Crowd integration

This commit is contained in:
Valery Sizov 2015-08-31 13:59:52 +03:00
parent 6f19e8799e
commit 3700e5a960
11 changed files with 96 additions and 4 deletions

View File

@ -34,6 +34,7 @@ v 8.0.0 (unreleased)
- Added Drone CI integration (Kirill Zaitsev)
- Refactored service API and added automatically service docs generator (Kirill Zaitsev)
- Added web_url key project hook_attrs (Kirill Zaitsev)
- Add support for Crowd
v 7.14.1
- Improve abuse reports management from admin area

View File

@ -25,6 +25,7 @@ gem 'omniauth-kerberos', group: :kerberos
gem 'omniauth-gitlab'
gem 'omniauth-bitbucket'
gem 'omniauth-saml', '~> 1.4.0'
gem 'omniauth_crowd'
gem 'doorkeeper', '2.1.3'
gem "rack-oauth2", "~> 1.0.5"

View File

@ -434,6 +434,10 @@ GEM
omniauth-twitter (1.0.1)
multi_json (~> 1.3)
omniauth-oauth (~> 1.0)
omniauth_crowd (2.2.3)
activesupport
nokogiri (>= 1.4.4)
omniauth (~> 1.0)
opennebula (4.12.1)
json
nokogiri
@ -821,6 +825,7 @@ DEPENDENCIES
omniauth-saml (~> 1.4.0)
omniauth-shibboleth
omniauth-twitter
omniauth_crowd
org-ruby (= 0.9.12)
pg
poltergeist (~> 1.6.0)

View File

@ -8,6 +8,8 @@ class SessionsController < Devise::SessionsController
def new
if Gitlab.config.ldap.enabled
@ldap_servers = Gitlab::LDAP::Config.servers
else
@ldap_servers = []
end
super

View File

@ -1,6 +1,6 @@
module AuthHelper
PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2).freeze
FORM_BASED_PROVIDERS = [/\Aldap/, 'kerberos'].freeze
FORM_BASED_PROVIDERS = [/\Aldap/, 'kerberos', 'crowd'].freeze
def ldap_enabled?
Gitlab.config.ldap.enabled
@ -26,6 +26,10 @@ module AuthHelper
auth_providers.select { |provider| form_based_provider?(provider) }
end
def crowd_enabled?
auth_providers.include? :crowd
end
def button_based_providers
auth_providers.reject { |provider| form_based_provider?(provider) }
end

View File

@ -0,0 +1,9 @@
= form_tag(user_omniauth_authorize_path("crowd"), id: 'new_crowd_user' ) do
= text_field_tag :username, nil, {class: "form-control top", placeholder: "Username", autofocus: "autofocus"}
= password_field_tag :password, nil, {class: "form-control bottom", placeholder: "Password"}
- if devise_mapping.rememberable?
.remember-me.checkbox
%label{for: "remember_me"}
= check_box_tag :remember_me, '1', false, id: 'remember_me'
%span Remember me
= button_tag "Sign in", class: "btn-save btn"

View File

@ -8,15 +8,21 @@
.login-body
- if form_based_providers.any?
%ul.nav.nav-tabs
- if crowd_enabled?
%li.active
= link_to "Crowd", "#tab-crowd", 'data-toggle' => 'tab'
- @ldap_servers.each_with_index do |server, i|
%li{class: (:active if i.zero?)}
%li{class: (:active if i.zero? && !crowd_enabled?)}
= link_to server['label'], "#tab-#{server['provider_name']}", 'data-toggle' => 'tab'
- if signin_enabled?
%li
= link_to 'Standard', '#tab-signin', 'data-toggle' => 'tab'
.tab-content
- if crowd_enabled?
%div.tab-pane.active{id: "tab-crowd"}
= render 'devise/sessions/new_crowd'
- @ldap_servers.each_with_index do |server, i|
%div.tab-pane{id: "tab-#{server['provider_name']}", class: (:active if i.zero?)}
%div.tab-pane{id: "tab-#{server['provider_name']}", class: (:active if i.zero? && !crowd_enabled?)}
= render 'devise/sessions/new_ldap', server: server
- if signin_enabled?
%div#tab-signin.tab-pane

View File

@ -246,6 +246,11 @@ production: &base
# issuer: 'https://gitlab.example.com',
# name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
# } }
# - { name: 'crowd',
# args: {
# crowd_server_url: 'CROWD SERVER URL',
# application_name: 'YOUR_APP_NAME',
# application_password: 'YOUR_APP_PASSWORD' } }

View File

@ -238,7 +238,7 @@ Devise.setup do |config|
provider_arguments.concat provider['args']
when Hash
# A Hash from the configuration will be passed as is.
provider_arguments << provider['args']
provider_arguments << provider['args'].symbolize_keys
end
config.omniauth provider['name'].to_sym, *provider_arguments

58
doc/integration/crowd.md Normal file
View File

@ -0,0 +1,58 @@
# Crowd OmniAuth Provider
To enable the Crowd OmniAuth provider you must register your application with Crowd. To configure Crowd integration you need an application name and password.
1. On your GitLab server, open the configuration file.
For omnibus package:
```sh
sudo editor /etc/gitlab/gitlab.rb
```
For instalations from source:
```sh
cd /home/git/gitlab
sudo -u git -H editor config/gitlab.yml
```
1. See [Initial OmniAuth Configuration](omniauth.md#initial-omniauth-configuration) for initial settings.
1. Add the provider configuration:
For omnibus package:
```ruby
gitlab_rails['omniauth_providers'] = [
{
"name" => "crowd",
"args" => {
"crowd_server_url" => "CROWD",
"application_name" => "YOUR_APP_NAME",
"application_password" => "YOUR_APP_PASSWORD"
}
}
]
```
For installations from source:
```
- { name: 'crowd',
args: {
crowd_server_url: 'CROWD SERVER URL',
application_name: 'YOUR_APP_NAME',
application_password: 'YOUR_APP_PASSWORD' } }
```
1. Change 'YOUR_APP_NAME' to the application name from Crowd applications page.
1. Change 'YOUR_APP_PASSWORD' to the application password you've set.
1. Save the configuration file.
1. Restart GitLab for the changes to take effect.
On the sign in page there should now be a Crowd tab in the sign in form.

View File

@ -76,6 +76,7 @@ Now we can choose one or more of the Supported Providers below to continue confi
- [Shibboleth](shibboleth.md)
- [Twitter](twitter.md)
- [SAML](saml.md)
- [Crowd](crowd.md)
## Enable OmniAuth for an Existing User