mirror of
https://github.com/mastodon/mastodon.git
synced 2024-12-20 08:19:04 +00:00
f3a93987b6
When authenticating via OAuth, the resource owner password grant strategy is allowed by Mastodon, but (without this PR), it does not attempt to authenticate against LDAP or PAM. As a result, LDAP or PAM authenticated users cannot sign in to Mastodon with their email/password credentials via OAuth (for instance, for native/mobile app users). This PR fleshes out the authentication strategy supplied to doorkeeper in its initializer by looking up the user with LDAP and/or PAM when devise is configured to use LDAP/PAM backends. It attempts to follow the same logic as the Auth::SessionsController for handling email/password credentials. Note #1: Since this pull request affects an initializer, it's unclear how to add test automation. Note #2: The PAM authentication path has not been manually tested. It was added for completeness sake, and it is hoped that it can be manually tested before merging. |
||
---|---|---|
.. | ||
environments | ||
initializers | ||
locales | ||
webpack | ||
application.rb | ||
boot.rb | ||
brakeman.ignore | ||
database.yml | ||
deploy.rb | ||
environment.rb | ||
i18n-tasks.yml | ||
navigation.rb | ||
pghero.yml | ||
puma.rb | ||
routes.rb | ||
secrets.yml | ||
settings.yml | ||
sidekiq.yml | ||
themes.yml | ||
webpacker.yml |