kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Merge branch 'fix-oauth-redirection' into 'master' 

Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in

### What does this MR do?

This MR fixes a bug when GitLab is used as an OAuth provider (e.g. to GitLab CI) where the user is not redirected back to the original URI after a successful sign-in. This MR tweaks the Doorkeeper configuration to set the `user_return_to` Devise session variable, as mentioned in this [Stack Overflow](http://stackoverflow.com/questions/14504739/how-to-use-both-devise-and-doorkeeper-gems) post.

### Why was this MR needed?

If you attempt to "Login via GitLab" from GitLab CI and aren't logged out completely, GitLab asks for your username and password. After you login, you get directed to the GitLab dashboard instead of back to GitLab CI. It's easy to reproduce:

1. Set up a GitLab CI and GitLab instance (e.g. ci.gitlab.com, gitlab.com).
2. Start an Incognito Window so that you are logged out of GitLab CI and GitLab.
3. Go to the GitLab CI instance. Click the "Login with GitLab".
4. Enter in your credentials.
5. Watch your browser login to GitLab and not return to GitLab CI.

### What are the relevant issue numbers?

Closes #1612

See merge request !998
This commit is contained in:
Stan Hu 2015-07-19 07:06:21 +00:00
parent 2940263aac 19163f84fb
commit 247609a3d8
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG
View File

@ -1,6 +1,7 @@
Please view this file on the master branch, on stable branches it's out of date.
v 7.14.0 (unreleased)
- Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in (Stan Hu)
- Fix file upload dialog for comment editing (Daniel Gerhardt)
- Expire Rails cache entries after two weeks to prevent endless Redis growth
- Add support for destroying project milestones (Stan Hu)

3
config/initializers/doorkeeper.rb
View File

@ -6,7 +6,8 @@ Doorkeeper.configure do
# This block will be called to check whether the resource owner is authenticated or not.
resource_owner_authenticator do
# Put your resource owner authentication logic here.
# Example implementation:
# Ensure user is redirected to redirect_uri after login
session[:user_return_to] = request.fullpath
current_user || redirect_to(new_user_session_url)
end