gitlab_omniauth-ldap 2.0.2 → 2.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG +2 -0
- data/lib/omniauth-ldap/version.rb +1 -1
- data/lib/omniauth/strategies/ldap.rb +5 -0
- data/spec/omniauth/strategies/ldap_spec.rb +9 -0
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ac7ceaa4ec67ee276ca4d7f8c20bc1326f31fc3f
|
4
|
+
data.tar.gz: 43ac5e5252e03e8780695d7a05c15aa0c2f4df0a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b772560d1bdf110ce019fddc837e0332cd9449934f20deed0bbf034c91fe683f19f1a492f258ebd86f920427c4813227669a18a05b955cd2f4c3bd4538c7665e
|
7
|
+
data.tar.gz: bd91d1d785dd0931e3c2602622324eec46017c9b91d30b695d6edbacb1cb920b2a8ff80855d97363b59873dee1bfe50ee152a1f25da9a86e2ebd9b17fa29c0d6
|
data/CHANGELOG
ADDED
@@ -40,6 +40,7 @@ module OmniAuth
|
|
40
40
|
def callback_phase
|
41
41
|
@adaptor = OmniAuth::LDAP::Adaptor.new @options
|
42
42
|
|
43
|
+
return fail!(:invalid_request_method) unless valid_request_method?
|
43
44
|
return fail!(:missing_credentials) if missing_credentials?
|
44
45
|
begin
|
45
46
|
@ldap_user_info = @adaptor.bind_as(:filter => filter(@adaptor), :size => 1, :password => request['password'])
|
@@ -96,6 +97,10 @@ module OmniAuth
|
|
96
97
|
|
97
98
|
protected
|
98
99
|
|
100
|
+
def valid_request_method?
|
101
|
+
request.env['REQUEST_METHOD'] == 'POST'
|
102
|
+
end
|
103
|
+
|
99
104
|
def missing_credentials?
|
100
105
|
request['username'].nil? or request['username'].empty? or request['password'].nil? or request['password'].empty?
|
101
106
|
end # missing_credentials?
|
@@ -80,6 +80,15 @@ describe "OmniAuth::Strategies::LDAP" do
|
|
80
80
|
last_response.headers['Location'].should =~ %r{ldap_error}
|
81
81
|
end
|
82
82
|
|
83
|
+
context 'wrong request method' do
|
84
|
+
it 'redirects to error page' do
|
85
|
+
get('/auth/ldap/callback', { username: 'ping', password: 'password' })
|
86
|
+
|
87
|
+
expect(last_response).to be_redirect
|
88
|
+
expect(last_response.headers['Location']).to match('invalid_request_method')
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
83
92
|
context "when username is not preset" do
|
84
93
|
it 'should redirect to error page' do
|
85
94
|
post('/auth/ldap/callback', {})
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gitlab_omniauth-ldap
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ping Yu
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-07-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: omniauth
|
@@ -139,6 +139,7 @@ files:
|
|
139
139
|
- ".gitlab-ci.yml"
|
140
140
|
- ".rspec"
|
141
141
|
- ".travis.yml"
|
142
|
+
- CHANGELOG
|
142
143
|
- Gemfile
|
143
144
|
- Guardfile
|
144
145
|
- README.md
|
@@ -171,7 +172,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
171
172
|
version: '0'
|
172
173
|
requirements: []
|
173
174
|
rubyforge_project:
|
174
|
-
rubygems_version: 2.
|
175
|
+
rubygems_version: 2.5.1
|
175
176
|
signing_key:
|
176
177
|
specification_version: 4
|
177
178
|
summary: A LDAP strategy for OmniAuth.
|