Commit graph

10 commits

Author SHA1 Message Date
Vincent Fazio
83a870bf1a Symbolize client_auth_method for quirked providers
Providers such as OpenIDConnect ultimately leverage the rack-oauth2
gem which requires the client_auth_method value to be defined as a
symbol in order to correctly select the authorization method used.

Derivative providers that specify OmniAuth::Strategies::OpenIDConnect as
their strategy_class will also convert this value to a symbol.

Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
2019-07-15 09:01:55 -05:00
Stan Hu
350f19f59f Bump omniauth_openid_connect to 0.3.1
In https://gitlab.com/gitlab-org/gitlab-ce/issues/62208, users were
seeing 404 errors when they configured their OpenID provider without a
name parameter since OmniAuth would use the name `openidconnect` instead
`openid_connect`.

https://github.com/m0n9oose/omniauth_openid_connect/pull/23 makes the
default parameter `openid_connect` so this additional initializer in
GitLab is not necessary. Plus, this change enables users to use multiple
OpenID Connect providers if they desire.
2019-06-08 08:04:44 -07:00
Stan Hu
a30d8e4a49 Make OpenID Connect work without requiring a name
If there is no name argument given, OmniAuth will try to guess the name
by the class name. In
https://github.com/omniauth/omniauth/blob/v1.9.0/lib/omniauth/strategy.rb#L139,
`OmniAuth::Strategies::OpenIDConnect` gets translated to
`openidconnect`.

This leads to an immediate 404 error after clicking the login button
because OmniAuth can't match the current route (/users/auth/openid_connect)
against the expected one (/users/auth/openidconnect).

Other providers, such as Google OAuth2, set this name as the default
option within the OmniAuth Strategy. Until a fix is merged upstream,
let's just set the parameter ourselves.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/62208
2019-06-06 16:23:23 -07:00
Stan Hu
bf8f4c135a Fix OmniAuth OAuth2Generic strategy not loading
In https://github.com/rails/rails/commit/83b767ce, Rails 5.1 removed
support for using a String to specify a middleware. When the
strategy_class argument is passed from the GitLab YAML config to Devise,
Devise passes the string value straight through to Rails, and GitLab
would crash with a NoMethodError inside ActionDispatch::MiddlewareStack.

To make this OmniAuth strategy work again, we normalize the arguments by
converting the strategy_class value into an actual Class.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/62216
2019-05-23 12:17:56 -07:00
gfyoung
c858f70d07 Enable frozen string for lib/gitlab/*.rb 2018-10-22 07:00:50 +00:00
Lin Jen-Shin
d0afab482f Disable SAML if OmniAuth is disabled
We also try to unify the way we setup OmniAuth, and how we check
if it's enabled or not.
2018-07-20 18:54:46 +08:00
Lin Jen-Shin
3b8b38fb0f If omniauth_auto_sign_in_with_provider is set,
it also means we're using omniauth, so we need to set it up.
2018-07-02 16:46:24 +08:00
James Edwards-Jones
60b480fe81 OmniauthInitializer refactoring 2018-03-22 00:24:53 +00:00
James Edwards-Jones
97cf5d737d Omniauth callbacks moved to methods 2018-03-20 17:39:53 +00:00
James Edwards-Jones
da2191afa0 OmniauthInitializer created to improve devise.rb
This should simplify refactoring and allow testing
2018-03-20 17:39:52 +00:00