95 lines
2.9 KiB
Markdown
95 lines
2.9 KiB
Markdown
|
# Omniauth::Gitlab
|
||
|
|
|
||
|
|
This is fork of [omniauth-gitlab](https://github.com/linchus/omniauth-gitlab) to support:
|
||
|
|
|
||
|
|
1. OmniAuth v1 and v2. OmniAuth v2 disables GET requests by default
|
||
|
|
and defaults to POST. GitLab already has patched v1 to use POST,
|
||
|
|
but other dependencies need to be updated:
|
||
|
|
https://gitlab.com/gitlab-org/gitlab/-/issues/30073.
|
||
|
|
|
||
|
|
2. [`oauth2`](https://github.com/oauth-xx/oauth2) v1.4.9 and up.
|
||
|
|
[v1.4.9 fixed relative URL handling](https://github.com/oauth-xx/oauth2/pull/469).
|
||
|
|
|
||
|
|
However, this breaks the default GitLab.com configuration and
|
||
|
|
existing configurations that use the `/api/v4` suffix in the `site`
|
||
|
|
parameter.
|
||
|
|
[omniauth-gitlab v4.0.0 fixed the first issue](https://github.com/linchus/omniauth-gitlab/pull/22),
|
||
|
|
but the second issue requires an admin to update `site` to drop the suffix.
|
||
|
|
|
||
|
|
This fork restores backwards compatibility that was removed in omniauth-gitlab v2.0.0:
|
||
|
|
https://github.com/linchus/omniauth-gitlab/commit/bb4cec2c9f8f067fdfe1f9aa219973e5d8e4a0a3
|
||
|
|
|
||
|
|
[](https://gitter.im/linchus/omniauth-gitlab?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
||
|
|
|
||
|
|
This is the OAuth2 strategy for authenticating to your GitLab service.
|
||
|
|
|
||
|
|
## Requirements
|
||
|
|
|
||
|
|
Gitlab 7.7.0+
|
||
|
|
|
||
|
|
## Installation
|
||
|
|
|
||
|
|
Add this line to your application's Gemfile:
|
||
|
|
|
||
|
|
gem 'omniauth-gitlab'
|
||
|
|
|
||
|
|
And then execute:
|
||
|
|
|
||
|
|
$ bundle
|
||
|
|
|
||
|
|
Or install it yourself as:
|
||
|
|
|
||
|
|
$ gem install omniauth-gitlab
|
||
|
|
|
||
|
|
## Basic Usage
|
||
|
|
|
||
|
|
use OmniAuth::Builder do
|
||
|
|
provider :gitlab, ENV['GITLAB_KEY'], ENV['GITLAB_SECRET']
|
||
|
|
end
|
||
|
|
|
||
|
|
## Standalone Usage
|
||
|
|
|
||
|
|
use OmniAuth::Builder do
|
||
|
|
provider :gitlab, ENV['GITLAB_KEY'], ENV['GITLAB_SECRET'],
|
||
|
|
{
|
||
|
|
client_options: {
|
||
|
|
site: 'https://gitlab.YOURDOMAIN.com/api/v4'
|
||
|
|
}
|
||
|
|
}
|
||
|
|
end
|
||
|
|
|
||
|
|
## Custom scopes
|
||
|
|
|
||
|
|
By default, the `api` scope is requested and must be allowed in GitLab's application configuration. To use different scopes:
|
||
|
|
|
||
|
|
use OmniAuth::Builder do
|
||
|
|
provider :gitlab, ENV['GITLAB_KEY'], ENV['GITLAB_SECRET'], scope: 'read_user openid'
|
||
|
|
end
|
||
|
|
|
||
|
|
Requesting a scope that is not configured will result the error "The requested scope is invalid, unknown, or malformed.".
|
||
|
|
|
||
|
|
## Old API version
|
||
|
|
|
||
|
|
API V3 will be unsupported from GitLab 9.5 and will be removed in GitLab 9.5 or later.
|
||
|
|
|
||
|
|
[https://gitlab.com/help/api/v3_to_v4.md](https://gitlab.com/help/api/v3_to_v4.md)
|
||
|
|
|
||
|
|
If you use GitLab 9.0 and below you could configure V3 API:
|
||
|
|
|
||
|
|
use OmniAuth::Builder do
|
||
|
|
provider :gitlab, ENV['GITLAB_KEY'], ENV['GITLAB_SECRET'],
|
||
|
|
{
|
||
|
|
client_options: {
|
||
|
|
site: 'https://gitlab.YOURDOMAIN.com/api/v3'
|
||
|
|
}
|
||
|
|
}
|
||
|
|
end
|
||
|
|
|
||
|
|
## Contributing
|
||
|
|
|
||
|
|
1. Fork it
|
||
|
|
2. Create your feature branch (`git checkout -b my-new-feature`)
|
||
|
|
3. Commit your changes (`git commit -am 'Add some feature'`)
|
||
|
|
4. Push to the branch (`git push origin my-new-feature`)
|
||
|
|
5. Create new Pull Request
|