Exclude LDAP from OmniauthCallbackController base methods

e8fbf7aa · James Edwards-Jones · 51125bfb · e8fbf7aa · e8fbf7aa · e8fbf7aa
Commit e8fbf7aa authored Apr 23, 2018 by James Edwards-Jones
4 changed files
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -9,8 +9,8 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
    omniauth_flow(Gitlab::Auth::OAuth)
  end
-  Gitlab.config.omniauth.providers.each do |provider|
+  AuthHelper.providers_for_base_controller.each do |provider|
-    alias_method provider['name'], :handle_omniauth
+    alias_method provider, :handle_omniauth
  end
  # Extend the standard implementation to also increment

--- a/app/helpers/auth_helper.rb
+++ b/app/helpers/auth_helper.rb
 module AuthHelper
+  prepend EE::AuthHelper
  PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook azure_oauth2 authentiq).freeze
-  FORM_BASED_PROVIDERS = [/\Aldap/, 'kerberos', 'crowd'].freeze
+  LDAP_PROVIDER = /\Aldap/
  delegate :slack_app_id, to: :'Gitlab::CurrentSettings.current_application_settings'
@@ -29,7 +31,7 @@ module AuthHelper
  end
  def form_based_provider?(name)
-    FORM_BASED_PROVIDERS.any? { |pattern| pattern === name.to_s }
+    [LDAP_PROVIDER, 'crowd'].any? { |pattern| pattern === name.to_s }
  end
  def form_based_providers
@@ -44,6 +46,10 @@ module AuthHelper
    auth_providers.reject { |provider| form_based_provider?(provider) }
  end
+  def providers_for_base_controller
+    auth_providers.reject { |provider| LDAP_PROVIDER === provider }
+  end
  def enabled_button_based_providers
    disabled_providers = Gitlab::CurrentSettings.disabled_oauth_sign_in_sources || []

--- a/ee/app/helpers/ee/auth_helper.rb
+++ b/ee/app/helpers/ee/auth_helper.rb
+module EE
+  module AuthHelper
+    extend ::Gitlab::Utils::Override
+    override :form_based_provider?
+    def form_based_provider?(name)
+      super || name.to_s == 'kerberos'
+    end
+  end
+end
--- a/spec/helpers/auth_helper_spec.rb
+++ b/spec/helpers/auth_helper_spec.rb
@@ -18,6 +18,35 @@ describe AuthHelper do
    end
  end
+  describe "providers_for_base_controller" do
+    it 'returns all enabled providers from devise' do
+      allow(helper).to receive(:auth_providers) { [:twitter, :github] }
+      expect(helper.providers_for_base_controller).to include(*[:twitter, :github])
+    end
+    it 'excludes ldap providers' do
+      allow(helper).to receive(:auth_providers) { [:twitter, :ldapmain] }
+      expect(helper.providers_for_base_controller).not_to include(:ldapmain)
+    end
+  end
+  describe "form_based_providers" do
+    it 'includes LDAP providers' do
+      allow(helper).to receive(:auth_providers) { [:twitter, :ldapmain] }
+      expect(helper.form_based_providers).to eq %i(ldapmain)
+    end
+    it 'includes crowd provider' do
+      allow(helper).to receive(:auth_providers) { [:twitter, :crowd] }
+      expect(helper.form_based_providers).to eq %i(crowd)
+    end
+    it 'includes kerberos provider' do
+      allow(helper).to receive(:auth_providers) { [:twitter, :kerberos] }
+      expect(helper.form_based_providers).to eq %i(kerberos)
+    end
+  end
  describe 'enabled_button_based_providers' do
    before do
      allow(helper).to receive(:auth_providers) { [:twitter, :github] }