Skip to content
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
100 commits
Select commit Hold shift + click to select a range
ecf5c43
Load a global catalog connection & add interface for searching it
Jul 25, 2016
51e72c0
Use global catalog to detect user, if server is Active Directory
Jul 25, 2016
203063d
Add tests for auth & unauth default Global Catalog settings
Jul 25, 2016
a23ccef
Test format of Global Catalog search results
Jul 25, 2016
c03c0de
Split up auth'd, unauth'd and global default settings tests
Jul 25, 2016
d4ae1ab
Updated documentation
Jul 25, 2016
8244f7c
Only initialize global catalog if server is Active Directory
Jul 25, 2016
3cf1c5a
Make capabilities public so domain can decide whether it's Active Dir
Jul 25, 2016
baef44d
Test for default instrumentation service on Global Catalog
Jul 25, 2016
e05f40c
Added doc for global_catalog_search
Jul 25, 2016
6125bc5
Test for domain to use global catalog if it's Active Directory
Jul 25, 2016
a34264b
Test for using default search on non-Active Directory servers
Jul 25, 2016
a00750f
Keep reference to credentials & instrumentation service for Global Ca…
Jul 25, 2016
6787585
Updates to Domain#user? & use of Global Catalog
Jul 25, 2016
c38ffca
Test that global catalog search uses empty base DN
Jul 25, 2016
ab2d49a
Set auth method for Global Catalog explicitly to :simple
Jul 25, 2016
3af0a88
Make sure global catalog search returns first entry from result array
Jul 25, 2016
dd24ee7
Document reason for auth references; remove redundant ivar
Jul 25, 2016
8d9eca3
Update doc
Jul 25, 2016
76db68a
Added test group to Gemfile
Jul 25, 2016
d69b0ba
Use assert_nil
Jul 25, 2016
9e9f9e9
Drop message in test
Jul 25, 2016
ad67b78
Created new ActiveDirectory user search class; moved tests
Aug 1, 2016
73ddf22
Added default strategy class for UserSearch
Aug 4, 2016
3d73e87
Load the default user search class; use strategy for Domain#user?
Aug 4, 2016
3f1838c
Override search for AD user search
Aug 4, 2016
115abb7
Update tests with new method signature for UserSearch#perform
Aug 4, 2016
f550ce5
Configure user search strategy
Aug 4, 2016
32840bc
Removed dead code -- was moved to its own class
Aug 4, 2016
89eca1e
More tests for user search strategy
Aug 4, 2016
faf1a16
Reverse the merge order for default search
Aug 4, 2016
2538aa0
Updated domain tests since adding user search strategy
Aug 4, 2016
d759075
Removed unnecessary tests
Aug 4, 2016
1ab77c0
Don't need this test
Aug 4, 2016
2e33e8b
Clean up requires
Aug 4, 2016
cf59b4c
Created a GlobalCatalog object; expose :connection on LDAP
Aug 4, 2016
0b22add
Configure user search consistent with other config strategies
Aug 4, 2016
5f9e3d7
Make active_directory_capability? private again
Aug 4, 2016
0ea4a93
Use mock utility for mock objects; Don't stub :new on Net::LDAP
Aug 4, 2016
18eb399
Test auth on user search strategy; minor test cleanup
Aug 4, 2016
32222d5
Updated documentation
Aug 4, 2016
5012000
Explictly override options for setting the base DN to ""
Aug 4, 2016
a522641
better hash structure
Aug 4, 2016
a3163fe
Updated documentation
Aug 4, 2016
c3ac0b3
Don't fall back on default user search for non-AD controllers
Aug 4, 2016
4154214
Make search & options private on ActiveDirectory user search
Aug 4, 2016
3da33e4
Make global connection interface private
Aug 4, 2016
735a42b
update documentation
Aug 4, 2016
3bc3979
Remove unneded test & condition
Aug 4, 2016
c05c4d7
First draft of referral chasing: set up referral connection properties
Jul 26, 2016
9afe164
WIP: Added referral chasing method, will move to GitHub::Ldap
Jul 26, 2016
1fce717
Moved chase_referral to ldap class
Jul 28, 2016
526d63a
Cache new referral connections as we go
Jul 28, 2016
82704e5
removed old chase_referral method
Jul 28, 2016
022d455
Add method to reset base dn on search filter for use with referrals
Jul 28, 2016
652633b
Reset base dn on filter before searcing on referral controller
Jul 28, 2016
bb149ca
cleanup
Jul 29, 2016
218675b
Use GitHub::Ldap instead of Net::LDAP for referral connections
