Add oauth_login_counter before request phase middleware
-
Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA. As a benefit of being a GitLab Community Contributor, you receive complimentary access to GitLab Duo.
What does this MR do and why?
The omniauth gem allows us to add custom logic to the different phases of the OAuth flow.
Currently, the custom logic in the before_request_phase increments the login counter for the user.
As part of another MR, there is the intention to add more custom logic to the before_request_phase callback, see !171643 (diffs). For better maintenance, I see the potential to extract the current custom logic (that increases the login counter) into a separate class.
A similar approach is also used for the request_validation_phase, see https://gitlab.com/gitlab-community/gitlab/-/blob/master/config/initializers/omniauth.rb#L18 . In this "phase", the custom logic is encapsulated in the Gitlab::RequestForgeryProtection.
References
Please include cross links to any resources that are relevant to this MR This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
MR Checklist (@gerardo-navarro)
-
Changelog entry added, if necessary -
Documentation created/updated via this MR -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Tested in all supported browsers -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the javascript style guides -
Conforms to the database guides
Screenshots or screen recordings
Only changes in the backend
How to set up and validate locally
- Run the relevant tests
bundle exec rspec spec/requests/rack_middlewares/omniauth_spec.rb spec/lib/gitlab/auth/o_auth/before_request_phase_oauth_login_counter_increment_spec.rb
Related to #512326 (closed)