gitlab_omniauth-ldap 2.0.2 → 2.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG +2 -0
- data/lib/omniauth-ldap/version.rb +1 -1
- data/lib/omniauth/strategies/ldap.rb +5 -0
- data/spec/omniauth/strategies/ldap_spec.rb +9 -0
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ac7ceaa4ec67ee276ca4d7f8c20bc1326f31fc3f
|
|
4
|
+
data.tar.gz: 43ac5e5252e03e8780695d7a05c15aa0c2f4df0a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b772560d1bdf110ce019fddc837e0332cd9449934f20deed0bbf034c91fe683f19f1a492f258ebd86f920427c4813227669a18a05b955cd2f4c3bd4538c7665e
|
|
7
|
+
data.tar.gz: bd91d1d785dd0931e3c2602622324eec46017c9b91d30b695d6edbacb1cb920b2a8ff80855d97363b59873dee1bfe50ee152a1f25da9a86e2ebd9b17fa29c0d6
|
data/CHANGELOG
ADDED
|
@@ -40,6 +40,7 @@ module OmniAuth
|
|
|
40
40
|
def callback_phase
|
|
41
41
|
@adaptor = OmniAuth::LDAP::Adaptor.new @options
|
|
42
42
|
|
|
43
|
+
return fail!(:invalid_request_method) unless valid_request_method?
|
|
43
44
|
return fail!(:missing_credentials) if missing_credentials?
|
|
44
45
|
begin
|
|
45
46
|
@ldap_user_info = @adaptor.bind_as(:filter => filter(@adaptor), :size => 1, :password => request['password'])
|
|
@@ -96,6 +97,10 @@ module OmniAuth
|
|
|
96
97
|
|
|
97
98
|
protected
|
|
98
99
|
|
|
100
|
+
def valid_request_method?
|
|
101
|
+
request.env['REQUEST_METHOD'] == 'POST'
|
|
102
|
+
end
|
|
103
|
+
|
|
99
104
|
def missing_credentials?
|
|
100
105
|
request['username'].nil? or request['username'].empty? or request['password'].nil? or request['password'].empty?
|
|
101
106
|
end # missing_credentials?
|
|
@@ -80,6 +80,15 @@ describe "OmniAuth::Strategies::LDAP" do
|
|
|
80
80
|
last_response.headers['Location'].should =~ %r{ldap_error}
|
|
81
81
|
end
|
|
82
82
|
|
|
83
|
+
context 'wrong request method' do
|
|
84
|
+
it 'redirects to error page' do
|
|
85
|
+
get('/auth/ldap/callback', { username: 'ping', password: 'password' })
|
|
86
|
+
|
|
87
|
+
expect(last_response).to be_redirect
|
|
88
|
+
expect(last_response.headers['Location']).to match('invalid_request_method')
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
83
92
|
context "when username is not preset" do
|
|
84
93
|
it 'should redirect to error page' do
|
|
85
94
|
post('/auth/ldap/callback', {})
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: gitlab_omniauth-ldap
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ping Yu
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-07-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth
|
|
@@ -139,6 +139,7 @@ files:
|
|
|
139
139
|
- ".gitlab-ci.yml"
|
|
140
140
|
- ".rspec"
|
|
141
141
|
- ".travis.yml"
|
|
142
|
+
- CHANGELOG
|
|
142
143
|
- Gemfile
|
|
143
144
|
- Guardfile
|
|
144
145
|
- README.md
|
|
@@ -171,7 +172,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
171
172
|
version: '0'
|
|
172
173
|
requirements: []
|
|
173
174
|
rubyforge_project:
|
|
174
|
-
rubygems_version: 2.
|
|
175
|
+
rubygems_version: 2.5.1
|
|
175
176
|
signing_key:
|
|
176
177
|
specification_version: 4
|
|
177
178
|
summary: A LDAP strategy for OmniAuth.
|