o3v}GHFRP;WxgLFWhR~`b<#`y<<_|V1x%bF2fmv8oJTf7g5A{@V<*C
z^dJMc;&2dhznrftHy34XW7U?uXvJL2x-BsM1#o*1MHq_V^FnYnL;W7bPyyTmgeb!h
zg0in*I;{nlA*@Q2*VllE$w?G%UWRslj+rn8)~|%AeNl)HBMYVy@FDpymp#y;C%8Pw
zmSN0IWQ4hL8(OZWxTcx?f2XMH4rJvr#(Id(&x09nz`Q~5#}n|=7>v9%C%6qJ1e1Ce
z2KM&<V==~HxB=ll)F24=!2<GtZ|Yl$TleZf!O8a#KHwT4zzbAD-eIWx8MFoF7s9%+
zKnZXYGP2<Dn-J*$f-q(ydH6*GyM&AS18}J<4_eK@a07$<vG(4^$c2f01T!lQzAVB-
zgkuQ75DElihWErwKa9Z(l%OGz#MUbdR{s@%w46B*RR(4Tp2=x&Bp37EVPqoV55>?j
z!jH>VZ34O@8Uc-gC@8)OQ~)KIzF`3LysyH=zZiLE*sJEdG-nNJ<RTAfQj3?mdlCA_
za%^jVKm_~}*w`uxjZ30B<8ADi!KmU%te(KCFIw#{PQxD<@Rw%}*P)Dwx_qLSioQT^
zOu8HC3`-=p>~ClRC@~ZdIKykPS03MvuKpeYxxb4;>WNin>^qSNNPdw1fn!D|o}V&#
zpwiQy)|eqCA9x+;(Wg&`jiDhS$Ht9nU!fZ)+E5+qWOvQFHsi-9Dt*UD6`blVT|`O#
zMno`3U9gHn3z{IHU7&rSQLXWxHf@-#)2Ba>eABh(V}}~RoLc-(KK*2#q;1-^p}$V-
zj}kDchIdLGkrGgx^M1JTZhGqR#JJyfii<e_j*n_!`q@GK6O{VFFx`RJ5n<oSHv>K$
z*uP_On;3UCu%gyp$CQBdC<6W*a2pH>aUYO(qEysSUD{x4rh5QEfvk5q{Uv6U8z}+%
zn&18X>h<Dzbpq0d*z%VVu(Dp|%TIH!`~+G5>Ce?041@<!pb4lr0Rbrh4FYekahsx$
zI-?kW>|H+ukVFF8fW5n#BVhLT1yY*abKPsZTlkf?bs-=c@b~10pc#8wpjnOa0t<le
zW85HM;goQE>WDI1qagUFKNBDD{s`!K<bXo|HH>~XjL)Vtrkj8)A2=;kIiOPz3~vZ&
z|ADn0uAi!6F0ixC2T;ISVc_=vvN#Hu8RsG)#z}jx#pd|<S25%On}LEmn7^uyeg6xT
WiS^{A-fsv10000<MNUMnLSTXdYHA(;
diff --git a/vendor/assets/images/authbuttons/shibboleth_64.png b/vendor/assets/images/authbuttons/shibboleth_64.png
deleted file mode 100644
index 60c22751f85b0d02b596206b98ecc016a893d3e5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 5332
zcmV;_6f5hAP)<h;3K|Lk000e1NJLTq002M$002M;1^@s6s%dfF00001b5ch_0Itp)
z=>Px#24YJ`L;(K){{a7>y{D4^000SaNLh0L04^8+04^8-Dyk<S00007bV*G`2iyr0
z4h$>o19!3j02EY7L_t(|+U1*fbX8T_#((>k1kxa(g-}8VK>=wZDx#o*VgYdk6|7kJ
ztcVUOx@_ntq9{6`$bf)?iVbNF79x&_N)c%a(xn*)>EY(yv!CyeeTW&If<mIRzP;92
z=iYPA*=N7~-Ou}8_+yN^KtKK;kDfq*|JnSvEIM!u=bDy~7%!kc5d3c-z6Q|rXV-#2
zsNC_N2q}|v%^FFXHT^mPw;uy7NCz%I(wjrS@g;e{eqamm4lpki3Vsudd4;}a1c6k4
zF&VyOYXC_=1jqtD_UGz*UhhoWHOd8Of0!pg_HS5MOW<3eS7m6y@;6?))82nyf3<9p
zA>f}LRjP!QQMbC9HmR+Xx-`+by^mK?QoMk7{dvC4Um35JZ-xZS0xkiT|AzHkRqnlM
zmBD~}F7Dq^(h|FN)svFu+vuS=wzTARTbMV^dXX7cdP6FDLD|JGN_tsd(L_lzCB0^A
z*9-`_Yt)rU8?nn@MnLXqZ4vOruUyNdMh$E0nX#98z&DlU2dV&)-qM1(Bh{*9x@}Ou
zx`thUhP=o$$xczu-f<dyLl5<KQn5=u9<D|6uhHm-hib-*skTGMu4-EkTlgXRZVGnB
zJt*=K0+t-f0uqu<5csZF_r{VQ_u@jRLH(2#z8O|ZG?{<Rm8VHsXr*`U!2^@kt!py@
zQgo^mnILJZKKgv5q!;bOqt4W;GhdZdB59ALm{xzYO!4ta+A#yG57DwG5b)FyIL|Wy
zJv^eSq}F!ytziMvfuX?qN>PEt#P|e2Go}uc^sa2l1W9iT&@*HDNp_-a!B|PpYWAyx
z?2PFTOIjiuo97>MC4H!ETjwYv0jtH>2l^x6lwVM7NCYPOU*D=(9c`G4v;(_!9u`p3
zCbbLtUD!#$&6N_%i;5z}p-}LY!B<aUK)*-W^<zX(#HMu*DJ3~9Yy_iH;YFA{brn|(
z&J?V`1h>cpH_HUK0&A7oXg39=0Vu?q`#A+2GFby8mXr4R5{1B7iE%`p8&3c1Pf@F6
zh^~UheKC(bc%HuB{B**SC2Of&EAg!(rQulF$+Y_QQ-{<@O`t|vA|GXq0E$pvAtp||
zH0evc(0-*=uVOx1x{sWkT!O(E@4R0?_wEgu@zRMj$(XIp<E&|LGkIQ+YKLO91U3S1
zpLSa7e)Tfb)hOp<^Y|@5K2QYfw?mtUVAe~gXyA1j=F0vbG5wvKPk<hkoe?VghbOEw
zO`F$@RAKfbvIifOaz{z|_vqc3m+0;hsdmrKE-K3FCh2UQ(yN9hUx>2rN1bb-^dzjt
zV!d&wO%0+zJz)Qc;pa>G$OEKjkVYbnKv!hCkoWb1fRq!m^TuO=!ba&P#h4@4>|>G6
z-q5a1IyLK6H_HEkMh&Wv7#GD5fmjJd3b=4k1}nczFq<})kdTr{oyJQT5;(xMU7%V7
zz8nr&gD~V^0uk7F0DvEsWQ|UJ@~P_>cIyLy$xVO-aNUbw#zOMRpf%90p=HJF7=3TW
z7{l&udzB)g$~1v*r%oE!@~WXHLvA(-CO|9?V@r@N!PqD^T1=o$fXgn<;+vfXWb7$o
z(NIu67y}ZRAP^5-CZOHbYMRa8J*D`nd1k}PuW8+J3O%YoRsbF!0(TC8a1bbg*XF^X
z2_e?685`}=^{z-^Q8d}7OO?TZnn1Q9kBX84@T^g=3V4MO&4X|%lx)J-QoKV23fA>Z
zsM;4~UnQymCQ#<#$ty+Gr(w?R+ll#eheKoo2eLPF+;KDcaT}!6MfnRbY;*Qc1TLNg
zStaQl*mbMMJ~YSN_23s*120#m{omECb3I9;tzDmLm2<DOsj=+NKC(YtB>VmGvfFyf
zZs{m*b91|NMuLJMU5)HOcW5ArUFH&{`|j;4=>_S~|7i8!Pf=O|(k66f7xYq3tnP5n
zj&JYmf8@<!DVAy1%|+!hz+Yw7p`&ELMdzK939({hYF{M9@-e{_H?3CyfkcSz0`Erx
zfgBDTgk*q1FcDuzt3aPc(5YKf9vyu;<SgRdxnFYU&>uK30cMSa=4;`i<KfoH@LU0$
z*$r|&fz-^XR?paO+F#9Hpsl|qTbUZ5rHe0>^t4tl>}hSmC~NmzExYe(tCC69epg>w
zAFy@}imk$KdfO!|-q~1tCRV-B>XY5Il08GM_kBBSx1w5LH5B_|6GR-gS^!n6j=k?X
zZ0TI2EUex_<1a<Phet!e(P%(pfDSE;_;IFLwjx5Krf-<4UWjm9z$lsvDn&7Ch=GYh
zvz8dbFm4m(&IZl{UAY2t#h)^$Qe`ge-D?(o1{q*7UV`2Opm-6cP8-Od0PM%G4BlIX
zxoCmYAOjo4?=#K^r2I=|HzaHQCr#|>?T~gM`wh}sq*cg%f%Fy9GOSjjmq$7Kozwtr
zZS6kW4M<;M^$qIR6Ln8UdH0}$3s6;%`k@^sVFx9l5a{$CXyt5FH4Xu-elJw$mgK~c
zbnrxJYa1#5Htk!}M%vy;Ucq0a?=q#WXUXorRa%1V-;uW%X$^Yts-N(Jy9Xn!NA?4x
zrKnjF(f~B^Z1;PIFscr!-2{!l7il~8+eKy1pZ<HoVxwxMAn7sf`XDUr>?G|wTZ^7Y
z+MOi3F<o{=ytMm#*~Lg%$bN*p_nk(3{InxNUn4C-(K+b*7f=Ey3DoyoG+_)H+!1LO
z(rl#3=n{t)c;OJ||K7l6ya@n@K4e>=$KtumMd>0|Z-kYL3Nbl*AwPn4%>@sLA`=5+
zo$MZ&3@`l|$N?2VD2N_@720OPs%K&PFc^C`OwWYR$3edvk+}|<o{Z9x2}EOD@p}WK
z_ogHw?LgXs>Ly~NuR9g54LUd(>FWlvTh5n#-$)Cwnve81w0s<@lY;aGvacgM4QVE}
zbr|V-^u&oyJJLaM@#wS;=+)=2%13uykANSK6%j`h1#<F>{H)AYXZe!$tX-K!`?yT@
z6<<s7ifNEg4B;G1qqeYqHH08P3TOTqa^3+p0i|F(cry#uM<L}ksFw*h)`y7~`?+R3
zEM5mD#f4s=mVdqvc<lGmfV08b^WOJsO8MtnZEb0{zHX$Q8CH9`*jMgE(G^&&NA_)O
z?km`v&q11x)pV?#g!CL%lTdmxcHO<$#gDtJ@cOFQo}g+ju~D;B?9w~1v9ajxGq6>H
zPD=uYQXd`qO{x9S>;*D_T^na3Eaua7=$h*>2fu=e3*g>Sz*cBJ0EYL6oBE*A2qrE8
zw9n-QihwDFPq)LS_t2CQj7fo>ZNLjc<7&{c4z$UDP$HrTM{WY(!RYyD)CXlWJPF+G
z`!!n`3;@vd`(f~<aMRsr$x6)93Gn7(xb8Vv_ad~e15*~lHNB8ZG35JdAMq;$0cbZC
zLbcF4*J2u`yWfeq!;63|bxzXYcG(D`7Q%_JKMy)Qi``jBz`%6DmA{4wN6Ucamv^V*
zD^I#o$dXT>dnaeNTQ)<JLg0AkX|x;64!1PrfhloPj3q)K2?Ak=9du4fo+Hx8k)di%
