From 83a870bf1a80fdb186d03b86a6e7403bdca164b3 Mon Sep 17 00:00:00 2001
From: Vincent Fazio <vfazio@xes-inc.com>
Date: Fri, 12 Jul 2019 10:58:13 -0500
Subject: [PATCH] Symbolize client_auth_method for quirked providers

Providers such as OpenIDConnect ultimately leverage the rack-oauth2
gem which requires the client_auth_method value to be defined as a
symbol in order to correctly select the authorization method used.

Derivative providers that specify OmniAuth::Strategies::OpenIDConnect as
their strategy_class will also convert this value to a symbol.

Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
---
 lib/gitlab/omniauth_initializer.rb | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lib/gitlab/omniauth_initializer.rb b/lib/gitlab/omniauth_initializer.rb
index 2a2083ebae0..ad1377a0892 100644
--- a/lib/gitlab/omniauth_initializer.rb
+++ b/lib/gitlab/omniauth_initializer.rb
@@ -52,6 +52,16 @@ module Gitlab
         args[:strategy_class] = args[:strategy_class].constantize
       end
 
+      # Providers that are known to depend on rack-oauth2, like those using
+      # Omniauth::Strategies::OpenIDConnect, need to be quirked so the
+      # client_auth_method argument value is passed as a symbol.
+      if (args[:strategy_class] == OmniAuth::Strategies::OpenIDConnect ||
+        args[:name] == 'openid_connect') &&
+        args[:client_auth_method].is_a?(String)
+
+        args[:client_auth_method] = args[:client_auth_method].to_sym
+      end
+
       args
     end