Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
9b45644a
Commit
9b45644a
authored
Jul 21, 2020
by
Valery Sizov
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix sign_in on secondary with relative URL
Relative URL wasn't handled correctly
parent
00b75ff4
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
22 additions
and
3 deletions
+22
-3
ee/app/controllers/ee/sessions_controller.rb
ee/app/controllers/ee/sessions_controller.rb
+3
-1
ee/changelogs/geo-fix-oauth-redirect.yml
ee/changelogs/geo-fix-oauth-redirect.yml
+5
-0
ee/spec/controllers/ee/sessions_controller_spec.rb
ee/spec/controllers/ee/sessions_controller_spec.rb
+12
-0
spec/support/helpers/stub_configuration.rb
spec/support/helpers/stub_configuration.rb
+2
-2
No files found.
ee/app/controllers/ee/sessions_controller.rb
View file @
9b45644a
...
...
@@ -14,7 +14,9 @@ module EE
return
super
if
signed_in?
if
::
Gitlab
::
Geo
.
secondary_with_primary?
redirect_to
oauth_geo_auth_url
(
host:
GeoNode
.
current_node_url
,
state:
geo_login_state
.
encode
)
current_node_uri
=
URI
(
GeoNode
.
current_node_url
)
state
=
geo_login_state
.
encode
redirect_to
oauth_geo_auth_url
(
host:
current_node_uri
.
host
,
port:
current_node_uri
.
port
,
state:
state
)
else
super
end
...
...
ee/changelogs/geo-fix-oauth-redirect.yml
0 → 100644
View file @
9b45644a
---
title
:
'
Geo:
Fix
sign
in
on
secondary
with
relative
URL'
merge_request
:
37445
author
:
type
:
fixed
ee/spec/controllers/ee/sessions_controller_spec.rb
View file @
9b45644a
...
...
@@ -32,6 +32,18 @@ RSpec.describe SessionsController, :geo do
end
end
context
'when relative URL is configured'
do
before
do
host
=
'http://this.is.my.host/secondary-relative-url-part'
stub_config_setting
(
url:
host
,
https:
false
)
stub_default_url_options
(
host:
"this.is.my.host"
,
script_name:
'/secondary-relative-url-part'
)
request
.
headers
[
'HOST'
]
=
host
end
it_behaves_like
'a valid oauth authentication redirect'
end
context
'with a tampered HOST header'
do
before
do
request
.
headers
[
'HOST'
]
=
'http://this.is.not.my.host'
...
...
spec/support/helpers/stub_configuration.rb
View file @
9b45644a
...
...
@@ -33,8 +33,8 @@ module StubConfiguration
allow
(
Gitlab
.
config
).
to
receive_messages
(
to_settings
(
messages
))
end
def
stub_default_url_options
(
host:
"localhost"
,
protocol:
"http"
)
url_options
=
{
host:
host
,
protocol:
protocol
}
def
stub_default_url_options
(
host:
"localhost"
,
protocol:
"http"
,
script_name:
nil
)
url_options
=
{
host:
host
,
protocol:
protocol
,
script_name:
script_name
}
allow
(
Rails
.
application
.
routes
).
to
receive
(
:default_url_options
).
and_return
(
url_options
)
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment