diff options
Diffstat (limited to 'lib/gitlab/auth/ldap')
-rw-r--r-- | lib/gitlab/auth/ldap/auth_hash.rb | 8 | ||||
-rw-r--r-- | lib/gitlab/auth/ldap/config.rb | 8 |
2 files changed, 14 insertions, 2 deletions
diff --git a/lib/gitlab/auth/ldap/auth_hash.rb b/lib/gitlab/auth/ldap/auth_hash.rb index 5435355f136..6d1d1519fc2 100644 --- a/lib/gitlab/auth/ldap/auth_hash.rb +++ b/lib/gitlab/auth/ldap/auth_hash.rb @@ -6,6 +6,8 @@ module Gitlab module Auth module Ldap class AuthHash < Gitlab::Auth::OAuth::AuthHash + extend ::Gitlab::Utils::Override + def uid @uid ||= Gitlab::Auth::Ldap::Person.normalize_dn(super) end @@ -44,6 +46,12 @@ module Gitlab def ldap_config @ldap_config ||= Gitlab::Auth::Ldap::Config.new(self.provider) end + + # Overrding this method as LDAP allows email as the username ! + override :get_username + def get_username + username_claims.map { |claim| get_from_auth_hash_or_info(claim) }.find(&:presence) + end end end end diff --git a/lib/gitlab/auth/ldap/config.rb b/lib/gitlab/auth/ldap/config.rb index ed7caf84558..15e8cb04ea4 100644 --- a/lib/gitlab/auth/ldap/config.rb +++ b/lib/gitlab/auth/ldap/config.rb @@ -94,7 +94,7 @@ module Gitlab def omniauth_options opts = base_options.merge( base: base, - encryption: options['encryption'], + encryption: encryption, filter: omniauth_user_filter, name_proc: name_proc, disable_verify_certificates: !options['verify_certificates'], @@ -188,6 +188,10 @@ module Gitlab options['sync_name'] end + def encryption + options['encryption'] || 'plain' + end + def name_proc if allow_username_or_email_login proc { |name| name.gsub(/@.*\z/, '') } @@ -235,7 +239,7 @@ module Gitlab end def translate_method - NET_LDAP_ENCRYPTION_METHOD[options['encryption']&.to_sym] + NET_LDAP_ENCRYPTION_METHOD[encryption.to_sym] end def tls_options |