zV>kpH)*R2h(^?25p)>yii+5lQJTJJVvH+2}?|cpvBTAurS6H~z&DyB8s|CG0)j3KN
z^xc-{qkU<PQNb{nV&EWzEGXuPHr8pvkMUrt{8V_;;R2j-_XaH3T+GMA;FJuk93XmL
zr7*x4CKg9w${R3s3ZlRj%x=5aEer!om%*G_uxmB?c01UZFU2URoT?K;c)sF#KpZ@~
z3~Dzkt30Z#;ur$?@k@e$z}pXhzlK0+92l5aDcfO*AAzr?XVJM;JrwyX4DJNyJ_V^U
zNK1opS3>Gd5EbN)hgd0ujZdU4clgPzu}&<jHb7CjyQYwT-8$8muSq84P$5|e#++#_
zABdVx#{ka)w^artb~3Q^i$~Dq&ttyd2eH?n`#rF9D-=zDghY6M1?t@zBj1S~CfxW^
zB!-MIctA3o_%JN|E2IZNhrk>{l)5NzIC`kmWs=4NJfs-LB*2AlqxW`Te0{MM4vPm2
zpIUKh>@8Ti8ag*a!~q2uJVXpb2&n{&FtW%9l#4MN(T>`fhAmL+AcO)K&qJYyKwo0W
zMk>LWQbYt4!BC2f2Q$9HoDoFzlQ2Ym6A~t;2-TR4!8ya{D;gEXin9Q(#vtf?9C$?z
z;iVK5#mEDS!FaxeEk+*3gn(4c`uQ+;I)vge1mW%Vm{2^1s-U355d5wKQ+AHWtlAA(
zKlpP-fl`c0Agv0fT`~aIRt7ANAE0*Sl|s@G$cqA1!A6~fGg05><wBhCl~cw!yWY*<
z+ZFKqQulrNF2B3NZ?!PxS}#nw){9F!z>SOj(0a(vFG}5N&QGU&zd^+^ATB_sFf?4;
z2^B@5#;x%DLI|XQ3HyXwCn*zzmD?O4#sFcL>n{g$YKCK2%!5e8N!5h?dw!BWgq<5X
z=>$lw2CuFJ0|uYr6vKd8Ww3as3THs6<@FDGLyzW|?>oB}-|`03z8NMjapB7xuJi?9
z^b(*tDByB}`MG|rvBXLDtj6y9oR5JNKjf7=OxV|gcxX`rKH1|Fe%LWapj}*<e><@v
zQDK0`hPJ24>0QyspJIA`<pe8uF1whkhQ2}a&^O?WM$o$@{FsZn9fzUBX+drt^!?1`
zHANm~;zzLcfP?$`-;QGI-Tr_)9|BB)1Dl{mB4qD_C0pQceOxJ$7>1ZjkW2s)3>1rI
z6}cn4xl;qA8QAIPxoB=+=Fg%_Z(L$hayS6$4W#j|))x+x!CU3BfpRT2VKiqPcFP>>
zC*x83Otj`%r1w$1G<0_+(s{`C!0I%lQ;<CgsVmBGJH{Eug3wO54z3ZnhQ@}#(`U6q
z`T#rcMi<qMq1}I&=ZWdVkzR8!S8576JB02^EF*pm&>Gh`83IO?V}`97L|;!r`UH&`
zg5p5B0C|pZtFB0$k?nwVB5Dyvz-vcK{GSK(J5fdZACcXEy>>1=Rqwr&q#=EgKE>+Y
zvIS=Rhk3f3+zM$KF)hTlX@VVA1+A}7%zu8$zj<~~dNrgiu8Sl(?{G{(lbT|6Dzcri
z>VUQFkUbu&<FR#}cFjC0>f4@BU(%=cj$3=!8?S1wEzA2$dpk-yk=9_fhFE4Aa_;J%
z`<1E*f!2v}NZ&Z*_ktd1Od|IEI%SgY4-gCnf&ec(Hz3~MNA?580Q&lMtd=9KMi+EJ
zz&*fjKt)dCRwp3a8rhaeEgirLj6WJDxGxYeto>%KS+HP@zTNZ!upAWB?yt6+2gmF;
zS)UWkJwz@r0l31CEPa6EfNDU^L&Xd`xZF9hv9q8!3wEVo?%v1#ngQDHx9kFfo@YH^
z{Qunc=Jf;mw~p`9Hh~6dB@o-L`gID8=Rs*6dhbgN@Hnszm~;D9G^wE<Hp?Zx#qPB2
zH*fa*^YK7QYHEUp-Oyck-f^<JcBmo0Pov)j-AE{lse!;iK;xgeMwbmdRds47>#<QM
zE4rtrXV;(upSmUn3||9d|H(T)9`vV^B)u9txMQSM$#ALkGHGWAX#>(W)VnM4nO#O_
z{UA~+q!vico%FwNSf*Wlj)fC!8we5tE(Hevo8%&vpYwL4>q#y2-a8|#G+FDGT`ukH
zBW+8v+J#Pa)u3~KQD?82oRN?al9Uyzo1SECWV~b_)T8%xR_?kU(x$rFkwp|xa)PU_
z`;Wc?KH)8pZSI)ym((%_q*P9yOu*a#=+4{w=$WU7Ncx-3>Df}T{E<@O#dg}bG^Hkz
z>oc&<&!4Z6mQ*h#xvFMPzsZ|2>1r!Y)4uHws8_eTl5UZ_(`-g9BNO29pTqNj)B>yK
zKQW+B)nf~vmmg`kUfe5yfj~$9dVT+#cUG^q`s#}()UR)AD?Mx9fAb6h8;)S^CjqrR
zp@C+-a-#-a(oqfSCF#a1Td7uBoNztHKi|a;4<Ba0VGU@BjFbK|$CB_=AU7>FNyBdJ
zr6HG{r1Q^dsTNJD35XcuN>#=%+24hIos<}_F^`_DBW+hHpJ3s-MPCM<@VB)8%9fu$
zA%xV@F+i=*d$r5d|M+7n`ffd104%wD;7O9kNwJ%y$f<Vo2PnZM9ru>IeW;&2T@#Ft
zi>pBE+b}8xsTJ01j#VqvI)n^tt%#Q$R=sV{KG4u=TY~IoNFSi+>n@>5j;DJi7H4V!
zvdyq+f%RITwe`!Se|AN_cw~b*E)lY`kR~EMft}ckQea;tGGO{uiB9cfzVsUfP!M)h
zXkjE6poVAJzwbGyUE+}7*a67fhgWkR!Kwi=N-TRSnD{opTDACTWB=4%yb-wsffjz{
zv0`9x&vF3RGIchv7qk`3cBs1B2S{9Pr^3dGi5Ot*+6KOJHL$)2jmRY!h6j$6_@f<{
z09w}_t5e<P<N5@mKV_g5m2glMD4bLKC(mEdq|EN;9!s$INX7&}nE|&oO)_YGJ>*yY
zPN;zQodM{By3XsXB|6x+jQG!wG0u6!PNWua0j_Io{545P%}@jLi=5s3w&|f|fOueb
z;{eKT>=GTdLd)uv5x<Z>(75M}IHcA@AE{o372Myw%0J}f|LQL-hH`(m>ljaUU`z-!
zF7+p=s}*`Mr3^<H{YN6c?C&gbpiK>tTH)Q7f>NDEd<F~&hN=H%I=@Jc-l|Jnd_3vE
zAmH;l0rbDsk(y(5oFjg9eM-|D;dyZ`68zzY0nix)fJLW;(SasN#}VD#82dmq)G>$>
z4S4|<uQvi41F$2>kk>wl9;k-CYlu}VVrt_Uurvd;_Pavj4EG&tiB*ih28*FRVsiU1
z9j{G-8)`y0j1ac0KzjIYSN0CzVX$arF=k>8%qf9vksC7Hmn>d9=*ld=suSe*V8B1V
z$dD;96c|zq8Z?cEj3CqrLZX3ELAHgx9{do6O`gL7ftewg5rfqgX|t6*s`zEACO&kQ
m>Ps`*H;Jt{f+H2ZkpBbYv&3vo9)ha?0000<MNUMnLSTZUh8n;C
--
GitLab
From 79e3f1b88770a607ede2e8216b33288f1bb50e44 Mon Sep 17 00:00:00 2001
From: Tiago TT <tiago.teodosio@telecom.pt>
Date: Wed, 19 Sep 2012 17:46:36 +0000
Subject: [PATCH 11/23] Adding automatic Shibboleth login if Shibboleth is
enabled.
---
app/helpers/application_helper.rb | 4 ++++
app/views/devise/sessions/_new_shibboleth.html.haml | 2 ++
app/views/devise/sessions/new.html.haml | 2 ++
3 files changed, 8 insertions(+)
create mode 100644 app/views/devise/sessions/_new_shibboleth.html.haml
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 0938dc2322a..9852666a406 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -73,6 +73,10 @@ module ApplicationHelper
Devise.omniauth_providers.include?(:ldap)
end
+ def shibboleth_enable?
+ Devise.omniauth_providers.include?(:shibboleth)
+ end
+
def app_theme
Gitlab::Theme.css_class_by_id(current_user.try(:theme_id))
end
diff --git a/app/views/devise/sessions/_new_shibboleth.html.haml b/app/views/devise/sessions/_new_shibboleth.html.haml
new file mode 100644
index 00000000000..c15f4243bad
--- /dev/null
+++ b/app/views/devise/sessions/_new_shibboleth.html.haml
@@ -0,0 +1,2 @@
+:javascript
+ window.location.href="/users/auth/shibboleth";
diff --git a/app/views/devise/sessions/new.html.haml b/app/views/devise/sessions/new.html.haml
index 07ecf70b6c9..9f6e17d99f9 100644
--- a/app/views/devise/sessions/new.html.haml
+++ b/app/views/devise/sessions/new.html.haml
@@ -1,5 +1,7 @@
- if ldap_enable?
= render :partial => 'devise/sessions/new_ldap'
+- elsif shibboleth_enable?
+ = render :partial => 'devise/sessions/new_shibboleth'
- else
= form_for(resource, :as => resource_name, :url => session_path(resource_name), :html => { :class => "login-box" }) do |f|
= image_tag "login-logo.png", :width => "304", :height => "66", :class => "login-logo", :alt => "Login Logo"
--
GitLab
From 7532e584ff682baa25ac30a04e30e813b88a0efc Mon Sep 17 00:00:00 2001
From: Tiago TT <tiago.teodosio@telecom.pt>
Date: Thu, 29 Nov 2012 17:48:12 +0000
Subject: [PATCH 12/23] Hiding Omniauth and Password sections in
Profile/Account settings when omniauth.allow_single_sign_on is enabled.
