Sync GitLab #100
Merged
Sync GitLab #100
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If no username or password is provided a MissingCredentialsError is raised which causes a Rack caught exception and a 500 Error in gitlab. Omniauth provides a way to raise such errors to the application by using the 'fail!' method to pass the exception to the registered failure handler. For gitlab this is the omniauth_controller code. This is required to resolve gitlab issue #1077. Signed-off-by: Pat Thoyts <patthoyts@users.sourceforge.net>
Report missing credentials to the Rails application.
Newer LDAP servers fail with older versions of net-ldap. Update to the fixed version. Signed-off-by: David Aguilar <davvid@gmail.com>
Gemfile.lock: update net-ldap to fix LDAP authentication issues
Update version to match intridea/omniauth-ldap. Add test for alternate fields.
Sync with intridea/omniauth-ldap
net-ldap version update There is a bug in net-ldap < 0.5.0 preventing connections to Microsoft servers. Pushing the net-ldap dependency version should fix it. See the following net-ldap issue for a description. ruby-ldap/ruby-net-ldap#80 See merge request !2
Considering we are bumping net-ldap from 0.3.1 to 0.7.0 I thought a minor version bump might be called for.
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Bump net ldap Related to gitlab/gitlabhq#1700 See merge request !1
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Escape wildcards in username. Addresses https://dev.gitlab.org/gitlab/gitlabhq/issues/2086. Also see https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/344 and https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/1644. See merge request !2
Add support for LDAP failover Add host failover support to this library. It's been supported in Net::LDAP for some time. See merge request !4
Net::LDAP compatibility
Add ruby 3.4 to the CI See merge request https://gitlab.com/gitlab-org/omniauth-ldap/-/merge_requests/23 Merged-by: Drew Blessing <drew@gitlab.com> Approved-by: Drew Blessing <drew@gitlab.com> Co-authored-by: Hakeem Abdul-Razak <habdul-razak@gitlab.com>
Add Gem release CI component See merge request https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/merge_requests/24 Merged-by: Drew Blessing <drew@gitlab.com>
Release 2.3.0 See merge request https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/merge_requests/25 Merged-by: Drew Blessing <drew@gitlab.com>
# Conflicts: # .gitignore # .gitlab-ci.yml # Gemfile # README.md # gitlab_omniauth-ldap.gemspec # lib/omniauth-ldap/adaptor.rb # lib/omniauth-ldap/version.rb # lib/omniauth/strategies/ldap.rb # spec/omniauth-ldap/adaptor_spec.rb # spec/omniauth/strategies/ldap_spec.rb # spec/spec_helper.rb
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR upgrades the omniauth-ldap gem from version 2.0.0 to 2.3.0, introducing significant enhancements to SSL/TLS configuration, security improvements, and code modernization.
- Adds comprehensive TLS configuration options with
tls_optionsparameter and deprecates the olderca_fileandssl_versionoptions - Improves security by adding request method validation, better error handling with descriptive messages, and LDAP filter escaping
- Modernizes the codebase by removing the
nkfdependency, updating test patterns to usedescribed_class, and refactoring encryption method handling
Reviewed Changes
Copilot reviewed 12 out of 15 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| lib/omniauth-ldap/version.rb | Bumps version from 2.0.0 to 2.3.0 |
| lib/omniauth-ldap/adaptor.rb | Refactors encryption configuration, adds TLS options support, removes nkf dependency, and adds multi-host support |
| lib/omniauth/strategies/ldap.rb | Adds request method validation, improved error messages, LDAP filter escaping, and new TLS-related options |
| spec/spec_helper.rb | Removes unused omniauth/version require |
| spec/omniauth/strategies/ldap_spec.rb | Adds CSRF token handling, new test cases for error scenarios, request method validation, and alternate field mapping |
| spec/omniauth/adaptor_spec.rb | Updates tests to use described_class and new constant names |
| spec/omniauth-ldap/adaptor_spec.rb | Extensive test additions for encryption configuration, TLS options, multi-host support, and modernizes test patterns |
| gitlab_omniauth-ldap.gemspec | Removes nkf dependency and adds upper bounds to gem dependencies |
| gemfiles/modular/optional.gemfile | Removes nkf gem from optional dependencies |
| README.md | Updates configuration examples to use encryption instead of method, adds TLS options example, removes Ruby 3.4 nkf requirement section |
| Gemfile.lock | Updates version and dependency constraints |
| CHANGELOG | Documents changes in versions 2.0.3, 2.0.4, 2.1.0, and 2.1.1 |
| .rubocop_gradual.lock | Updates RuboCop offenses tracking for modified files |
| .gitlab-ci.yml | Consolidates image specification to default section |
| .gitignore | Adds .project and .tags to ignored files |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Welcome to Codecov 🎉Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests. Thanks for integrating Codecov - We've got you covered ☂️ |
Minimum allowed line rate is |
This was referenced Nov 5, 2025
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Sync from https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap