Commit graph

22 commits

Author SHA1 Message Date
Oswaldo Ferreira
e561b142fa Backport gitlab-ee!2456 2017-07-27 12:09:46 -04:00
Mateusz Pytel
a7c571ae4d #20628 Enable implicit flow in Gitlab as OAuth Provider
Closes #20628 by re-enabling implicit grant in Doorkeeper config. OAuth2 documentation refactored.
2017-07-07 16:54:48 +02:00
Markus Koller
b2ca28d24b Add specs for Doorkeeper resource_owner_authenticator 2017-03-07 15:08:15 +01:00
Markus Koller
c498289048 Implement OpenID Connect identity provider 2017-03-07 14:54:35 +01:00
Timothy Andrew
7fa06ed55d Calls to the API are checked for scope.
- Move the `Oauth2::AccessTokenValidationService` class to
  `AccessTokenValidationService`, since it is now being used for
  personal access token validation as well.

- Each API endpoint declares the scopes it accepts (if any). Currently,
  the top level API module declares the `api` scope, and the `Users` API
  module declares the `read_user` scope (for GET requests).

- Move the `find_user_by_private_token` from the API `Helpers` module to
  the `APIGuard` module, to avoid littering `Helpers` with more
  auth-related methods to support `find_user_by_private_token`
2016-12-16 16:29:31 +05:30
Patricio Cano
a4137411c6 Small refactor and syntax fixes. 2016-08-18 16:47:26 -05:00
Patricio Cano
c297800862 Removed unnecessary service for user retrieval and improved API error message. 2016-08-18 16:47:26 -05:00
Patricio Cano
e2f9c87600 Added checks for 2FA to the API /sessions endpoint and the Resource Owner Password Credentials flow. 2016-08-18 16:47:26 -05:00
Jacob Vosmaer
0e896ffe4e Improve Gitlab::Auth method names
Auth.find was a very generic name for a very specific method.
Auth.find_in_gitlab_or_ldap was inaccurate in GitLab EE where it also
looks in Kerberos.
2016-06-10 14:51:16 +02:00
Jacob Vosmaer
fea591e5c5 Rename finder to find_in_gitlab_or_ldap 2016-06-02 13:42:18 +02:00
Jacob Vosmaer
8299fc277d Merge branch 'master' into git-http-controller
Conflicts:
	config/routes.rb
2016-06-02 13:31:11 +02:00
Felipe Artur
56f3b243ce Add leading comment space cop 2016-05-31 19:33:46 -03:00
Jacob Vosmaer
b1ffc9f0fe Make CI/Oauth/rate limiting reusable 2016-04-29 18:58:55 +02:00
Valery Sizov
6f785d584b retrieving oauth token with LDAP credentials 2015-08-31 15:10:01 +03:00
Stan Hu
19163f84fb Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in
Closes #1612
2015-07-18 15:57:11 -07:00
Roshan Gautam
984f8077b3 Fix Resource Owner Password Authentication Flow 2015-04-17 11:47:02 -05:00
Valery Sizov
5194214e3a GitLab integration. Importer 2015-02-05 12:50:34 -08:00
Dmitriy Zaporozhets
4f1d1fc51b Convert hashes to ruby 1.9 style 2015-02-02 19:30:09 -08:00
Valery Sizov
e36334c770 allow to use http in redirect url 2015-01-22 18:39:05 -08:00
Valery Sizov
20028523b5 Application admin scaffold 2015-01-17 15:40:09 -08:00
Valery Sizov
f07b165ab7 OAuth API documentation update 2015-01-12 19:29:06 -08:00
Valery Sizov
e41dadcb33 Doorkeeper integration 2014-12-24 15:38:07 +02:00