If single sign on is enabled, the user has no need for password setting in GitLab.
In that same case, an Omniauth provider has already been chosen by the site administrators and must be used, thus there is no need for selecting alternative authentication providers.
---
app/views/profile/account.html.haml | 43 +++++++++++++++--------------
config/initializers/1_settings.rb | 6 ++++
2 files changed, 28 insertions(+), 21 deletions(-)
diff --git a/app/views/profile/account.html.haml b/app/views/profile/account.html.haml
index 6707a8ff443..bd2558fafc8 100644
--- a/app/views/profile/account.html.haml
+++ b/app/views/profile/account.html.haml
@@ -1,4 +1,4 @@
-- if Gitlab.config.omniauth_enabled?
+- if Gitlab.config.omniauth_enabled? and not Gitlab.config.omniauth_allow_single_sign_on?
%fieldset
%legend
%h3.page_title Social Accounts
@@ -30,26 +30,27 @@
%span You don`t have one yet. Click generate to fix it.
= f.submit 'Generate', class: "btn success btn-build-token"
-%fieldset
- %legend
- %h3.page_title Password
- = form_for @user, url: profile_password_path, method: :put do |f|
- .padded
- %p.slead After successful password update you will be redirected to login page where you should login with new password
- -if @user.errors.any?
- .alert-message.block-message.error
- %ul
- - @user.errors.full_messages.each do |msg|
- %li= msg
-
- .clearfix
- = f.label :password
- .input= f.password_field :password
- .clearfix
- = f.label :password_confirmation
- .input= f.password_field :password_confirmation
- .actions
- = f.submit 'Save', class: "btn save-btn"
+- if not Gitlab.config.omniauth_allow_single_sign_on?
+ %fieldset
+ %legend
+ %h3.page_title Password
+ = form_for @user, url: profile_password_path, method: :put do |f|
+ .padded
+ %p.slead After successful password update you will be redirected to login page where you should login with new password
+ -if @user.errors.any?
+ .alert-message.block-message.error
+ %ul
+ - @user.errors.full_messages.each do |msg|
+ %li= msg
+
+ .clearfix
+ = f.label :password
+ .input= f.password_field :password
+ .clearfix
+ = f.label :password_confirmation
+ .input= f.password_field :password_confirmation
+ .actions
+ = f.submit 'Save', class: "btn save-btn"
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 302aa4ed32e..7a247a7318c 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -128,6 +128,12 @@ class Settings < Settingslogic
false
end
+ def omniauth_allow_single_sign_on?
+ omniauth && omniauth['allow_single_sign_on']
+ rescue Settingslogic::MissingSetting
+ false
+ end
+
def omniauth_providers
(omniauth_enabled? && omniauth['providers']) || {}
end
--
GitLab
From 0510c58a7d11d53341804421845340a1c2d4d836 Mon Sep 17 00:00:00 2001
From: Tiago TT <tiago.teodosio@telecom.pt>
Date: Wed, 5 Dec 2012 19:52:44 +0000
Subject: [PATCH 13/23] Hiding GIT HTTP URL on project homepage if Shibboleth
and Single Sign On are in use.
Access to Shibboleth protected resources only make sence if you can be redirected to the login server for authentication and then redirected back to the application.
When using a GIT client to interact with a remote GIT repository, I can't think of any way to authenticate with Shibboleth.
---
app/views/projects/_clone_panel.html.haml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/app/views/projects/_clone_panel.html.haml b/app/views/projects/_clone_panel.html.haml
index 4411ff1734b..03f30d4d78a 100644
--- a/app/views/projects/_clone_panel.html.haml
+++ b/app/views/projects/_clone_panel.html.haml
@@ -4,7 +4,8 @@
.form-horizontal
.input-prepend.project_clone_holder
%button{class: "btn small active", :"data-clone" => @project.ssh_url_to_repo} SSH
- %button{class: "btn small", :"data-clone" => @project.http_url_to_repo}= Gitlab.config.web_protocol.upcase
+ - if not ( Gitlab.config.omniauth_allow_single_sign_on? and Devise.omniauth_providers.include?(:shibboleth) )
+ %button{class: "btn small", :"data-clone" => @project.http_url_to_repo}= Gitlab.config.web_protocol.upcase
= text_field_tag :project_clone, @project.url_to_repo, class: "one_click_select span5"
.span4.right
.right
--
GitLab
From d1e63c7df285740db9672ba023383c83b83fd03b Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Mon, 21 Jan 2013 14:16:48 +0200
Subject: [PATCH 14/23] Reporter cant create MR. Show user authorized projects
in Admin area
---
app/models/ability.rb | 2 +-
app/models/user.rb | 6 +++---
app/views/admin/team_members/edit.html.haml | 21 +++++----------------
app/views/admin/users/show.html.haml | 6 +++---
app/views/help/permissions.html.haml | 1 -
app/views/merge_requests/index.html.haml | 4 ++--
6 files changed, 14 insertions(+), 26 deletions(-)
diff --git a/app/models/ability.rb b/app/models/ability.rb
index c0da9396baa..9d33501fdbc 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -57,13 +57,13 @@ class Ability
def project_report_rules
project_guest_rules + [
:download_code,
- :write_merge_request,
:write_snippet
]
end
def project_dev_rules
project_report_rules + [
+ :write_merge_request,
:write_wiki,
:push_code
]
diff --git a/app/models/user.rb b/app/models/user.rb
index 7a75379e500..35a693fdb1c 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -191,9 +191,9 @@ class User < ActiveRecord::Base
namespaces: namespaces.map(&:id), user_id: self.id)
end
- # Team membership in personal projects
- def tm_in_personal_projects
- UsersProject.where(project_id: personal_projects.map(&:id), user_id: self.id)
+ # Team membership in authorized projects
+ def tm_in_authorized_projects
+ UsersProject.where(project_id: authorized_projects.map(&:id), user_id: self.id)
end
# Returns a string for use as a Gitolite user identifier
diff --git a/app/views/admin/team_members/edit.html.haml b/app/views/admin/team_members/edit.html.haml
