Class: OmniauthCallbacksController

Inherits:
Devise::OmniauthCallbacksController
  • Object
show all
Includes:
AuthenticatesWithTwoFactor
Defined in:
app/controllers/omniauth_callbacks_controller.rb

Instance Method Summary collapse

Methods included from AuthenticatesWithTwoFactor

#prompt_for_two_factor

Instance Method Details

#cas3Object


73
74
75
76
77
78
79
# File 'app/controllers/omniauth_callbacks_controller.rb', line 73

def cas3
  ticket = params['ticket']
  if ticket
    handle_service_ticket oauth['provider'], ticket
  end
  handle_omniauth
end

#failure_messageObject

Extend the standard message generation to accept our custom exception


13
14
15
16
17
18
19
20
# File 'app/controllers/omniauth_callbacks_controller.rb', line 13

def failure_message
  exception = env["omniauth.error"]
  error   = exception.error_reason if exception.respond_to?(:error_reason)
  error ||= exception.error        if exception.respond_to?(:error)
  error ||= exception.message      if exception.respond_to?(:message)
  error ||= env["omniauth.error.type"].to_s
  error.to_s.humanize if error
end

#ldapObject

We only find ourselves here if the authentication to LDAP was successful.


24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# File 'app/controllers/omniauth_callbacks_controller.rb', line 24

def ldap
  ldap_user = Gitlab::LDAP::User.new(oauth)
  ldap_user.save if ldap_user.changed? # will also save new users

  @user = ldap_user.gl_user
  @user.remember_me = params[:remember_me] if ldap_user.persisted?

  # Do additional LDAP checks for the user filter and EE features
  if ldap_user.allowed?
    if @user.two_factor_enabled?
      prompt_for_two_factor(@user)
    else
      log_audit_event(@user, with: :ldap)
      (@user)
    end
  else
    flash[:alert] = "Access denied for your LDAP account."
    redirect_to new_user_session_path
  end
end

#omniauth_errorObject


67
68
69
70
71
# File 'app/controllers/omniauth_callbacks_controller.rb', line 67

def omniauth_error
  @provider = params[:provider]
  @error = params[:error]
  render 'errors/omniauth_error', layout: "errors", status: 422
end

#samlObject


45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# File 'app/controllers/omniauth_callbacks_controller.rb', line 45

def saml
  if current_user
    log_audit_event(current_user, with: :saml)
    # Update SAML identity if data has changed.
    identity = current_user.identities.find_by(extern_uid: oauth['uid'], provider: :saml)
    if identity.nil?
      current_user.identities.create(extern_uid: oauth['uid'], provider: :saml)
      redirect_to , notice: 'Authentication method updated'
    else
      redirect_to (current_user)
    end
  else
    saml_user = Gitlab::Saml::User.new(oauth)
    saml_user.save if saml_user.changed?
    @user = saml_user.gl_user

    
  end
rescue Gitlab::OAuth::SignupDisabledError
  
end