Automatic merge of gitlab-org/gitlab-ce master

d778bfbc · GitLab Bot · 9014e4f5 · 30a301b8 · d778bfbc · d778bfbc
Commit d778bfbc authored Jan 01, 2019 by GitLab Bot
11 changed files
--- a/Gemfile
+++ b/Gemfile
@@ -34,7 +34,7 @@ gem 'omniauth-cas3', '~> 1.1.4'
 gem 'omniauth-facebook', '~> 4.0.0'
 gem 'omniauth-github', '~> 1.3'
 gem 'omniauth-gitlab', '~> 1.0.2'
-gem 'omniauth-google-oauth2', '~> 0.5.3'
+gem 'omniauth-google-oauth2', '~> 0.6.0'
 gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
 gem 'omniauth-oauth2-generic', '~> 0.2.2'
 gem 'omniauth-saml', '~> 1.10'
@@ -43,7 +43,7 @@ gem 'omniauth-twitter', '~> 1.4'
 gem 'omniauth_crowd', '~> 2.2.0'
 gem 'omniauth-authentiq', '~> 0.3.3'
 gem 'rack-oauth2', '~> 1.2.1'
-gem 'jwt', '~> 1.5.6'
+gem 'jwt', '~> 2.1.0'
 # Kerberos authentication. EE-only
 gem 'gssapi', group: :kerberos

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -431,7 +431,7 @@ GEM
      bindata
    json-schema (2.8.0)
      addressable (>= 2.4)
-    jwt (1.5.6)
+    jwt (2.1.0)
    kaminari (1.0.1)
      activesupport (>= 4.1.0)
      kaminari-actionview (= 1.0.1)
@@ -512,24 +512,24 @@ GEM
      nokogiri
    numerizer (0.1.1)
    oauth (0.5.4)
-    oauth2 (1.4.0)
+    oauth2 (1.4.1)
-      faraday (>= 0.8, < 0.13)
+      faraday (>= 0.8, < 0.16.0)
-      jwt (~> 1.0)
+      jwt (>= 1.0, < 3.0)
      multi_json (~> 1.3)
      multi_xml (~> 0.5)
      rack (>= 1.2, < 3)
    octokit (4.9.0)
      sawyer (~> 0.8.0, >= 0.5.3)
-    omniauth (1.8.1)
+    omniauth (1.9.0)
-      hashie (>= 3.4.6, < 3.6.0)
+      hashie (>= 3.4.6, < 3.7.0)
      rack (>= 1.6.2, < 3)
    omniauth-auth0 (2.0.0)
      omniauth-oauth2 (~> 1.4)
    omniauth-authentiq (0.3.3)
      jwt (>= 1.5)
      omniauth-oauth2 (>= 1.5)
-    omniauth-azure-oauth2 (0.0.9)
+    omniauth-azure-oauth2 (0.0.10)
-      jwt (~> 1.0)
+      jwt (>= 1.0, < 3.0)
      omniauth (~> 1.0)
      omniauth-oauth2 (~> 1.4)
    omniauth-cas3 (1.1.4)
@@ -544,8 +544,8 @@ GEM
    omniauth-gitlab (1.0.3)
      omniauth (~> 1.0)
      omniauth-oauth2 (~> 1.0)
-    omniauth-google-oauth2 (0.5.3)
+    omniauth-google-oauth2 (0.6.0)
-      jwt (>= 1.5)
+      jwt (>= 2.0)
      omniauth (>= 1.1.1)
      omniauth-oauth2 (>= 1.5)
    omniauth-kerberos (0.3.0)
@@ -556,9 +556,9 @@ GEM
    omniauth-oauth (1.1.0)
      oauth
      omniauth (~> 1.0)
-    omniauth-oauth2 (1.5.0)
+    omniauth-oauth2 (1.6.0)
      oauth2 (~> 1.1)
-      omniauth (~> 1.2)
+      omniauth (~> 1.9)
    omniauth-oauth2-generic (0.2.2)
      omniauth-oauth2 (~> 1.0)
    omniauth-saml (1.10.0)
@@ -1077,7 +1077,7 @@ DEPENDENCIES
  jquery-atwho-rails (~> 1.3.2)
  js_regex (~> 2.2.1)
  json-schema (~> 2.8.0)
-  jwt (~> 1.5.6)
+  jwt (~> 2.1.0)
  kaminari (~> 1.0)
  knapsack (~> 1.17)
  kubeclient (~> 4.0.0)
@@ -1107,7 +1107,7 @@ DEPENDENCIES
  omniauth-facebook (~> 4.0.0)
  omniauth-github (~> 1.3)
  omniauth-gitlab (~> 1.0.2)
-  omniauth-google-oauth2 (~> 0.5.3)
+  omniauth-google-oauth2 (~> 0.6.0)
  omniauth-kerberos (~> 0.3.0)
  omniauth-oauth2-generic (~> 0.2.2)
  omniauth-saml (~> 1.10)

--- a/app/assets/javascripts/diffs/components/compare_versions_dropdown.vue
+++ b/app/assets/javascripts/diffs/components/compare_versions_dropdown.vue
@@ -129,7 +129,7 @@ export default {
                </strong>
              </div>
              <div>
-                <small class="commit-sha"> {{ version.truncated_commit_sha }} </small>
+                <small class="commit-sha"> {{ version.short_commit_sha }} </small>
              </div>
              <div>
                <small>

--- a/changelogs/unreleased/sh-bump-omniauth-google-gem.yml
+++ b/changelogs/unreleased/sh-bump-omniauth-google-gem.yml
+---
+title: Upgrade Omniauth and JWT gems to switch away from Google+ API
+merge_request: 24068
+author:
+type: changed
--- a/changelogs/unreleased/sh-fix-issue-55822.yml
+++ b/changelogs/unreleased/sh-fix-issue-55822.yml
+---
+title: Fix commit SHA not showing in merge request compare dropdown
+merge_request: 24084
+author:
+type: fixed
--- a/doc/integration/google.md
+++ b/doc/integration/google.md
@@ -35,7 +35,6 @@ In Google's side:
 1. You should now be able to see a Client ID and Client secret. Note them down
   or keep this page open as you will need them later.
-1. From the **Dashboard** select **ENABLE APIS AND SERVICES > Social > Google+ API > Enable**
 1. To enable projects to access [Google Kubernetes Engine](../user/project/clusters/index.md), you must also
   enable these APIs:
   - Google Kubernetes Engine API

--- a/lib/json_web_token/hmac_token.rb
+++ b/lib/json_web_token/hmac_token.rb
@@ -18,7 +18,7 @@ module JSONWebToken
    end
    def encoded
-      JWT.encode(payload, secret, JWT_ALGORITHM)
+      JWT.encode(payload, secret, JWT_ALGORITHM, { typ: 'JWT' })
    end
    private

--- a/lib/json_web_token/rsa_token.rb
+++ b/lib/json_web_token/rsa_token.rb
@@ -11,7 +11,8 @@ module JSONWebToken
    def encoded
      headers = {
-        kid: kid
+        kid: kid,
+        typ: 'JWT'
      }
      JWT.encode(payload, key, 'RS256', headers)
    end

--- a/spec/features/merge_request/user_sees_versions_spec.rb
+++ b/spec/features/merge_request/user_sees_versions_spec.rb
@@ -64,6 +64,17 @@ describe 'Merge request > User sees versions', :js do
      end
    end
+    it 'shows the commit SHAs for every version in the dropdown' do
+      page.within '.mr-version-dropdown' do
+        find('.btn-default').click
+        page.within('.dropdown-content') do
+          shas = merge_request.merge_request_diffs.map { |diff| Commit.truncate_sha(diff.head_commit_sha) }
+          shas.each { |sha| expect(page).to have_content(sha) }
+        end
+      end
+    end
    it 'shows comments that were last relevant at that version' do
      expect(page).to have_content '5 changed files'

--- a/spec/lib/json_web_token/rsa_token_spec.rb
+++ b/spec/lib/json_web_token/rsa_token_spec.rb
@@ -25,7 +25,7 @@ describe JSONWebToken::RSAToken do
        rsa_token['key'] = 'value'
      end
-      subject { JWT.decode(rsa_encoded, rsa_key) }
+      subject { JWT.decode(rsa_encoded, rsa_key, true, { algorithm: 'RS256' }) }
      it { expect {subject}.not_to raise_error }
      it { expect(subject.first).to include('key' => 'value') }
@@ -39,7 +39,7 @@ describe JSONWebToken::RSAToken do
    context 'for invalid key to raise an exception' do
      let(:new_key) { OpenSSL::PKey::RSA.generate(512) }
-      subject { JWT.decode(rsa_encoded, new_key) }
+      subject { JWT.decode(rsa_encoded, new_key, true, { algorithm: 'RS256' }) }
      it { expect {subject}.to raise_error(JWT::DecodeError) }
    end

--- a/spec/services/auth/container_registry_authentication_service_spec.rb
+++ b/spec/services/auth/container_registry_authentication_service_spec.rb
@@ -5,7 +5,7 @@ describe Auth::ContainerRegistryAuthenticationService do
  let(:current_user) { nil }
  let(:current_params) { {} }
  let(:rsa_key) { OpenSSL::PKey::RSA.generate(512) }
-  let(:payload) { JWT.decode(subject[:token], rsa_key).first }
+  let(:payload) { JWT.decode(subject[:token], rsa_key, true, { algorithm: 'RS256' }).first }
  let(:authentication_abilities) do
    [:read_container_image, :create_container_image, :admin_container_image]