Merge branch 'set-omniauth-full-host' into 'master'
Set OmniAuth full_host parameter to ensure redirect URIs are correct ### What does this MR do? This MR sets the OmniAuth `full_host` parameter to the configured GitLab URL to ensure the `redirect_uri` parameter is called with the right GitLab host. ### Why was this MR needed? [OmniAuth attempts to grab the request URI](http://awesomeprogrammer.com/blog/2012/12/09/dealing-with-omniauth-redirect-uri-mismatch-invalid-port-number-gotcha/) and use that. If you set up a reverse proxy that terminates SSL at the Web server layer (e.g. https://gitlab.domain.com), omniauth will use the internal URL (e.g. http://my-host:8080) in its redirect URI unless all the Web server headers are properly set (e.g. `X-Forwarded-Port`, etc.). This is easy to forget or mess up, and it's better to ensure that OmniAuth has the right value from the start. ### What are the relevant issue numbers? Closes #1967 See merge request !991
This commit is contained in:
commit
8fa9da49c4
2 changed files with 2 additions and 0 deletions
|
@ -4,6 +4,7 @@ v 7.14.0 (unreleased)
|
||||||
- Fix label read access for unauthenticated users (Daniel Gerhardt)
|
- Fix label read access for unauthenticated users (Daniel Gerhardt)
|
||||||
- Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in (Stan Hu)
|
- Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in (Stan Hu)
|
||||||
- Fix file upload dialog for comment editing (Daniel Gerhardt)
|
- Fix file upload dialog for comment editing (Daniel Gerhardt)
|
||||||
|
- Set OmniAuth full_host parameter to ensure redirect URIs are correct (Stan Hu)
|
||||||
- Expire Rails cache entries after two weeks to prevent endless Redis growth
|
- Expire Rails cache entries after two weeks to prevent endless Redis growth
|
||||||
- Add support for destroying project milestones (Stan Hu)
|
- Add support for destroying project milestones (Stan Hu)
|
||||||
|
|
||||||
|
|
|
@ -11,6 +11,7 @@ if Gitlab::LDAP::Config.enabled?
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
OmniAuth.config.full_host = Settings.gitlab['url']
|
||||||
OmniAuth.config.allowed_request_methods = [:post]
|
OmniAuth.config.allowed_request_methods = [:post]
|
||||||
#In case of auto sign-in, the GET method is used (users don't get to click on a button)
|
#In case of auto sign-in, the GET method is used (users don't get to click on a button)
|
||||||
OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present?
|
OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present?
|
||||||
|
|
Loading…
Reference in a new issue