From 536c321236702dd9b759831f8ce5f2bc250d43b0 Mon Sep 17 00:00:00 2001 From: Pat Thoyts Date: Fri, 20 Jul 2012 23:25:26 +0100 Subject: [PATCH] Report missing credentials to the Rails application. If no username or password is provided a MissingCredentialsError is raised which causes a Rack caught exception and a 500 Error in gitlab. Omniauth provides a way to raise such errors to the application by using the 'fail!' method to pass the exception to the registered failure handler. For gitlab this is the omniauth_controller code. This is required to resolve gitlab issue #1077. Signed-off-by: Pat Thoyts --- lib/omniauth/strategies/ldap.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/omniauth/strategies/ldap.rb b/lib/omniauth/strategies/ldap.rb index e0edce9..c28628d 100644 --- a/lib/omniauth/strategies/ldap.rb +++ b/lib/omniauth/strategies/ldap.rb @@ -38,13 +38,13 @@ def request_phase def callback_phase @adaptor = OmniAuth::LDAP::Adaptor.new @options - # GITLAB security patch - # Dont allow blank password for ldap auth - if request['username'].nil? || request['username'].empty? || request['password'].nil? || request['password'].empty? - raise MissingCredentialsError.new("Missing login credentials") - end - begin + # GITLAB security patch + # Dont allow blank password for ldap auth + if request['username'].nil? || request['username'].empty? || request['password'].nil? || request['password'].empty? + raise MissingCredentialsError.new("Missing login credentials") + end + @ldap_user_info = @adaptor.bind_as(:filter => Net::LDAP::Filter.eq(@adaptor.uid, @options[:name_proc].call(request['username'])),:size => 1, :password => request['password']) return fail!(:invalid_credentials) if !@ldap_user_info