opendev/gerrit
Code Issues Proposed changes

Merge branch 'stable-2.14'

Browse Source 
* stable-2.14:
  Set Git/HTTP auth policy at init for LDAP, OAUTH

Change-Id: I869b5b0df14111ecda81433360d5bc58dfad7c7e
This commit is contained in:
David Pursehouse
2017-04-21 10:59:16 +02:00
parent 16444f4501 e9b58f7e8b
commit cb8604f7b5
1 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitAuth.java
View File

@@ -14,9 +14,14 @@
package com.google.gerrit.pgm.init; package com.google.gerrit.pgm.init;
import static com.google.gerrit.extensions.client.GitBasicAuthPolicy.HTTP;
import static com.google.gerrit.extensions.client.GitBasicAuthPolicy.HTTP_LDAP;
import static com.google.gerrit.extensions.client.GitBasicAuthPolicy.LDAP;
import static com.google.gerrit.extensions.client.GitBasicAuthPolicy.OAUTH;
import static com.google.gerrit.pgm.init.api.InitUtil.dnOf; import static com.google.gerrit.pgm.init.api.InitUtil.dnOf;
import com.google.gerrit.extensions.client.AuthType; import com.google.gerrit.extensions.client.AuthType;
import com.google.gerrit.extensions.client.GitBasicAuthPolicy;
import com.google.gerrit.pgm.init.api.ConsoleUI; import com.google.gerrit.pgm.init.api.ConsoleUI;
import com.google.gerrit.pgm.init.api.InitFlags; import com.google.gerrit.pgm.init.api.InitFlags;
import com.google.gerrit.pgm.init.api.InitStep; import com.google.gerrit.pgm.init.api.InitStep;
@@ -24,6 +29,7 @@ import com.google.gerrit.pgm.init.api.Section;
import com.google.gwtjsonrpc.server.SignedToken; import com.google.gwtjsonrpc.server.SignedToken;
import com.google.inject.Inject; import com.google.inject.Inject;
import com.google.inject.Singleton; import com.google.inject.Singleton;
import java.util.EnumSet;
/** Initialize the {@code auth} configuration section. */ /** Initialize the {@code auth} configuration section. */
@Singleton @Singleton
@@ -78,12 +84,32 @@ class InitAuth implements InitStep {
break; break;
} }
case LDAP:
{
auth.select(
"Git/HTTP authentication",
"gitBasicAuthPolicy",
HTTP,
EnumSet.of(HTTP, HTTP_LDAP, LDAP));
break;
}
case OAUTH:
{
GitBasicAuthPolicy gitBasicAuth =
auth.select(
"Git/HTTP authentication", "gitBasicAuthPolicy", HTTP, EnumSet.of(HTTP, OAUTH));
if (gitBasicAuth == OAUTH) {
ui.message(
"*WARNING* Please make sure that your chosen OAuth provider\n"
+ "supports Git token authentication.\n");
}
break;
}
case CLIENT_SSL_CERT_LDAP: case CLIENT_SSL_CERT_LDAP:
case CUSTOM_EXTENSION: case CUSTOM_EXTENSION:
case DEVELOPMENT_BECOME_ANY_ACCOUNT: case DEVELOPMENT_BECOME_ANY_ACCOUNT:
case LDAP:
case LDAP_BIND: case LDAP_BIND:
case OAUTH:
case OPENID: case OPENID:
case OPENID_SSO: case OPENID_SSO:
break; break;