Inherit Gitlab::LDAP::User from Gitlab::OAuth::User

lib/gitlab/ldap/user.rb

+require 'gitlab/oauth/user'
+
 # LDAP extension for User model
 #
 # * Find or create user from omniauth.auth data
 # * Links LDAP account with existing user
+# * Auth LDAP user with login and password
 #
 module Gitlab
   module LDAP
-    class User
+    class User < Gitlab::OAuth::User
       class << self
-        def find(uid, email)
-          # Look for user with ldap provider and same uid
-          user = find_by_uid(uid)
-          return user if user
-
-          # Look for user with same emails
-          #
-          # Possible cases:
-          # * When user already has account and need to link his LDAP account.
-          # * LDAP uid changed for user with same email and we need to update his uid
-          #
-          user = model.find_by_email(email)
-
-          if user
-            user.update_attributes(extern_uid: uid, provider: 'ldap')
-            log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}")
-          end
-
-          user
-        end
-
-        def create(uid, email, name)
-          password = Devise.friendly_token[0, 8].downcase
-          username = email.match(/^[^@]*/)[0]
-
-          opts = {
-            extern_uid: uid,
-            provider: 'ldap',
-            name: name,
-            username: username,
-            email: email,
-            password: password,
-            password_confirmation: password,
-          }
-
-          user = model.new(opts, as: :admin).with_defaults
-          user.save!
-          log.info "(LDAP) Creating user #{email} from login with extern_uid => #{uid}"
-
-          user
-        end
-
         def find_or_create(auth)
-          uid, email, name = uid(auth), email(auth), name(auth)
+          @auth = auth
 
           if uid.blank? || email.blank?
             raise_error("Account must provide an uid and email address")
           end
 
-          user = find(uid, email)
-          user = create(uid, email, name) unless user
-          user
-        end
+          user = find(auth)
+
+          unless user
+            # Look for user with same emails
+            #
+            # Possible cases:
+            # * When user already has account and need to link his LDAP account.
+            # * LDAP uid changed for user with same email and we need to update his uid
+            #
+            user = model.find_by_email(email)
+
+            if user
+              user.update_attributes(extern_uid: uid, provider: provider)
+              log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}")
+            else
+              # Create a new user inside GitLab database
+              # based on LDAP credentials
+              #
+              #
+              user = create(auth)
+            end
+          end
 
-        def find_by_uid(uid)
-          model.ldap.where(extern_uid: uid).last
+          user
         end
 
-        def auth(login, password)
+        def authenticate(login, password)
           # Check user against LDAP backend if user is not authenticated
           # Only check with valid login and password to prevent anonymous bind results
           return nil unless ldap_conf.enabled && login.present? && password.present?
@@ -82,30 +60,18 @@ module Gitlab
 
         private
 
-        def uid(auth)
-          auth.info.uid
-        end
-
-        def email(auth)
-          auth.info.email.downcase unless auth.info.email.nil?
-        end
-
-        def name(auth)
-          auth.info.name.to_s.force_encoding("utf-8")
+        def find_by_uid(uid)
+          model.where(provider: provider, extern_uid: uid).last
         end
 
-        def log
-          Gitlab::AppLogger
+        def provider
+          'ldap'
         end
 
         def raise_error(message)
           raise OmniAuth::Error, "(LDAP) " + message
         end
 
-        def model
-          ::User
-        end
-
         def ldap_conf
           Gitlab.config.ldap
         end