BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
c16b1651
Commit
c16b1651
authored
Aug 17, 2015
by
Douwe Maan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix infinite loop when SAML was incorrectly configured.
parent
9f7c7c85
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
31 additions
and
20 deletions
+31
-20
CHANGELOG
CHANGELOG
+1
-0
auth_hash.rb
lib/gitlab/o_auth/auth_hash.rb
+30
-16
auth_hash_spec.rb
spec/lib/gitlab/o_auth/auth_hash_spec.rb
+0
-4
No files found.
CHANGELOG
View file @
c16b1651
...
...
@@ -59,6 +59,7 @@ v 7.14.0 (unreleased)
- Set max-width for README, issue and merge request description for easier read on big screens
- Update Flowdock integration to support new Flowdock API (Boyan Tabakov)
- Remove author from files view (Sven Strickroth)
- Fix infinite loop when SAML was incorrectly configured.
v 7.13.5
- Satellites reverted
...
...
lib/gitlab/o_auth/auth_hash.rb
View file @
c16b1651
...
...
@@ -9,49 +9,63 @@ module Gitlab
end
def
uid
Gitlab
::
Utils
.
force_utf8
(
auth_hash
.
uid
.
to_s
)
@uid
||=
Gitlab
::
Utils
.
force_utf8
(
auth_hash
.
uid
.
to_s
)
end
def
provider
Gitlab
::
Utils
.
force_utf8
(
auth_hash
.
provider
.
to_s
)
@provider
||=
Gitlab
::
Utils
.
force_utf8
(
auth_hash
.
provider
.
to_s
)
end
def
info
auth_hash
.
info
end
def
name
Gitlab
::
Utils
.
force_utf8
((
info
.
try
(
:name
)
||
full_name
).
to_s
)
def
get_info
(
key
)
value
=
info
.
try
(
key
)
Gitlab
::
Utils
.
force_utf8
(
value
)
if
value
value
end
def
full_
name
Gitlab
::
Utils
.
force_utf8
(
"
#{
info
.
first_name
}
#{
info
.
last_name
}
"
)
def
name
@name
||=
get_info
(
:name
)
||
"
#{
get_info
(
:first_name
)
}
#{
get_info
(
:last_name
)
}
"
end
def
username
Gitlab
::
Utils
.
force_utf8
(
(
info
.
try
(
:nickname
)
||
generate_username
).
to_s
)
@username
||=
username_and_email
[
:username
].
to_s
end
def
email
Gitlab
::
Utils
.
force_utf8
(
(
info
.
try
(
:email
)
||
generate_temporarily_email
).
downcase
)
@email
||=
username_and_email
[
:email
].
to_s
end
def
password
devise_friendly_token
=
Devise
.
friendly_token
[
0
,
8
].
downcase
@password
||=
Gitlab
::
Utils
.
force_utf8
(
devise_friendly_token
)
@password
||=
Gitlab
::
Utils
.
force_utf8
(
Devise
.
friendly_token
[
0
,
8
].
downcase
)
end
private
def
username_and_email
@username_and_email
||=
begin
username
=
get_info
(
:nickname
)
||
get_info
(
:username
)
email
=
get_info
(
:email
)
username
||=
generate_username
(
email
)
if
email
email
||=
generate_temporarily_email
(
username
)
if
username
{
username:
username
,
email:
email
}
end
end
# Get the first part of the email address (before @)
# In addtion in removes illegal characters
def
generate_username
def
generate_username
(
email
)
email
.
match
(
/^[^@]*/
)[
0
].
parameterize
end
def
generate_temporarily_email
def
generate_temporarily_email
(
username
)
"temp-email-for-oauth-
#{
username
}
@gitlab.localhost"
end
end
...
...
spec/lib/gitlab/o_auth/auth_hash_spec.rb
View file @
c16b1651
...
...
@@ -91,10 +91,6 @@ describe Gitlab::OAuth::AuthHash do
expect
(
auth_hash
.
name
.
encoding
).
to
eql
Encoding
::
UTF_8
end
it
'forces utf8 encoding on full_name'
do
expect
(
auth_hash
.
full_name
.
encoding
).
to
eql
Encoding
::
UTF_8
end
it
'forces utf8 encoding on username'
do
expect
(
auth_hash
.
username
.
encoding
).
to
eql
Encoding
::
UTF_8
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment