Commit c083df05 authored by Valery Sizov's avatar Valery Sizov Committed by vsizov

LDAP BASE IMPLEMENRTATION

parent b4cc04d7
...@@ -28,6 +28,7 @@ gem "resque" ...@@ -28,6 +28,7 @@ gem "resque"
gem "httparty" gem "httparty"
gem "charlock_holmes" gem "charlock_holmes"
gem "foreman" gem "foreman"
gem "omniauth-ldap"
group :assets do group :assets do
gem "sass-rails", "~> 3.1.0" gem "sass-rails", "~> 3.1.0"
......
...@@ -115,6 +115,7 @@ GEM ...@@ -115,6 +115,7 @@ GEM
haml (~> 3.0) haml (~> 3.0)
railties (~> 3.0) railties (~> 3.0)
hashery (1.4.0) hashery (1.4.0)
hashie (1.2.0)
hike (1.2.1) hike (1.2.1)
httparty (0.8.1) httparty (0.8.1)
multi_json multi_json
...@@ -141,12 +142,22 @@ GEM ...@@ -141,12 +142,22 @@ GEM
mime-types (1.17.2) mime-types (1.17.2)
multi_json (1.0.3) multi_json (1.0.3)
multi_xml (0.4.1) multi_xml (0.4.1)
net-ldap (0.2.2)
nokogiri (1.5.0) nokogiri (1.5.0)
omniauth (1.0.2)
hashie (~> 1.2)
rack
omniauth-ldap (1.0.2)
net-ldap (~> 0.2.2)
omniauth (~> 1.0)
pyu-ruby-sasl (~> 0.0.3.1)
rubyntlm (~> 0.1.1)
orm_adapter (0.0.5) orm_adapter (0.0.5)
polyglot (0.3.3) polyglot (0.3.3)
posix-spawn (0.3.6) posix-spawn (0.3.6)
pygments.rb (0.2.4) pygments.rb (0.2.4)
rubypython (~> 0.5.3) rubypython (~> 0.5.3)
pyu-ruby-sasl (0.0.3.3)
rack (1.3.5) rack (1.3.5)
rack-cache (1.1) rack-cache (1.1)
rack (>= 0.4) rack (>= 0.4)
...@@ -210,6 +221,7 @@ GEM ...@@ -210,6 +221,7 @@ GEM
ruby-debug-base19 (>= 0.11.19) ruby-debug-base19 (>= 0.11.19)
ruby_core_source (0.1.5) ruby_core_source (0.1.5)
archive-tar-minitar (>= 0.5.2) archive-tar-minitar (>= 0.5.2)
rubyntlm (0.1.1)
rubypython (0.5.3) rubypython (0.5.3)
blankslate (>= 2.1.2.3) blankslate (>= 2.1.2.3)
ffi (~> 1.0.7) ffi (~> 1.0.7)
...@@ -306,6 +318,7 @@ DEPENDENCIES ...@@ -306,6 +318,7 @@ DEPENDENCIES
kaminari kaminari
launchy launchy
letter_opener letter_opener
omniauth-ldap
pygments.rb (= 0.2.4) pygments.rb (= 0.2.4)
rails (= 3.1.1) rails (= 3.1.1)
rails-footnotes (~> 3.7.5) rails-footnotes (~> 3.7.5)
......
# Place all the behaviors and hooks related to the matching controller here.
# All this logic will automatically be available in application.js.
# You can use CoffeeScript in this file: http://jashkenas.github.com/coffee-script/
// Place all the styles related to the Users::OmniauthCallbacks controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def ldap
# We only find ourselves here if the authentication to LDAP was successful.
ldap = request.env["omniauth.auth"]["extra"]["raw_info"]
username = ldap.sAMAccountName[0].to_s
email = ldap.proxyaddresses[0][5..-1].to_s
if @user = User.find_by_email(email)
sign_in_and_redirect root_path
else
password = User.generate_random_password
@user = User.create(:name => username,
:email => email,
:password => password,
:password_confirmation => password
)
sign_in_and_redirect @user
end
end
end
module Users::OmniauthCallbacksHelper
end
...@@ -2,7 +2,7 @@ class User < ActiveRecord::Base ...@@ -2,7 +2,7 @@ class User < ActiveRecord::Base
# Include default devise modules. Others available are: # Include default devise modules. Others available are:
# :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable # :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :token_authenticatable, devise :database_authenticatable, :token_authenticatable,
:recoverable, :rememberable, :trackable, :validatable :recoverable, :rememberable, :trackable, :validatable, :omniauthable
# Setup accessible (or protected) attributes for your model # Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me, attr_accessible :email, :password, :password_confirmation, :remember_me,
...@@ -62,6 +62,10 @@ class User < ActiveRecord::Base ...@@ -62,6 +62,10 @@ class User < ActiveRecord::Base
def last_activity_project def last_activity_project
projects.first projects.first
end end
def self.generate_random_password
(0...8).map{ ('a'..'z').to_a[rand(26)] }.join
end
end end
# == Schema Information # == Schema Information
# #
......
...@@ -9,4 +9,5 @@ ...@@ -9,4 +9,5 @@
<br/> <br/>
<%= f.submit "Sign in", :class => "grey-button" %> <%= f.submit "Sign in", :class => "grey-button" %>
<div class="right"> <%= render :partial => "devise/shared/links" %></div> <div class="right"> <%= render :partial => "devise/shared/links" %></div>
<%= user_omniauth_authorize_path(:ldap)%>
<% end %> <% end %>
...@@ -199,6 +199,15 @@ Devise.setup do |config| ...@@ -199,6 +199,15 @@ Devise.setup do |config|
# up on your models and hooks. # up on your models and hooks.
# config.omniauth :github, 'APP_ID', 'APP_SECRET', :scope => 'user,public_repo' # config.omniauth :github, 'APP_ID', 'APP_SECRET', :scope => 'user,public_repo'
#config.omniauth :ldap,
# :host => 'YOUR_LDAP_SERVER',
# :base => 'THE_BASE_WHERE_YOU_SEARCH_FOR_USERS',
# :uid => 'sAMAccountName',
# :port => 389,
# :method => :plain,
# :bind_dn => 'THE_FULL_DN_OF_THE_USER_YOU_WILL_BIND_WITH',
# :password => 'THE_PASSWORD_OF_THE_BIND_USER'
# ==> Warden configuration # ==> Warden configuration
# If you want to use other strategies, that are not supported by Devise, or # If you want to use other strategies, that are not supported by Devise, or
# change the failure app, you can configure them inside the config.warden block. # change the failure app, you can configure them inside the config.warden block.
......
...@@ -39,7 +39,7 @@ Gitlab::Application.routes.draw do ...@@ -39,7 +39,7 @@ Gitlab::Application.routes.draw do
resources :projects, :constraints => { :id => /[^\/]+/ }, :only => [:new, :create, :index] resources :projects, :constraints => { :id => /[^\/]+/ }, :only => [:new, :create, :index]
resources :keys resources :keys
devise_for :users devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }
resources :projects, :constraints => { :id => /[^\/]+/ }, :except => [:new, :create, :index], :path => "/" do resources :projects, :constraints => { :id => /[^\/]+/ }, :except => [:new, :create, :index], :path => "/" do
member do member do
......
require 'spec_helper'
describe Users::OmniauthCallbacksController do
end
require 'spec_helper'
# Specs in this file have access to a helper object that includes
# the Users::OmniauthCallbacksHelper. For example:
#
# describe Users::OmniauthCallbacksHelper do
# describe "string concat" do
# it "concats two strings with spaces" do
# helper.concat_strings("this","that").should == "this that"
# end
# end
# end
describe Users::OmniauthCallbacksHelper do
pending "add some examples to (or delete) #{__FILE__}"
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment