Commit 20491498 authored by Robert Speicher's avatar Robert Speicher

Merge branch 'fix-authhash-infinite-loop' into 'master'

Fix infinite loop when SAML was incorrectly configured.

See merge request !1170
parents 04e1c4d3 c16b1651
...@@ -64,6 +64,7 @@ v 7.14.0 (unreleased) ...@@ -64,6 +64,7 @@ v 7.14.0 (unreleased)
- Set max-width for README, issue and merge request description for easier read on big screens - Set max-width for README, issue and merge request description for easier read on big screens
- Update Flowdock integration to support new Flowdock API (Boyan Tabakov) - Update Flowdock integration to support new Flowdock API (Boyan Tabakov)
- Remove author from files view (Sven Strickroth) - Remove author from files view (Sven Strickroth)
- Fix infinite loop when SAML was incorrectly configured.
v 7.13.5 v 7.13.5
- Satellites reverted - Satellites reverted
......
...@@ -9,49 +9,63 @@ module Gitlab ...@@ -9,49 +9,63 @@ module Gitlab
end end
def uid def uid
Gitlab::Utils.force_utf8(auth_hash.uid.to_s) @uid ||= Gitlab::Utils.force_utf8(auth_hash.uid.to_s)
end end
def provider def provider
Gitlab::Utils.force_utf8(auth_hash.provider.to_s) @provider ||= Gitlab::Utils.force_utf8(auth_hash.provider.to_s)
end end
def info def info
auth_hash.info auth_hash.info
end end
def name def get_info(key)
Gitlab::Utils.force_utf8((info.try(:name) || full_name).to_s) value = info.try(key)
Gitlab::Utils.force_utf8(value) if value
value
end end
def full_name def name
Gitlab::Utils.force_utf8("#{info.first_name} #{info.last_name}") @name ||= get_info(:name) || "#{get_info(:first_name)} #{get_info(:last_name)}"
end end
def username def username
Gitlab::Utils.force_utf8( @username ||= username_and_email[:username].to_s
(info.try(:nickname) || generate_username).to_s
)
end end
def email def email
Gitlab::Utils.force_utf8( @email ||= username_and_email[:email].to_s
(info.try(:email) || generate_temporarily_email).downcase
)
end end
def password def password
devise_friendly_token = Devise.friendly_token[0, 8].downcase @password ||= Gitlab::Utils.force_utf8(Devise.friendly_token[0, 8].downcase)
@password ||= Gitlab::Utils.force_utf8(devise_friendly_token) end
private
def username_and_email
@username_and_email ||= begin
username = get_info(:nickname) || get_info(:username)
email = get_info(:email)
username ||= generate_username(email) if email
email ||= generate_temporarily_email(username) if username
{
username: username,
email: email
}
end
end end
# Get the first part of the email address (before @) # Get the first part of the email address (before @)
# In addtion in removes illegal characters # In addtion in removes illegal characters
def generate_username def generate_username(email)
email.match(/^[^@]*/)[0].parameterize email.match(/^[^@]*/)[0].parameterize
end end
def generate_temporarily_email def generate_temporarily_email(username)
"temp-email-for-oauth-#{username}@gitlab.localhost" "temp-email-for-oauth-#{username}@gitlab.localhost"
end end
end end
......
...@@ -91,10 +91,6 @@ describe Gitlab::OAuth::AuthHash do ...@@ -91,10 +91,6 @@ describe Gitlab::OAuth::AuthHash do
expect(auth_hash.name.encoding).to eql Encoding::UTF_8 expect(auth_hash.name.encoding).to eql Encoding::UTF_8
end end
it 'forces utf8 encoding on full_name' do
expect(auth_hash.full_name.encoding).to eql Encoding::UTF_8
end
it 'forces utf8 encoding on username' do it 'forces utf8 encoding on username' do
expect(auth_hash.username.encoding).to eql Encoding::UTF_8 expect(auth_hash.username.encoding).to eql Encoding::UTF_8
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment