Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-05-12 12:08:08 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-05-12 12:08:08 +0300
commit: 71d34aac9a0fae0507c265929767422391816b01 (patch)
tree: dedb769442c9576e2f44bf3c500b013beb9604d9 /lib/gitlab/auth
parent: 90726a8ccc9df6d9b5ff4f5e1eb31d015c1db8e2 (diff)
3 files changed, 97 insertions, 44 deletions
diff --git a/lib/gitlab/auth/otp/strategies/forti_authenticator.rb b/lib/gitlab/auth/otp/strategies/forti_authenticator.rb
deleted file mode 100644
index c1433f05db2..00000000000
--- a/lib/gitlab/auth/otp/strategies/forti_authenticator.rb
+++ /dev/null
@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-module Gitlab
-  module Auth
-    module Otp
-      module Strategies
-        class FortiAuthenticator < Base
-          def validate(otp_code)
-            body = { username: user.username,
-                     token_code: otp_code }
-
-            response = Gitlab::HTTP.post(
-              auth_url,
-              headers: { 'Content-Type': 'application/json' },
-              body: body.to_json,
-              basic_auth: api_credentials)
-
-            # Successful authentication results in HTTP 200: OK
-            # https://docs.fortinet.com/document/fortiauthenticator/6.2.0/rest-api-solution-guide/704555/authentication-auth
-            response.ok? ? success : error_from_response(response)
-          rescue StandardError => ex
-            Gitlab::AppLogger.error(ex)
-            error(ex.message)
-          end
-
-          private
-
-          def auth_url
-            host = ::Gitlab.config.forti_authenticator.host
-            port = ::Gitlab.config.forti_authenticator.port
-            path = 'api/v1/auth/'
-
-            "https://#{host}:#{port}/#{path}"
-          end
-
-          def api_credentials
-            { username: ::Gitlab.config.forti_authenticator.username,
-              password: ::Gitlab.config.forti_authenticator.access_token }
-          end
-        end
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/auth/otp/strategies/forti_authenticator/manual_otp.rb b/lib/gitlab/auth/otp/strategies/forti_authenticator/manual_otp.rb
new file mode 100644
index 00000000000..9cf1b2247a7
--- /dev/null
+++ b/lib/gitlab/auth/otp/strategies/forti_authenticator/manual_otp.rb
@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Auth
+    module Otp
+      module Strategies
+        module FortiAuthenticator
+          class ManualOtp < Base
+            def validate(otp_code)
+              @otp_code = otp_code
+
+              response = Gitlab::HTTP.post(
+                auth_url,
+                headers: { 'Content-Type': 'application/json' },
+                body: body.to_json,
+                basic_auth: api_credentials)
+
+              # Successful authentication results in HTTP 200: OK
+              # Manual OTP - https://docs.fortinet.com/document/fortiauthenticator/6.2.0/rest-api-solution-guide/704555/authentication-auth
+              response.ok? ? success : error_from_response(response)
+            rescue StandardError => ex
+              Gitlab::AppLogger.error(ex)
+              error(ex.message)
+            end
+
+            private
+
+            def auth_url
+              host = ::Gitlab.config.forti_authenticator.host
+              port = ::Gitlab.config.forti_authenticator.port
+              path = 'api/v1/auth/'
+
+              "https://#{host}:#{port}/#{path}"
+            end
+
+            def body
+              { username:   user.username,
+                token_code: @otp_code }
+            end
+
+            def api_credentials
+              { username: ::Gitlab.config.forti_authenticator.username,
+                password: ::Gitlab.config.forti_authenticator.access_token }
+            end
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/auth/otp/strategies/forti_authenticator/push_otp.rb b/lib/gitlab/auth/otp/strategies/forti_authenticator/push_otp.rb
new file mode 100644
index 00000000000..03cc648f7b0
--- /dev/null
+++ b/lib/gitlab/auth/otp/strategies/forti_authenticator/push_otp.rb
@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Auth
+    module Otp
+      module Strategies
+        module FortiAuthenticator
+          class PushOtp < Base
+            def validate
+              response = Gitlab::HTTP.post(
+                auth_url,
+                headers: { 'Content-Type': 'application/json' },
+                body: body.to_json,
+                basic_auth: api_credentials)
+
+              # Successful authentication results in HTTP 200: OK
+              # Push - https://docs.fortinet.com/document/fortiauthenticator/6.2.1/rest-api-solution-guide/943094/push-authentication-pushauth
+              response.ok? ? success : error_from_response(response)
+            rescue StandardError => ex
+              Gitlab::AppLogger.error(ex)
+              error(ex.message)
+            end
+
+            private
+
+            def auth_url
+              host = ::Gitlab.config.forti_authenticator.host
+              port = ::Gitlab.config.forti_authenticator.port
+              path = 'api/v1/pushauth/'
+
+              "https://#{host}:#{port}/#{path}"
+            end
+
+            def body
+              { username: user.username }
+            end
+
+            def api_credentials
+              { username: ::Gitlab.config.forti_authenticator.username,
+                password: ::Gitlab.config.forti_authenticator.access_token }
+            end
+          end
+        end
+      end
+    end
+  end
+end
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-05-12 12:08:08 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-05-12 12:08:08 +0300
commit	71d34aac9a0fae0507c265929767422391816b01 (patch)
tree	dedb769442c9576e2f44bf3c500b013beb9604d9 /lib/gitlab/auth
parent	90726a8ccc9df6d9b5ff4f5e1eb31d015c1db8e2 (diff)