Validate that SAML requests are originated from gitlab
If the request wasn't initiated by gitlab we shouldn't add the new identity to the user, and instead show that we weren't able to link the identity to the user. This should fix: https://gitlab.com/gitlab-org/gitlab-ce/issues/56509
Showing
lib/omni_auth/strategies/saml.rb
0 → 100644
spec/support/omniauth_strategy.rb
0 → 100644
想要评论请 注册 或 登录