From 3a72ac775065b61bbdb285a8f4f6f152ccb4db49 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Tue, 2 Jan 2024 21:12:50 +0000 Subject: Add latest changes from gitlab-org/gitlab@master --- app/controllers/omniauth_callbacks_controller.rb | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'app/controllers/omniauth_callbacks_controller.rb') diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 907ece1a06e..0701b1ee977 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -139,9 +139,11 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController identity_linker ||= auth_module::IdentityLinker.new(current_user, oauth, session) link_identity(identity_linker) - set_remember_me(current_user) - store_idp_two_factor_status(build_auth_user(auth_module::User).bypass_two_factor?) + current_auth_user = build_auth_user(auth_module::User) + set_remember_me(current_user, current_auth_user) + + store_idp_two_factor_status(current_auth_user.bypass_two_factor?) if identity_linker.changed? redirect_identity_linked @@ -193,7 +195,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController track_event(@user, oauth['provider'], 'succeeded') Gitlab::Tracking.event(self.class.name, "#{oauth['provider']}_sso", user: @user) if new_user - set_remember_me(@user) + set_remember_me(@user, auth_user) set_session_active_since(oauth['provider']) if ::AuthHelper.saml_providers.include?(oauth['provider'].to_sym) if @user.two_factor_enabled? && !auth_user.bypass_two_factor? @@ -278,10 +280,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController .for_authentication.security_event end - def set_remember_me(user) + def set_remember_me(user, auth_user) return unless remember_me? - if user.two_factor_enabled? + if user.two_factor_enabled? && !auth_user.bypass_two_factor? params[:remember_me] = '1' else remember_me(user) -- cgit v1.2.3