index 431387be152..aea9bd70a79 100644
--- a/app/views/admin/team_members/edit.html.haml
+++ b/app/views/admin/team_members/edit.html.haml
@@ -1,19 +1,8 @@
-%h3
- Edit access
- %small
- = @admin_team_member.project.name
- –
- = @admin_team_member.user_name
+%p.slead
+ Edit access for
+ = link_to @admin_team_member.user_name, admin_user_path(@admin_team_member)
+ in
+ = link_to @admin_team_member.project.name_with_namespace, admin_project_path(@admin_team_member)
%hr
-%table.zebra-striped
- %tr
- %td User:
- %td= @admin_team_member.user_name
- %tr
- %td Project:
- %td= @admin_team_member.project.name
- %tr
- %td Since:
- %td= @admin_team_member.updated_at.stamp("Nov 11, 2010")
= render 'form'
diff --git a/app/views/admin/users/show.html.haml b/app/views/admin/users/show.html.haml
index db132359c7f..a3be6614136 100644
--- a/app/views/admin/users/show.html.haml
+++ b/app/views/admin/users/show.html.haml
@@ -106,8 +106,8 @@
%td= link_to group.name, admin_group_path(group)
-- if @admin_user.personal_projects.present?
- %h5 Personal Projects:
+- if @admin_user.authorized_projects.present?
+ %h5 Authorized Projects:
%br
%table.zebra-striped
@@ -118,7 +118,7 @@
%th
%th
- - @admin_user.tm_in_personal_projects.each do |tm|
+ - @admin_user.tm_in_authorized_projects.each do |tm|
- project = tm.project
%tr
%td= link_to project.name_with_namespace, admin_project_path(project)
diff --git a/app/views/help/permissions.html.haml b/app/views/help/permissions.html.haml
index c9ec701add7..b56251f35eb 100644
--- a/app/views/help/permissions.html.haml
+++ b/app/views/help/permissions.html.haml
@@ -19,7 +19,6 @@
%li Write on project wall
%li Pull project code
%li Download project
- %li Create new merge request
%li Create a code snippets
diff --git a/app/views/merge_requests/index.html.haml b/app/views/merge_requests/index.html.haml
index 43651a5ca15..61c32b533f6 100644
--- a/app/views/merge_requests/index.html.haml
+++ b/app/views/merge_requests/index.html.haml
@@ -1,4 +1,4 @@
-- if can? current_user, :write_issue, @project
+- if can? current_user, :write_merge_request, @project
= link_to new_project_merge_request_path(@project), class: "right btn primary", title: "New Merge Request" do
%i.icon-plus
New Merge Request
@@ -10,7 +10,7 @@
.row
.span3
- = render 'filter', entity: 'issue'
+ = render 'filter'
.span9
.ui-box
.title
--
GitLab
From ee43e9248ce54761e8c8df17459d5aa5911ead89 Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Mon, 21 Jan 2013 15:05:18 +0200
Subject: [PATCH 15/23] Add warning if user own projet but not in team. Also
show loading when merge MR
---
CHANGELOG | 2 +-
app/assets/javascripts/merge_requests.js.coffee | 4 ++++
app/views/layouts/project_resource.html.haml | 3 +++
app/views/shared/_not_in_team.html.haml | 2 ++
4 files changed, 10 insertions(+), 1 deletion(-)
create mode 100644 app/views/shared/_not_in_team.html.haml
diff --git a/CHANGELOG b/CHANGELOG
index afb06aa259e..2d05a51e77d 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -18,7 +18,7 @@ v 4.1.0
- added new classes Team, Repository
- Reduce amount of gitolite calls
- Ability to add user in all group projects
- - remove derecated configs
+ - remove deprecated configs
- replaced Korolev font with open font
- restyled admin/dashboard page
- restyled admin/projects page
diff --git a/app/assets/javascripts/merge_requests.js.coffee b/app/assets/javascripts/merge_requests.js.coffee
index cdc685f2c09..9c9cc6132b3 100644
--- a/app/assets/javascripts/merge_requests.js.coffee
+++ b/app/assets/javascripts/merge_requests.js.coffee
@@ -51,6 +51,10 @@ class MergeRequest
this.$('.nav-tabs').on 'click', 'li', (event) =>
this.activateTab($(event.currentTarget).data('action'))
+ this.$('.accept_merge_request').on 'click', ->
+ $('.automerge_widget.can_be_merged').hide()
+ $('.merge-in-progress').show()
+
activateTab: (action) ->
this.$('.nav-tabs li').removeClass 'active'
this.$('.tab-content').hide()
diff --git a/app/views/layouts/project_resource.html.haml b/app/views/layouts/project_resource.html.haml
index e00f96a7723..14671c5ca70 100644
--- a/app/views/layouts/project_resource.html.haml
+++ b/app/views/layouts/project_resource.html.haml
@@ -6,6 +6,9 @@
= render "layouts/head_panel", title: project_title(@project)
- if can?(current_user, :download_code, @project)
= render 'shared/no_ssh'
+
+ - unless @project.users.include?(current_user)
+ = render 'shared/not_in_team'
.container
%ul.main_menu
= nav_link(html_options: {class: "home #{project_tab_class}"}) do
diff --git a/app/views/shared/_not_in_team.html.haml b/app/views/shared/_not_in_team.html.haml
new file mode 100644
index 00000000000..0d003bde953
--- /dev/null
+++ b/app/views/shared/_not_in_team.html.haml
@@ -0,0 +1,2 @@
+%p.error_message.centered
+ You won't be able to use git over ssh until you join project on #{link_to 'team page', project_team_index_path(@project)}
--
GitLab
From e33aa2329936b38568d8621ba427373035a75a6b Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Mon, 21 Jan 2013 15:51:46 +0200
Subject: [PATCH 16/23] Update docs to use 4-1-stable
---
doc/install/installation.md | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/doc/install/installation.md b/doc/install/installation.md
index 27c87ec825f..7107d84617b 100644
--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -190,10 +190,10 @@ See `doc/install/databases.md`
cd /home/gitlab/gitlab
# Checkout to stable release
- sudo -u gitlab -H git checkout 4-0-stable
+ sudo -u gitlab -H git checkout 4-1-stable
**Note:**
-You can change `4-0-stable` to `master` if you want the *bleeding edge* version, but
+You can change `4-1-stable` to `master` if you want the *bleeding edge* version, but
do so with caution!
## Configure it
@@ -267,7 +267,7 @@ used for the `email.from` setting in `config/gitlab.yml`)
Download the init script (will be /etc/init.d/gitlab):
- sudo curl --output /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/master/init.d/gitlab
+ sudo curl --output /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/4-1-stable/init.d/gitlab
sudo chmod +x /etc/init.d/gitlab
Make GitLab start on boot:
@@ -308,7 +308,7 @@ If you can't or don't want to use Nginx as your web server, have a look at the
Download an example site config:
- sudo curl --output /etc/nginx/sites-available/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/master/nginx/gitlab
+ sudo curl --output /etc/nginx/sites-available/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/4-1-stable/nginx/gitlab
sudo ln -s /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab
Make sure to edit the config file to match your setup:
--
GitLab
From 7014c8782bfabf5bc9fadb34d51a57df999fae1d Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Mon, 21 Jan 2013 15:53:00 +0200
Subject: [PATCH 17/23] Up to 4.1.0
---
VERSION | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/VERSION b/VERSION
index 87db9036a82..ee74734aa22 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-4.1.0rc1
+4.1.0
--
GitLab
From ed17a011819bfbfdf0cac1542207f391c62deb7b Mon Sep 17 00:00:00 2001
From: Riyad Preukschas <riyad@informatik.uni-bremen.de>
Date: Mon, 21 Jan 2013 17:18:00 +0100
Subject: [PATCH 18/23] Fix init script recipe url for 4.1 in check.rake
---
lib/tasks/gitlab/check.rake | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/tasks/gitlab/check.rake b/lib/tasks/gitlab/check.rake
index 826b78ec5b1..e20809cc843 100644
--- a/lib/tasks/gitlab/check.rake
+++ b/lib/tasks/gitlab/check.rake
@@ -142,7 +142,7 @@ namespace :gitlab do
return
end
- recipe_content = `curl https://raw.github.com/gitlabhq/gitlab-recipes/master/init.d/gitlab 2>/dev/null`
+ recipe_content = `curl https://raw.github.com/gitlabhq/gitlab-recipes/4-1-stable/init.d/gitlab 2>/dev/null`
script_content = File.read(script_path)
if recipe_content == script_content
--
GitLab
From 92dad42f1100a0a6e21b89112fbf0d4871baba1d Mon Sep 17 00:00:00 2001
From: Tiago Teresa Teodosio <tiago.teodosio@co.sapo.pt>
Date: Tue, 22 Jan 2013 14:38:36 +0000
Subject: [PATCH 19/23] Username from authentication provider is preferred over
first part of the email.
---
lib/gitlab/auth.rb | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index d1a7d9b9e2b..faa2ff7452e 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -7,7 +7,7 @@ module Gitlab
uid = uid.to_s.force_encoding("utf-8")
name = auth.info.name.force_encoding("utf-8")
email = auth.info.email.downcase unless auth.info.email.nil?
- username = auth.info.username
+ username = auth.info.username || email.match(/^[^@]*/)[0]
if @user = User.find_by_provider_and_extern_uid(provider, uid)
@user
@@ -33,7 +33,7 @@ module Gitlab
provider: provider,
name: name,
email: email,
- username: username, # email.match(/^[^@]*/)[0],
+ username: username,
password: password,
password_confirmation: password,
projects_limit: Gitlab.config.default_projects_limit,
--
GitLab
From 47f26a8e2ef8502a82e912f2382dee1719b2373c Mon Sep 17 00:00:00 2001
From: Tiago Teresa Teodosio <tiago.teodosio@co.sapo.pt>
Date: Tue, 22 Jan 2013 14:41:15 +0000
Subject: [PATCH 20/23] Fetching the username from a given Shibboleth variable.
---
config/gitlab.yml.example | 1 +
1 file changed, 1 insertion(+)
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index fe4d6a49369..683cb95a8af 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -101,6 +101,7 @@ omniauth:
name_field: 'HTTP_SSONAME'
info_fields:
email: 'HTTP_SSOCONTACTMAIL'
+ username: 'HTTP_SSOUNIXNAME'
debug: false
--
GitLab
From e1b2941539bca52d6edd57964c2ad5e96b84d9ae Mon Sep 17 00:00:00 2001
From: Tiago TT <tiago.teodosio@telecom.pt>
Date: Wed, 23 Jan 2013 15:59:03 +0000
Subject: [PATCH 21/23] Fixing bugs after the merge with 4.1 original release.
