Refactoring auth

config/gitlab.yml.example

@@ -25,8 +25,38 @@ app:
   # backup_keep_time: 604800      # default: 0 (forever) (in seconds)
   # disable_gravatar: true        # default: false - Disable user avatars from Gravatar.com
 
+
+
+
 #
-# 2. Advanced settings:
+# 2. Auth settings
+# ==========================
+ldap: 
+  enabled: false
+  host: '_your_ldap_server'
+  base: '_the_base_where_you_search_for_users'
+  port: 636
+  uid: 'sAMAccountName'
+  method: 'ssl' # plain
+  bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
+  password: '_the_password_of_the_bind_user'
+
+omniauth:
+  enabled: false
+  allow_single_sign_on: false
+  block_auto_created_users: true
+  providers:
+    # - { name: 'google_oauth2', app_id: 'YOUR APP ID',
+    #     app_secret: 'YOUR APP SECRET',
+    #     args: { access_type: 'offline', approval_prompt: '' } }
+    # - { name: 'twitter', app_id: 'YOUR APP ID',
+    #     app_secret: 'YOUR APP SECRET'}
+    # - { name: 'github', app_id: 'YOUR APP ID',
+    #     app_secret: 'YOUR APP SECRET' }
+
+
+#
+# 3. Advanced settings:
 # ==========================
 
 # Git Hosting configuration
@@ -50,21 +80,3 @@ git:
   git_max_size: 5242880 # 5.megabytes
   # Git timeout to read commit, in seconds
   git_timeout: 10
-
-# Omniauth configuration
-omniauth:
-  enabled: false
-  providers:
-  allow_single_sign_on: false
-  block_auto_created_users: true
-
-# omniauth:
-#   enabled: true
-#   providers:
-#     - { name: 'google_oauth2', app_id: 'YOUR APP ID',
-#         app_secret: 'YOUR APP SECRET',
-#         args: { access_type: 'offline', approval_prompt: '' } }
-#     - { name: 'twitter', app_id: 'YOUR APP ID',
-#         app_secret: 'YOUR APP SECRET'}
-#     - { name: 'github', app_id: 'YOUR APP ID',
-#         app_secret: 'YOUR APP SECRET' }

config/initializers/1_settings.rb

@@ -120,8 +120,16 @@ class Settings < Settingslogic
       app['backup_keep_time'] || 0
     end
 
+    def ldap_enabled?
+      ldap['enabled']
+    rescue
+      false
+    end
+
     def omniauth_enabled?
-      omniauth['enabled'] || false
+      omniauth && omniauth['enabled']
+    rescue
+      false
     end
 
     def omniauth_providers

config/initializers/devise.rb

@@ -204,4 +204,21 @@ Devise.setup do |config|
   #   manager.intercept_401 = false
   #   manager.default_strategies(:scope => :user).unshift :some_external_strategy
   # end
+
+  gl = Gitlab.config
+
+  if gl.ldap_enabled?
+    config.omniauth :ldap,
+      :host     => gl.ldap['host'],
+      :base     => gl.ldap['base'],
+      :uid      => gl.ldap['uid'],
+      :port     => gl.ldap['port'],
+      :method   => gl.ldap['method'],
+      :bind_dn  => gl.ldap['bind_dn'],
+      :password => gl.ldap['password']
+  end
+
+  gl.omniauth_providers.each do |gl_provider|
+    config.omniauth gl_provider['name'].to_sym, gl_provider['app_id'], gl_provider['app_secret']
+  end
 end

config/initializers/omniauth.rb.sample

@@ -1,15 +0,0 @@
-# Copy this file to 'omniauth.rb' and configure it as necessary.
-# The wiki has further details on configuring each provider.
-
-Devise.setup do |config|
-  # config.omniauth :github, 'APP_ID', 'APP_SECRET', :scope => 'user,public_repo'
-
-  # config.omniauth :ldap, 
-  #     :host => 'YOUR_LDAP_SERVER',
-  #     :base => 'THE_BASE_WHERE_YOU_SEARCH_FOR_USERS',
-  #     :uid => 'sAMAccountName',
-  #     :port => 389,
-  #     :method => :plain,
-  #     :bind_dn => 'THE_FULL_DN_OF_THE_USER_YOU_WILL_BIND_WITH',
-  #     :password => 'THE_PASSWORD_OF_THE_BIND_USER'
-end