Class: Gitlab::LDAP::Authentication

Inherits:
Object
  • Object
show all
Defined in:
lib/gitlab/ldap/authentication.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(provider) ⇒ Authentication

Returns a new instance of Authentication


32
33
34
# File 'lib/gitlab/ldap/authentication.rb', line 32

def initialize(provider)
  @provider = provider
end

Instance Attribute Details

#ldap_userObject

Returns the value of attribute ldap_user


30
31
32
# File 'lib/gitlab/ldap/authentication.rb', line 30

def ldap_user
  @ldap_user
end

#providerObject

Returns the value of attribute provider


30
31
32
# File 'lib/gitlab/ldap/authentication.rb', line 30

def provider
  @provider
end

Class Method Details

.login(login, password) ⇒ Object


10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# File 'lib/gitlab/ldap/authentication.rb', line 10

def self.(, password)
  return unless Gitlab::LDAP::Config.enabled?
  return unless .present? && password.present?

  auth = nil
  # loop through providers until valid bind
  providers.find do |provider|
    auth = new(provider)
    auth.(, password) # true will exit the loop
  end

  # If (login, password) was invalid for all providers, the value of auth is now the last
  # Gitlab::LDAP::Authentication instance we tried.
  auth.user
end

.providersObject


26
27
28
# File 'lib/gitlab/ldap/authentication.rb', line 26

def self.providers
  Gitlab::LDAP::Config.providers
end

Instance Method Details

#adapterObject


44
45
46
# File 'lib/gitlab/ldap/authentication.rb', line 44

def adapter
  OmniAuth::LDAP::Adaptor.new(config.options.symbolize_keys)
end

#configObject


48
49
50
# File 'lib/gitlab/ldap/authentication.rb', line 48

def config
  Gitlab::LDAP::Config.new(provider)
end

#login(login, password) ⇒ Object


36
37
38
39
40
41
42
# File 'lib/gitlab/ldap/authentication.rb', line 36

def (, password)
  @ldap_user = adapter.bind_as(
    filter: user_filter(),
    size: 1,
    password: password
  )
end

#userObject


65
66
67
68
# File 'lib/gitlab/ldap/authentication.rb', line 65

def user
  return nil unless ldap_user
  Gitlab::LDAP::User.find_by_uid_and_provider(ldap_user.dn, provider)
end

#user_filter(login) ⇒ Object


52
53
54
55
56
57
58
59
60
61
62
63
# File 'lib/gitlab/ldap/authentication.rb', line 52

def user_filter()
  filter = Net::LDAP::Filter.equals(config.uid, )

  # Apply LDAP user filter if present
  if config.user_filter.present?
    filter = Net::LDAP::Filter.join(
      filter,
      Net::LDAP::Filter.construct(config.user_filter)
    )
  end
  filter
end