diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-05-12 12:08:08 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-05-12 12:08:08 +0300 |
commit | 71d34aac9a0fae0507c265929767422391816b01 (patch) | |
tree | dedb769442c9576e2f44bf3c500b013beb9604d9 /lib/gitlab/auth | |
parent | 90726a8ccc9df6d9b5ff4f5e1eb31d015c1db8e2 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/auth')
3 files changed, 97 insertions, 44 deletions
diff --git a/lib/gitlab/auth/otp/strategies/forti_authenticator.rb b/lib/gitlab/auth/otp/strategies/forti_authenticator.rb deleted file mode 100644 index c1433f05db2..00000000000 --- a/lib/gitlab/auth/otp/strategies/forti_authenticator.rb +++ /dev/null @@ -1,44 +0,0 @@ -# frozen_string_literal: true - -module Gitlab - module Auth - module Otp - module Strategies - class FortiAuthenticator < Base - def validate(otp_code) - body = { username: user.username, - token_code: otp_code } - - response = Gitlab::HTTP.post( - auth_url, - headers: { 'Content-Type': 'application/json' }, - body: body.to_json, - basic_auth: api_credentials) - - # Successful authentication results in HTTP 200: OK - # https://docs.fortinet.com/document/fortiauthenticator/6.2.0/rest-api-solution-guide/704555/authentication-auth - response.ok? ? success : error_from_response(response) - rescue StandardError => ex - Gitlab::AppLogger.error(ex) - error(ex.message) - end - - private - - def auth_url - host = ::Gitlab.config.forti_authenticator.host - port = ::Gitlab.config.forti_authenticator.port - path = 'api/v1/auth/' - - "https://#{host}:#{port}/#{path}" - end - - def api_credentials - { username: ::Gitlab.config.forti_authenticator.username, - password: ::Gitlab.config.forti_authenticator.access_token } - end - end - end - end - end -end diff --git a/lib/gitlab/auth/otp/strategies/forti_authenticator/manual_otp.rb b/lib/gitlab/auth/otp/strategies/forti_authenticator/manual_otp.rb new file mode 100644 index 00000000000..9cf1b2247a7 --- /dev/null +++ b/lib/gitlab/auth/otp/strategies/forti_authenticator/manual_otp.rb @@ -0,0 +1,50 @@ +# frozen_string_literal: true + +module Gitlab + module Auth + module Otp + module Strategies + module FortiAuthenticator + class ManualOtp < Base + def validate(otp_code) + @otp_code = otp_code + + response = Gitlab::HTTP.post( + auth_url, + headers: { 'Content-Type': 'application/json' }, + body: body.to_json, + basic_auth: api_credentials) + + # Successful authentication results in HTTP 200: OK + # Manual OTP - https://docs.fortinet.com/document/fortiauthenticator/6.2.0/rest-api-solution-guide/704555/authentication-auth + response.ok? ? success : error_from_response(response) + rescue StandardError => ex + Gitlab::AppLogger.error(ex) + error(ex.message) + end + + private + + def auth_url + host = ::Gitlab.config.forti_authenticator.host + port = ::Gitlab.config.forti_authenticator.port + path = 'api/v1/auth/' + + "https://#{host}:#{port}/#{path}" + end + + def body + { username: user.username, + token_code: @otp_code } + end + + def api_credentials + { username: ::Gitlab.config.forti_authenticator.username, + password: ::Gitlab.config.forti_authenticator.access_token } + end + end + end + end + end + end +end diff --git a/lib/gitlab/auth/otp/strategies/forti_authenticator/push_otp.rb b/lib/gitlab/auth/otp/strategies/forti_authenticator/push_otp.rb new file mode 100644 index 00000000000..03cc648f7b0 --- /dev/null +++ b/lib/gitlab/auth/otp/strategies/forti_authenticator/push_otp.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +module Gitlab + module Auth + module Otp + module Strategies + module FortiAuthenticator + class PushOtp < Base + def validate + response = Gitlab::HTTP.post( + auth_url, + headers: { 'Content-Type': 'application/json' }, + body: body.to_json, + basic_auth: api_credentials) + + # Successful authentication results in HTTP 200: OK + # Push - https://docs.fortinet.com/document/fortiauthenticator/6.2.1/rest-api-solution-guide/943094/push-authentication-pushauth + response.ok? ? success : error_from_response(response) + rescue StandardError => ex + Gitlab::AppLogger.error(ex) + error(ex.message) + end + + private + + def auth_url + host = ::Gitlab.config.forti_authenticator.host + port = ::Gitlab.config.forti_authenticator.port + path = 'api/v1/pushauth/' + + "https://#{host}:#{port}/#{path}" + end + + def body + { username: user.username } + end + + def api_credentials + { username: ::Gitlab.config.forti_authenticator.username, + password: ::Gitlab.config.forti_authenticator.access_token } + end + end + end + end + end + end +end |