Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fix rubocop offences and add changelog
Add email_verified key for feature specs
Add code review remarks
Add code review remarks
Fix specs
|
|
allow_bypass_two_factor configration dose not work with saml provider
|
|
Add frozen_string_literal to spec/features
See merge request gitlab-org/gitlab-ce!31131
|
|
By not triggering the callback:
- ActiveSession lookup keys are not cleaned
- Devise also misses its hook related to session cleanup
|
|
Using the sed script from
https://gitlab.com/gitlab-org/gitlab-ce/issues/59758
|
|
Allows us to correctly set omniauth's full_host
so redirects take the port into account.
Needed when running selenium tests on a different port
|
|
Remove puts
Remove puts
|
|
|
|
Moves LDAP to its own controller with tests
Provides path forward for implementing GroupSaml
|
|
[10.3] Prevent login with disabled OAuth providers
See merge request gitlab/gitlabhq!2296
(cherry picked from commit 4936650427ffc88e6ee927aedbb2c724d24b094c)
a0f9d222 Prevents login with disabled OAuth providers
|
|
|
|
helper
Extracted `@request.env['devise.mapping'] = Devise.mappings[:user]` and `Rails.application.env_config['devise.mapping'] = Devise.mappings[:user]`
in our tests into the helper method `set_devise_mapping`
|
|
- The `migration:path-pg` build was previously failing when the Authentiq
feature spec was enabled by placing Authentiq configuration in the `test`
section of `gitlab.yml`
- The `migration:path-pg` task checks out an old revision of the
codebase (`v8.14.10`) and runs a `schema:load`. It then checks out the commit
under test, and runs `db:migrate`, to verify that migrations run without
errors.
- The problem here is that `v8.14.10` does not have the Authentiq module
installed, but is run with the `gitlab.yml` for `master`, which would contain
the `Authentiq` configuration in the `test` section.
- The solution was to use the `v8.14.10` `gitlab.yml` for the `schema:load`,
rather than the `gitlab.yml` from master.
|
|
- This is causing autoload-related errors in the `migration:path` builds. We
need to find a better way of testing this provider.
|
|
- Change double quotes to single quotes.
- Why is `OmniAuth.config.full_host` being reassigned in the integration test?
- Use `map` over `map!` to avoid `dup` in the `gitlab:info` rake task
- Other minor changes
|
|
- I tried to get this to work by stubbing out portions of the config within the
test. This didn't work as expected because Devise/Omniauth loaded before the
stub could run, and the stubbed config was ignored.
- I attempted to fix this by reloading Devise/Omniauth after stubbing the
config. This successfully got Devise to load the stubbed providers, but failed
while trying to access a route such as `user_gitlab_omniauth_authorize_path`.
- I spent a while trying to figure this out (even trying
`Rails.application.reload_routes!`), but nothing seemed to work.
- I settled for adding this config directly to `gitlab.yml` rather than go down
this path any further.
|
|
- Added saml, authentiq, cas3, and auth0
- Crowd seems to be a special case that will be handled separately.
|
|
|
|
- There was previously a test for `saml` login in `login_spec`, but this didn't
seem to be passing. A lot of things didn't seem right here, and I suspect that
this test hasn't been running. I'll investigate this further.
- It took almost a whole working day to figure out this line:
OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(request['REQUEST_PATH'], '') }
As always, it's obvious in retrospect, but it took some digging to figure out
tests were failing and returning 404s during the callback phase.
- Test all OAuth providers - github, twitter, bitbucket, gitlab, google, and facebook
|