---
Gemfile.lock | 4 ----
app/controllers/omniauth_callbacks_controller.rb | 2 +-
app/views/shared/_clone_panel.html.haml | 2 +-
config/initializers/devise.rb | 2 +-
4 files changed, 3 insertions(+), 7 deletions(-)
diff --git a/Gemfile.lock b/Gemfile.lock
index 2031f57fcc4..4b6a6d3ad63 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -520,11 +520,7 @@ DEPENDENCIES
omniauth (~> 1.1.1)
omniauth-github
omniauth-google-oauth2
-<<<<<<< HEAD
- omniauth-ldap!
omniauth-shibboleth (~> 1.0.7)
-=======
->>>>>>> 28fd793ff15ff99011940fe927380ef3381b71c4
omniauth-twitter
pg
poltergeist!
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index 001d67b31d4..3cf3e5d277c 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -1,5 +1,5 @@
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
- Gitlab.config.omniauth_providers.each_pair do |provider,args|
+ Gitlab.config.omniauth.providers.each_pair do |provider,args|
define_method provider do
handle_omniauth
end
diff --git a/app/views/shared/_clone_panel.html.haml b/app/views/shared/_clone_panel.html.haml
index 71ee57a9ea3..c7bd790301e 100644
--- a/app/views/shared/_clone_panel.html.haml
+++ b/app/views/shared/_clone_panel.html.haml
@@ -1,6 +1,6 @@
.input-prepend.project_clone_holder
%button{class: "btn active", :"data-clone" => @project.ssh_url_to_repo} SSH
- - if not ( Gitlab.config.omniauth.allow_single_sign_on? and Devise.omniauth.providers.include?(:shibboleth) )
+ - if not ( Gitlab.config.omniauth['allow_single_sign_on'] and shibboleth_enable? )
%button{class: "btn", :"data-clone" => @project.http_url_to_repo}= Gitlab.config.gitlab.protocol.upcase
= text_field_tag :project_clone, @project.url_to_repo, class: "one_click_select input-xxlarge"
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index e8850da49e5..09858baca32 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -207,7 +207,7 @@ Devise.setup do |config|
gl = Gitlab.config
- gl.omniauth_providers.each_pair do |provider,args|
+ gl.omniauth.providers.each_pair do |provider,args|
if Array == args.class
# An Array from the configuration will be expanded.
config.omniauth provider.to_sym, *args
--
GitLab
From 3d3df54db77dadb36d63f87725856dddb91ab967 Mon Sep 17 00:00:00 2001
From: Tiago TT <tiago.teodosio@telecom.pt>
Date: Wed, 23 Jan 2013 16:20:01 +0000
Subject: [PATCH 22/23] Some more fixes to the merge from 4.1 stable.
As configuration settings changed so much, there were many places to fix things.
---
app/views/profiles/account.html.haml | 4 ++--
app/views/shared/_clone_panel.html.haml | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/app/views/profiles/account.html.haml b/app/views/profiles/account.html.haml
index 8d8f8419f22..51a55b8d5ac 100644
--- a/app/views/profiles/account.html.haml
+++ b/app/views/profiles/account.html.haml
@@ -1,4 +1,4 @@
-- if Gitlab.config.omniauth.enabled? and not Gitlab.config.omniauth.allow_single_sign_on?
+- if Gitlab.config.omniauth.enabled and not Gitlab.config.omniauth.allow_single_sign_on
%fieldset
%legend Social Accounts
.oauth_select_holder
@@ -29,7 +29,7 @@
%span You don`t have one yet. Click generate to fix it.
= f.submit 'Generate', class: "btn success btn-build-token"
-- if not Gitlab.config.omniauth.allow_single_sign_on?
+- if not Gitlab.config.omniauth.allow_single_sign_on
%fieldset
%legend Password
= form_for @user, url: update_password_profile_path, method: :put do |f|
diff --git a/app/views/shared/_clone_panel.html.haml b/app/views/shared/_clone_panel.html.haml
index c7bd790301e..5a92889254e 100644
--- a/app/views/shared/_clone_panel.html.haml
+++ b/app/views/shared/_clone_panel.html.haml
@@ -1,6 +1,6 @@
.input-prepend.project_clone_holder
%button{class: "btn active", :"data-clone" => @project.ssh_url_to_repo} SSH
- - if not ( Gitlab.config.omniauth['allow_single_sign_on'] and shibboleth_enable? )
+ - if not ( Gitlab.config.omniauth.allow_single_sign_on and shibboleth_enable? )
%button{class: "btn", :"data-clone" => @project.http_url_to_repo}= Gitlab.config.gitlab.protocol.upcase
= text_field_tag :project_clone, @project.url_to_repo, class: "one_click_select input-xxlarge"
--
GitLab
From 4d15e5ccd191dbcc213182dc1d11d8335bfd5473 Mon Sep 17 00:00:00 2001
From: Tiago TT <tiago.teodosio@telecom.pt>
Date: Thu, 24 Jan 2013 12:07:47 +0000
Subject: [PATCH 23/23] Fixing another bug introduced in the merge.
It was related to the changes in the configuration file.
---
lib/gitlab/auth.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index faa2ff7452e..818f19c4212 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -36,7 +36,7 @@ module Gitlab
username: username,
password: password,
password_confirmation: password,
- projects_limit: Gitlab.config.default_projects_limit,
+ projects_limit: Gitlab.config.gitlab.default_projects_limit,
}, as: :admin)
if Gitlab.config.omniauth['block_auto_created_users']
--
GitLab