Jul 29, 2016
971698c
Don't reset base_dn, will pass in FQDN for groups from client
Jul 29, 2016
990cca8
No need for DN matcher
Jul 29, 2016
54defdb
Create a ConnectionPool object to encapsulate caching connection objects
Jul 29, 2016
4b0ccff
Split connection pool tests
Jul 29, 2016
edd8107
A little cleanup
Jul 29, 2016
5d7c294
Abstracted referral chasing into its own class
Jul 29, 2016
96ba488
load referral_chaser; exposed admin user & pw for referrals to use
Jul 29, 2016
9edc1c5
Removed dead code
Jul 29, 2016
7f3e6f2
Use new referral chaser class in ActiveDirectory validator
Jul 29, 2016
b7da6e7
Pushing referral aggregation from callsite into ReferallChaser
Jul 30, 2016
704ea39
Use base connection's port as the default port
Aug 1, 2016
8199555
Use ReferralChaser to do all the search heavy lifting for AD
Aug 1, 2016
d3dc5c4
Updated documentation
Aug 1, 2016
644fb68
Updated tests
Aug 1, 2016
e759522
Added a GitHub::Ldap::URL object to encapsulate parsing ldap urls
Aug 1, 2016
5cefd97
Remove redundant test
Aug 1, 2016
0ac330a
Only iterate over Referall type entries in ReferralChaser
Aug 1, 2016
1a95540
memoize the referral chaser
Aug 2, 2016
e2c3675
check entry for nil when collecting referrals
Aug 2, 2016
a4573d7
Remove test file; clean up merge
Aug 4, 2016
3eddd8b
A bit more merge cleanup
Aug 4, 2016
7cdbe86
Minor style/cleanup
Aug 4, 2016
80a6127
Don't need result reference
Aug 4, 2016
f052559
Better format for private method
Aug 4, 2016
77b4209
Add host interface to ldap; updated tests
Aug 4, 2016
518bd85
Moved connection cache to its own class
Aug 4, 2016
27cf716
move mocha requirement to test_helper
Aug 4, 2016
ef20459
Better use of mocks
Aug 5, 2016
51f793c
Fix mock for referral_chaser_test
Aug 5, 2016
a0f1f24
Fixing CI: don't use a real connection
Aug 5, 2016
88319aa
CI Fixes: move all setup code inline
Aug 5, 2016
cc3fd3a
Removing ruby 1.9.3 from CI
Aug 5, 2016
85ab9f8
Use correct port for LDAP connection
Aug 5, 2016
ed66f8d
CI Fixes: use the right credentials to connect to test ldap server
Aug 5, 2016
6ad401a
CI Fixes: use correct connection attrs for tests
Aug 5, 2016
142e3fd
Test Ruby 2.0
mtodd Aug 5, 2016
64c6e08
Configure connection with GitHub::Ldap::Test#options
mtodd Aug 5, 2016
2b80058
Rename mock_connection to ldap
mtodd Aug 5, 2016
e7de8e7
Setup test hosts for connection caching
mtodd Aug 5, 2016
02cef0b
Document user search strategy callsite
Aug 5, 2016
15990be
Test for invalid URL strings as well as bad schemes in ReferralChaser
Aug 5, 2016
60e7b7f
Fixing some merge-fu: use @ldap not @mock_connection
Aug 5, 2016
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Load the default user search class; use strategy for Domain#user?
  • Loading branch information
Dave Sims committed Aug 4, 2016
commit 3d73e879bf3094f0f4170d704ba57290aabbc115
4 changes: 1 addition & 3 deletions lib/github/ldap.rb
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,7 @@
require 'github/ldap/instrumentation'
require 'github/ldap/member_search'
require 'github/ldap/membership_validators'
require 'github/ldap/connection_cache'
require 'github/ldap/referral_chaser'
require 'github/ldap/url'
require 'github/ldap/user_search/default.rb'
require 'github/ldap/user_search/active_directory.rb'

module GitHub
Expand Down
12 changes: 1 addition & 11 deletions lib/github/ldap/domain.rb
Original file line number Diff line number Diff line change
Expand Up @@ -115,17 +115,7 @@ def valid_login?(login, password)
# Returns the user if the login matches any `uid`.
# Returns nil if there are no matches.
def user?(login, search_options = {})
options = search_options.merge \
filter: login_filter(@uid, login),
size: 1

if @ldap.active_directory_capability?
# when doing a global search for a user's DN, set the search base to blank
options[:base] = ""
@ldap.global_catalog_search(options).first
else
search(options).first
end
@ldap.ldap_user_search_strategy.perform(login, @base_name, @uid, search_options)
end

# Check if a user can be bound with a password.
Expand Down