From 7edf27d0281e09561838122982c16b7e62181f44 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Tue, 26 Jun 2012 10:51:15 +0300 Subject: [PATCH 01/17] Fix ldap blank password --- lib/omniauth/strategies/ldap.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/omniauth/strategies/ldap.rb b/lib/omniauth/strategies/ldap.rb index 45fb1d1..e0edce9 100644 --- a/lib/omniauth/strategies/ldap.rb +++ b/lib/omniauth/strategies/ldap.rb @@ -38,7 +38,12 @@ def request_phase def callback_phase @adaptor = OmniAuth::LDAP::Adaptor.new @options - raise MissingCredentialsError.new("Missing login credentials") if request['username'].nil? || request['password'].nil? + # GITLAB security patch + # Dont allow blank password for ldap auth + if request['username'].nil? || request['username'].empty? || request['password'].nil? || request['password'].empty? + raise MissingCredentialsError.new("Missing login credentials") + end + begin @ldap_user_info = @adaptor.bind_as(:filter => Net::LDAP::Filter.eq(@adaptor.uid, @options[:name_proc].call(request['username'])),:size => 1, :password => request['password']) return fail!(:invalid_credentials) if !@ldap_user_info From 536c321236702dd9b759831f8ce5f2bc250d43b0 Mon Sep 17 00:00:00 2001 From: Pat Thoyts Date: Fri, 20 Jul 2012 23:25:26 +0100 Subject: [PATCH 02/17] Report missing credentials to the Rails application. If no username or password is provided a MissingCredentialsError is raised which causes a Rack caught exception and a 500 Error in gitlab. Omniauth provides a way to raise such errors to the application by using the 'fail!' method to pass the exception to the registered failure handler. For gitlab this is the omniauth_controller code. This is required to resolve gitlab issue #1077. Signed-off-by: Pat Thoyts --- lib/omniauth/strategies/ldap.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/omniauth/strategies/ldap.rb b/lib/omniauth/strategies/ldap.rb index e0edce9..c28628d 100644 --- a/lib/omniauth/strategies/ldap.rb +++ b/lib/omniauth/strategies/ldap.rb @@ -38,13 +38,13 @@ def request_phase def callback_phase @adaptor = OmniAuth::LDAP::Adaptor.new @options - # GITLAB security patch - # Dont allow blank password for ldap auth - if request['username'].nil? || request['username'].empty? || request['password'].nil? || request['password'].empty? - raise MissingCredentialsError.new("Missing login credentials") - end - begin + # GITLAB security patch + # Dont allow blank password for ldap auth + if request['username'].nil? || request['username'].empty? || request['password'].nil? || request['password'].empty? + raise MissingCredentialsError.new("Missing login credentials") + end + @ldap_user_info = @adaptor.bind_as(:filter => Net::LDAP::Filter.eq(@adaptor.uid, @options[:name_proc].call(request['username'])),:size => 1, :password => request['password']) return fail!(:invalid_credentials) if !@ldap_user_info From d92ef39dcd9a392fe458ca868e9ba2a501b11881 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Sun, 30 Dec 2012 15:06:58 +0200 Subject: [PATCH 03/17] Fixed test and travis --- .travis.yml | 6 +++ Gemfile | 9 ++-- Gemfile.lock | 78 +++++++++------------------ lib/omniauth-ldap/adaptor.rb | 10 ++-- omniauth-ldap.gemspec | 13 ++--- spec/omniauth/strategies/ldap_spec.rb | 40 ++++++++------ spec/spec_helper.rb | 2 - 7 files changed, 67 insertions(+), 91 deletions(-) create mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..baef6da --- /dev/null +++ b/.travis.yml @@ -0,0 +1,6 @@ +branches: + only: + - 'master' +rvm: + - 1.9.2 +script: "bundle exec rspec spec" diff --git a/Gemfile b/Gemfile index 339f969..2bc1e2f 100644 --- a/Gemfile +++ b/Gemfile @@ -3,9 +3,8 @@ source 'http://rubygems.org' gemspec group :development, :test do - gem 'guard' - gem 'guard-rspec' - gem 'guard-bundler' - gem 'growl' - gem 'rb-fsevent' + gem 'rspec' + gem 'pry' + gem 'rake' + gem 'rack-test' end diff --git a/Gemfile.lock b/Gemfile.lock index 6b0d47f..057ddb3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - omniauth-ldap (1.0.2) + gitlab_omniauth-ldap (1.0.2) net-ldap (~> 0.2.2) omniauth (~> 1.0) pyu-ruby-sasl (~> 0.0.3.1) @@ -10,70 +10,40 @@ PATH GEM remote: http://rubygems.org/ specs: - archive-tar-minitar (0.5.2) - columnize (0.3.4) + coderay (1.0.8) diff-lcs (1.1.3) - ffi (1.0.9) - growl (1.0.3) - guard (0.8.8) - thor (~> 0.14.6) - guard-bundler (0.1.3) - bundler (>= 1.0.0) - guard (>= 0.2.2) - guard-rspec (0.5.0) - guard (>= 0.8.4) hashie (1.2.0) - libnotify (0.5.7) - ffi (= 1.0.9) - linecache19 (0.5.12) - ruby_core_source (>= 0.1.4) - multi_json (1.0.3) + method_source (0.8.1) net-ldap (0.2.2) - omniauth (1.0.1) + omniauth (1.1.1) hashie (~> 1.2) rack + pry (0.9.10) + coderay (~> 1.0.5) + method_source (~> 0.8) + slop (~> 3.3.1) pyu-ruby-sasl (0.0.3.3) - rack (1.3.5) - rack-test (0.6.1) + rack (1.4.1) + rack-test (0.6.2) rack (>= 1.0) - rb-fsevent (0.4.3.1) - rspec (2.7.0) - rspec-core (~> 2.7.0) - rspec-expectations (~> 2.7.0) - rspec-mocks (~> 2.7.0) - rspec-core (2.7.1) - rspec-expectations (2.7.0) - diff-lcs (~> 1.1.2) - rspec-mocks (2.7.0) - ruby-debug-base19 (0.11.25) - columnize (>= 0.3.1) - linecache19 (>= 0.5.11) - ruby_core_source (>= 0.1.4) - ruby-debug19 (0.11.6) - columnize (>= 0.3.1) - linecache19 (>= 0.5.11) - ruby-debug-base19 (>= 0.11.19) - ruby_core_source (0.1.5) - archive-tar-minitar (>= 0.5.2) + rake (10.0.3) + rspec (2.12.0) + rspec-core (~> 2.12.0) + rspec-expectations (~> 2.12.0) + rspec-mocks (~> 2.12.0) + rspec-core (2.12.2) + rspec-expectations (2.12.1) + diff-lcs (~> 1.1.3) + rspec-mocks (2.12.1) rubyntlm (0.1.1) - simplecov (0.5.4) - multi_json (~> 1.0.3) - simplecov-html (~> 0.5.3) - simplecov-html (0.5.3) - thor (0.14.6) + slop (3.3.3) PLATFORMS ruby DEPENDENCIES - growl - guard - guard-bundler - guard-rspec - libnotify - omniauth-ldap! + gitlab_omniauth-ldap! + pry rack-test - rb-fsevent - rspec (~> 2.7) - ruby-debug19 - simplecov + rake + rspec diff --git a/lib/omniauth-ldap/adaptor.rb b/lib/omniauth-ldap/adaptor.rb index 5c769b2..66459ad 100644 --- a/lib/omniauth-ldap/adaptor.rb +++ b/lib/omniauth-ldap/adaptor.rb @@ -49,10 +49,10 @@ def initialize(configuration={}) :base => @base } @uri = construct_uri(@host, @port, @method != :plain) - + @bind_method = @try_sasl ? :sasl : (@allow_anonymous||!@bind_dn||!@password ? :anonymous : :simple) - - + + @auth = sasl_auths({:username => @bind_dn, :password => @password}).first if @bind_method == :sasl @auth ||= { :method => @bind_method, :username => @bind_dn, @@ -61,11 +61,11 @@ def initialize(configuration={}) config[:auth] = @auth @connection = Net::LDAP.new(config) end - + #:base => "dc=yourcompany, dc=com", # :filter => "(mail=#{user})", # :password => psw - def bind_as(args = {}) + def bind_as(args = {}) result = false @connection.open do |me| rs = me.search args diff --git a/omniauth-ldap.gemspec b/omniauth-ldap.gemspec index 71e44d5..74f5291 100644 --- a/omniauth-ldap.gemspec +++ b/omniauth-ldap.gemspec @@ -6,22 +6,17 @@ Gem::Specification.new do |gem| gem.email = ["ping@intridea.com"] gem.description = %q{A LDAP strategy for OmniAuth.} gem.summary = %q{A LDAP strategy for OmniAuth.} - gem.homepage = "https://github.com/intridea/omniauth-ldap" + gem.homepage = "https://github.com/gitlabhq/omniauth-ldap" gem.add_runtime_dependency 'omniauth', '~> 1.0' gem.add_runtime_dependency 'net-ldap', '~> 0.2.2' gem.add_runtime_dependency 'pyu-ruby-sasl', '~> 0.0.3.1' - gem.add_runtime_dependency 'rubyntlm', '~> 0.1.1' - gem.add_development_dependency 'rspec', '~> 2.7' - gem.add_development_dependency 'simplecov' - gem.add_development_dependency 'rack-test' - gem.add_development_dependency 'libnotify' - gem.add_development_dependency 'ruby-debug19' - + gem.add_runtime_dependency 'rubyntlm', '~> 0.1.1' + gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) } gem.files = `git ls-files`.split("\n") gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n") - gem.name = "omniauth-ldap" + gem.name = "gitlab_omniauth-ldap" gem.require_paths = ["lib"] gem.version = OmniAuth::LDAP::VERSION end diff --git a/spec/omniauth/strategies/ldap_spec.rb b/spec/omniauth/strategies/ldap_spec.rb index 2a39f79..01a48bb 100644 --- a/spec/omniauth/strategies/ldap_spec.rb +++ b/spec/omniauth/strategies/ldap_spec.rb @@ -1,6 +1,7 @@ require 'spec_helper' + describe "OmniAuth::Strategies::LDAP" do - # :title => "My LDAP", + # :title => "My LDAP", # :host => '10.101.10.1', # :port => 389, # :method => :plain, @@ -8,12 +9,13 @@ # :uid => 'sAMAccountName', # :name_proc => Proc.new {|name| name.gsub(/@.*$/,'')} # :bind_dn => 'default_bind_dn' - # :password => 'password' - class MyLdapProvider < OmniAuth::Strategies::LDAP; end + # :password => 'password' + class MyLdapProvider < OmniAuth::Strategies::LDAP; end + def app Rack::Builder.new { use OmniAuth::Test::PhonySession - use MyLdapProvider, :name => 'ldap', :title => 'MyLdap Form', :host => '192.168.1.145', :base => 'dc=score, dc=local', :name_proc => Proc.new {|name| name.gsub(/@.*$/,'')} + use MyLdapProvider, :name => 'ldap', :title => 'MyLdap Form', :host => '192.168.1.145', :base => 'dc=score, dc=local', :name_proc => Proc.new {|name| name.gsub(/@.*$/,'')} run lambda { |env| [404, {'Content-Type' => 'text/plain'}, [env.key?('omniauth.auth').to_s]] } }.to_app end @@ -52,36 +54,42 @@ def session @adaptor = mock(OmniAuth::LDAP::Adaptor, {:uid => 'ping'}) OmniAuth::LDAP::Adaptor.stub(:new).and_return(@adaptor) end + context 'failure' do - before(:each) do - @adaptor.stub(:bind_as).and_return(false) - end + before(:each) do + @adaptor.stub(:bind_as).and_return(false) + end + it 'should raise MissingCredentialsError' do - lambda{post('/auth/ldap/callback', {})}.should raise_error OmniAuth::Strategies::LDAP::MissingCredentialsError + post('/auth/ldap/callback', {}) + last_response.should be_redirect + last_response.headers['Location'].should =~ %r{ldap_error} end - it 'should redirect to error page' do + + it 'should redirect to error page' do post('/auth/ldap/callback', {:username => 'ping', :password => 'password'}) last_response.should be_redirect last_response.headers['Location'].should =~ %r{invalid_credentials} end - it 'should redirect to error page when there is exception' do + + it 'should redirect to error page when there is exception' do @adaptor.stub(:bind_as).and_throw(Exception.new('connection_error')) post('/auth/ldap/callback', {:username => 'ping', :password => 'password'}) last_response.should be_redirect last_response.headers['Location'].should =~ %r{ldap_error} end end - + context 'success' do let(:auth_hash){ last_request.env['omniauth.auth'] } before(:each) do - @adaptor.stub(:bind_as).and_return({:dn => ['cn=ping, dc=intridea, dc=com'], :mail => ['ping@intridea.com'], :givenname => ['Ping'], :sn => ['Yu'], - :telephonenumber => ['555-555-5555'], :mobile => ['444-444-4444'], :uid => ['ping'], :title => ['dev'], :address =>[ 'k street'], - :l => ['Washington'], :st => ['DC'], :co => ["U.S.A"], :postofficebox => ['20001'], :wwwhomepage => ['www.intridea.com'], - :jpegphoto => ['http://www.intridea.com/ping.jpg'], :description => ['omniauth-ldap']}) + @adaptor.stub(:bind_as).and_return({:dn => ['cn=ping, dc=intridea, dc=com'], :mail => ['ping@intridea.com'], :givenname => ['Ping'], :sn => ['Yu'], + :telephonenumber => ['555-555-5555'], :mobile => ['444-444-4444'], :uid => ['ping'], :title => ['dev'], :address =>[ 'k street'], + :l => ['Washington'], :st => ['DC'], :co => ["U.S.A"], :postofficebox => ['20001'], :wwwhomepage => ['www.intridea.com'], + :jpegphoto => ['http://www.intridea.com/ping.jpg'], :description => ['omniauth-ldap']}) post('/auth/ldap/callback', {:username => 'ping', :password => 'password'}) end - + it 'should raise MissingCredentialsError' do should_not raise_error OmniAuth::Strategies::LDAP::MissingCredentialsError end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index c0facec..5506076 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,7 +1,5 @@ $:.unshift File.expand_path('..', __FILE__) $:.unshift File.expand_path('../../lib', __FILE__) -require 'simplecov' -SimpleCov.start require 'rspec' require 'rack/test' require 'omniauth' From 2d45b8d50c8e566ce15e81fc8afc98f3822be1c7 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Sun, 30 Dec 2012 15:10:08 +0200 Subject: [PATCH 04/17] badge addded --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 60d7e77..cfd2270 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -# OmniAuth LDAP +# GitLab fork | OmniAuth LDAP [![build status](https://secure.travis-ci.org/gitlabhq/omniauth-ldap.png)](https://travis-ci.org/gitlabhq/omniauth-ldap) -== LDAP +### LDAP Use the LDAP strategy as a middleware in your application: From 8e4ceb51144ac6ac8ec6d8eca77c98ac508fe58b Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Sun, 30 Dec 2012 15:13:04 +0200 Subject: [PATCH 05/17] rename gemspec --- omniauth-ldap.gemspec => gitlab_omniauth-ldap.gemspec | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename omniauth-ldap.gemspec => gitlab_omniauth-ldap.gemspec (100%) diff --git a/omniauth-ldap.gemspec b/gitlab_omniauth-ldap.gemspec similarity index 100% rename from omniauth-ldap.gemspec rename to gitlab_omniauth-ldap.gemspec From ed838fc58795f1f3e2fcb6f4bc150c802af96d30 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Fri, 26 Apr 2013 20:40:26 +0300 Subject: [PATCH 06/17] Update net-ldap dependency --- gitlab_omniauth-ldap.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitlab_omniauth-ldap.gemspec b/gitlab_omniauth-ldap.gemspec index 74f5291..589bb8a 100644 --- a/gitlab_omniauth-ldap.gemspec +++ b/gitlab_omniauth-ldap.gemspec @@ -9,7 +9,7 @@ Gem::Specification.new do |gem| gem.homepage = "https://github.com/gitlabhq/omniauth-ldap" gem.add_runtime_dependency 'omniauth', '~> 1.0' - gem.add_runtime_dependency 'net-ldap', '~> 0.2.2' + gem.add_runtime_dependency 'net-ldap', '~> 0.3.1' gem.add_runtime_dependency 'pyu-ruby-sasl', '~> 0.0.3.1' gem.add_runtime_dependency 'rubyntlm', '~> 0.1.1' From 8c50f199f8e2d8a4dc901ddbbe3e37a2630843ac Mon Sep 17 00:00:00 2001 From: David Aguilar Date: Wed, 12 Jun 2013 22:13:07 -0700 Subject: [PATCH 07/17] Gemfile.lock: update net-ldap to fix LDAP authentication issues Newer LDAP servers fail with older versions of net-ldap. Update to the fixed version. Signed-off-by: David Aguilar --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 057ddb3..3641e51 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,7 +2,7 @@ PATH remote: . specs: gitlab_omniauth-ldap (1.0.2) - net-ldap (~> 0.2.2) + net-ldap (~> 0.3.1) omniauth (~> 1.0) pyu-ruby-sasl (~> 0.0.3.1) rubyntlm (~> 0.1.1) @@ -14,7 +14,7 @@ GEM diff-lcs (1.1.3) hashie (1.2.0) method_source (0.8.1) - net-ldap (0.2.2) + net-ldap (0.3.1) omniauth (1.1.1) hashie (~> 1.2) rack From daa9b62763c98a83141e1f2484976096df88c702 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 13 Jun 2013 10:04:29 +0300 Subject: [PATCH 08/17] version up to 1.0.3 --- lib/omniauth-ldap/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/omniauth-ldap/version.rb b/lib/omniauth-ldap/version.rb index 628e132..1531127 100644 --- a/lib/omniauth-ldap/version.rb +++ b/lib/omniauth-ldap/version.rb @@ -1,5 +1,5 @@ module OmniAuth module LDAP - VERSION = "1.0.2" + VERSION = "1.0.3" end end From 80f438f4fa72d322b920347b31d08382d4ed8ff2 Mon Sep 17 00:00:00 2001 From: Jan Bessai Date: Wed, 27 Aug 2014 15:36:28 +0000 Subject: [PATCH 09/17] Push version of net-ldap dependency to get rid of utf-8 bug: https://github.com/ruby-ldap/ruby-net-ldap/issues/80 --- gitlab_omniauth-ldap.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitlab_omniauth-ldap.gemspec b/gitlab_omniauth-ldap.gemspec index b928ee3..606c8bd 100644 --- a/gitlab_omniauth-ldap.gemspec +++ b/gitlab_omniauth-ldap.gemspec @@ -10,7 +10,7 @@ Gem::Specification.new do |gem| gem.license = "MIT" gem.add_runtime_dependency 'omniauth', '~> 1.0' - gem.add_runtime_dependency 'net-ldap', '~> 0.3.1' + gem.add_runtime_dependency 'net-ldap', '~> 0.7.0' gem.add_runtime_dependency 'pyu-ruby-sasl', '~> 0.0.3.1' gem.add_runtime_dependency 'rubyntlm', '~> 0.1.1' From 54a602177221aced24a67156ce5965a27ac71413 Mon Sep 17 00:00:00 2001 From: Jan Bessai Date: Tue, 2 Sep 2014 16:28:46 +0200 Subject: [PATCH 10/17] push versions in Gemfile.lock --- Gemfile.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 9bff2bd..60064d2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,7 +2,7 @@ PATH remote: . specs: gitlab_omniauth-ldap (1.0.4) - net-ldap (~> 0.3.1) + net-ldap (~> 0.7.0) omniauth (~> 1.0) pyu-ruby-sasl (~> 0.0.3.1) rubyntlm (~> 0.1.1) @@ -12,12 +12,12 @@ GEM specs: coderay (1.0.8) diff-lcs (1.1.3) - hashie (1.2.0) + hashie (3.3.1) method_source (0.8.1) - net-ldap (0.3.1) - omniauth (1.1.1) - hashie (~> 1.2) - rack + net-ldap (0.7.0) + omniauth (1.2.2) + hashie (>= 1.2, < 4) + rack (~> 1.0) pry (0.9.10) coderay (~> 1.0.5) method_source (~> 0.8) From aaac56274cff8ad9d996c13720f2bbf470b559ad Mon Sep 17 00:00:00 2001 From: Jacob Vosmaer Date: Mon, 8 Sep 2014 17:19:33 +0200 Subject: [PATCH 11/17] Bump VERSION to 1.1.0 Considering we are bumping net-ldap from 0.3.1 to 0.7.0 I thought a minor version bump might be called for. --- lib/omniauth-ldap/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/omniauth-ldap/version.rb b/lib/omniauth-ldap/version.rb index d5adc48..f7f9b4b 100644 --- a/lib/omniauth-ldap/version.rb +++ b/lib/omniauth-ldap/version.rb @@ -1,5 +1,5 @@ module OmniAuth module LDAP - VERSION = "1.0.4" + VERSION = "1.1.0" end end From 14f97bdac8e587ab05adf5483f6ce3424cdcac4c Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Wed, 29 Oct 2014 17:06:58 +0200 Subject: [PATCH 12/17] Bump dependencies Signed-off-by: Dmitriy Zaporozhets --- Gemfile.lock | 10 +++++----- gitlab_omniauth-ldap.gemspec | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 60064d2..5dd6d08 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,11 +1,11 @@ PATH remote: . specs: - gitlab_omniauth-ldap (1.0.4) - net-ldap (~> 0.7.0) + gitlab_omniauth-ldap (1.1.0) + net-ldap (~> 0.9) omniauth (~> 1.0) pyu-ruby-sasl (~> 0.0.3.1) - rubyntlm (~> 0.1.1) + rubyntlm (~> 0.3) GEM remote: http://rubygems.org/ @@ -14,7 +14,7 @@ GEM diff-lcs (1.1.3) hashie (3.3.1) method_source (0.8.1) - net-ldap (0.7.0) + net-ldap (0.9.0) omniauth (1.2.2) hashie (>= 1.2, < 4) rack (~> 1.0) @@ -35,7 +35,7 @@ GEM rspec-expectations (2.12.1) diff-lcs (~> 1.1.3) rspec-mocks (2.12.1) - rubyntlm (0.1.1) + rubyntlm (0.4.0) slop (3.3.3) PLATFORMS diff --git a/gitlab_omniauth-ldap.gemspec b/gitlab_omniauth-ldap.gemspec index 606c8bd..940512d 100644 --- a/gitlab_omniauth-ldap.gemspec +++ b/gitlab_omniauth-ldap.gemspec @@ -10,9 +10,9 @@ Gem::Specification.new do |gem| gem.license = "MIT" gem.add_runtime_dependency 'omniauth', '~> 1.0' - gem.add_runtime_dependency 'net-ldap', '~> 0.7.0' + gem.add_runtime_dependency 'net-ldap', '~> 0.9' gem.add_runtime_dependency 'pyu-ruby-sasl', '~> 0.0.3.1' - gem.add_runtime_dependency 'rubyntlm', '~> 0.1.1' + gem.add_runtime_dependency 'rubyntlm', '~> 0.3' gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) } gem.files = `git ls-files`.split("\n") From cfbb9040c0247b1d6636b228cc21c1bc451d196e Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Wed, 29 Oct 2014 17:12:01 +0200 Subject: [PATCH 13/17] Bump version Signed-off-by: Dmitriy Zaporozhets --- Gemfile.lock | 2 +- lib/omniauth-ldap/version.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5dd6d08..530ade2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - gitlab_omniauth-ldap (1.1.0) + gitlab_omniauth-ldap (1.2.0) net-ldap (~> 0.9) omniauth (~> 1.0) pyu-ruby-sasl (~> 0.0.3.1) diff --git a/lib/omniauth-ldap/version.rb b/lib/omniauth-ldap/version.rb index f7f9b4b..1d8c32e 100644 --- a/lib/omniauth-ldap/version.rb +++ b/lib/omniauth-ldap/version.rb @@ -1,5 +1,5 @@ module OmniAuth module LDAP - VERSION = "1.1.0" + VERSION = "1.2.0" end end From f2acd1f9b8719cda9bbaf78651ebdb78d013993e Mon Sep 17 00:00:00 2001 From: Douwe Maan Date: Fri, 6 Mar 2015 13:25:59 +0100 Subject: [PATCH 14/17] Escape wildcards in username. --- lib/omniauth/strategies/ldap.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/omniauth/strategies/ldap.rb b/lib/omniauth/strategies/ldap.rb index 4b075e4..b26f607 100644 --- a/lib/omniauth/strategies/ldap.rb +++ b/lib/omniauth/strategies/ldap.rb @@ -52,9 +52,10 @@ def callback_phase def filter adaptor if adaptor.filter and !adaptor.filter.empty? - Net::LDAP::Filter.construct(adaptor.filter % {username: @options[:name_proc].call(request['username'])}) + username = Net::LDAP::Filter.escape(@options[:name_proc].call(request['username'])) + Net::LDAP::Filter.construct(adaptor.filter % { username: username }) else - Net::LDAP::Filter.eq(adaptor.uid, @options[:name_proc].call(request['username'])) + Net::LDAP::Filter.equals(adaptor.uid, @options[:name_proc].call(request['username'])) end end From 1bfda92229763eaad8141fd5675df7dcfe3acb3e Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Fri, 6 Mar 2015 18:01:14 -0800 Subject: [PATCH 15/17] Add ruby 2.1.5 to travis --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index e8fd1f0..91f7083 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,4 +3,5 @@ branches: - 'master' rvm: - 2.0.0 + - 2.1.5 script: "bundle exec rspec spec" From 2dd5b77abe7174ceb647cc9260987868ddb3c5a2 Mon Sep 17 00:00:00 2001 From: Douwe Maan Date: Tue, 17 Mar 2015 17:10:03 +0100 Subject: [PATCH 16/17] Bump version to 1.2.1. --- lib/omniauth-ldap/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/omniauth-ldap/version.rb b/lib/omniauth-ldap/version.rb index 1d8c32e..4e21bee 100644 --- a/lib/omniauth-ldap/version.rb +++ b/lib/omniauth-ldap/version.rb @@ -1,5 +1,5 @@ module OmniAuth module LDAP - VERSION = "1.2.0" + VERSION = "1.2.1" end end From 81d2e680712698447f8e134bef695dc0d6030be1 Mon Sep 17 00:00:00 2001 From: Douwe Maan Date: Tue, 17 Mar 2015 17:11:06 +0100 Subject: [PATCH 17/17] Update gems. --- Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 530ade2..ab3d3d9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - gitlab_omniauth-ldap (1.2.0) + gitlab_omniauth-ldap (1.2.1) net-ldap (~> 0.9) omniauth (~> 1.0) pyu-ruby-sasl (~> 0.0.3.1) @@ -12,9 +12,9 @@ GEM specs: coderay (1.0.8) diff-lcs (1.1.3) - hashie (3.3.1) + hashie (3.4.0) method_source (0.8.1) - net-ldap (0.9.0) + net-ldap (0.11) omniauth (1.2.2) hashie (>= 1.2, < 4) rack (~> 1.0) @@ -35,7 +35,7 @@ GEM rspec-expectations (2.12.1) diff-lcs (~> 1.1.3) rspec-mocks (2.12.1) - rubyntlm (0.4.0) + rubyntlm (0.5.0) slop (3.3.3) PLATFORMS