debian-mirror-gitlab/lib/gitlab/auth/saml/identity_linker.rb

# frozen_string_literal: true

module Gitlab
  module Auth
    module Saml
      class IdentityLinker < OmniauthIdentityLinkerBase
        extend ::Gitlab::Utils::Override

        UnverifiedRequest = Class.new(StandardError)

        override :link
        def link
          raise_unless_request_is_gitlab_initiated! if unlinked?

          super
        end

        protected

        def raise_unless_request_is_gitlab_initiated!
          raise UnverifiedRequest unless valid_gitlab_initiated_request?
        end

        def valid_gitlab_initiated_request?
          OriginValidator.new(session).gitlab_initiated?(saml_response)
        end

        def saml_response
          oauth.fetch(:extra, {}).fetch(:response_object, {})
        end
      end
    end
  end
end
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`# frozen_string_literal: true`

New upstream version 10.8.7+dfsg 2018-10-15 14:42:47 +05:30			`module Gitlab`
			`module Auth`
			`module Saml`
			`class IdentityLinker < OmniauthIdentityLinkerBase`
New upstream version 12.1.12 2019-09-30 23:59:55 +05:30			`extend ::Gitlab::Utils::Override`

			`UnverifiedRequest = Class.new(StandardError)`

			`override :link`
			`def link`
			`raise_unless_request_is_gitlab_initiated! if unlinked?`

			`super`
			`end`

			`protected`

			`def raise_unless_request_is_gitlab_initiated!`
			`raise UnverifiedRequest unless valid_gitlab_initiated_request?`
			`end`

			`def valid_gitlab_initiated_request?`
			`OriginValidator.new(session).gitlab_initiated?(saml_response)`
			`end`

			`def saml_response`
			`oauth.fetch(:extra, {}).fetch(:response_object, {})`
			`end`
New upstream version 10.8.7+dfsg 2018-10-15 14:42:47 +05:30			`end`
			`end`
			`end`
			`end`