PageRenderTime 802ms queryTime 27ms sortTime 4ms getByIdsTime 447ms findMatchingLines 274ms

100+ results results for 'gitlab oauth2 repo:jk/gitlab-ce' (802 ms)

Not the results you expected?
README.md https://gitlab.com/cori/gitlab-ce | Markdown | 392 lines
                    
3Automate GitLab via a simple and powerful API. All definitions can be found
                    
4under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api).
                    
5
                    
94
                    
95Read more about [GitLab as an OAuth2 client](oauth2.md).
                    
96
                    
261Date: Mon, 18 Jan 2016 09:43:18 GMT
                    
262Link: <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=3&per_page=3>; rel="last"
                    
263Status: 200 OK
                    
388
                    
389[GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API"
                    
390[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb
                    
391[ce-3749]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749
                    
392[ce-5951]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5951
                    
393
                    
                
README.md https://gitlab.com/jdipierro/gitlab-ce | Markdown | 392 lines
                    
3Automate GitLab via a simple and powerful API. All definitions can be found
                    
4under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api).
                    
5
                    
94
                    
95Read more about [GitLab as an OAuth2 client](oauth2.md).
                    
96
                    
261Date: Mon, 18 Jan 2016 09:43:18 GMT
                    
262Link: <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="last"
                    
263Status: 200 OK
                    
388
                    
389[GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API"
                    
390[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb
                    
391[ce-3749]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749
                    
392[ce-5951]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5951
                    
393
                    
                
omniauth.md https://gitlab.com/wolfgang42/gitlab-ce | Markdown | 330 lines
                    
12- [Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user)
                    
13- [OmniAuth configuration sample when using Omnibus GitLab](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master#omniauth-google-twitter-github-login)
                    
14- [Enable or disable Sign In with an OmniAuth provider without disabling import sources](#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources)
                    
23- [Bitbucket](bitbucket.md)
                    
24- [GitLab.com](gitlab.md)
                    
25- [Google](google.md)
                    
163```ruby
                    
164gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2']
                    
165```
                    
194
                    
195- Add the gem to your [Gemfile](https://gitlab.com/gitlab-org/gitlab/blob/master/Gemfile):
                    
196
                    
314```ruby
                    
315gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'azure_oauth2'
                    
316```
                    
                
README.md https://gitlab.com/hazelyang/gitlab-ee | Markdown | 355 lines
                    
3Automate GitLab via a simple and powerful API. All definitions can be found
                    
4under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api).
                    
5
                    
86
                    
87Read more about [GitLab as an OAuth2 client](oauth2.md).
                    
88
                    
90
                    
91> [Introduced][ce-3749] in GitLab 8.8.
                    
92
                    
238Date: Mon, 18 Jan 2016 09:43:18 GMT
                    
239Link: <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="last"
                    
240Status: 200 OK
                    
353[GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API"
                    
354[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb
                    
355[ce-3749]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749
                    
                
omniauth.md https://gitlab.com/xhang/gitlab | Markdown | 330 lines
                    
12- [Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user)
                    
13- [OmniAuth configuration sample when using Omnibus GitLab](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master#omniauth-google-twitter-github-login)
                    
14- [Enable or disable Sign In with an OmniAuth provider without disabling import sources](#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources)
                    
23- [Bitbucket](bitbucket.md)
                    
24- [GitLab.com](gitlab.md)
                    
25- [Google](google.md)
                    
163```ruby
                    
164gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2']
                    
165```
                    
194
                    
195- Add the gem to your [Gemfile](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/Gemfile):
                    
196
                    
314```ruby
                    
315gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'azure_oauth2'
                    
316```
                    
                
omniauth.md https://gitlab.com/tancnle/gitlab-ce | Markdown | 330 lines
                    
12- [Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user)
                    
13- [OmniAuth configuration sample when using Omnibus GitLab](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master#omniauth-google-twitter-github-login)
                    
14- [Enable or disable Sign In with an OmniAuth provider without disabling import sources](#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources)
                    
23- [Bitbucket](bitbucket.md)
                    
24- [GitLab.com](gitlab.md)
                    
25- [Google](google.md)
                    
163```ruby
                    
164gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2']
                    
165```
                    
194
                    
195- Add the gem to your [Gemfile](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/Gemfile):
                    
196
                    
314```ruby
                    
315gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'azure_oauth2'
                    
316```
                    
                
Gemfile https://gitlab.com/kivlor/gitlab-ce | Gemfile | 438 lines
                    
40gem 'omniauth-auth0', '~> 2.0.0'
                    
41gem 'omniauth-azure-oauth2', '~> 0.0.9'
                    
42gem 'omniauth-cas3', '~> 1.1.4'
                    
44gem 'omniauth-github', '~> 1.1.1'
                    
45gem 'omniauth-gitlab', '~> 1.0.2'
                    
46gem 'omniauth-google-oauth2', '~> 0.5.3'
                    
47gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
                    
48gem 'omniauth-oauth2-generic', '~> 0.2.2'
                    
49gem 'omniauth-saml', '~> 1.10'
                    
54gem 'omniauth-jwt', '~> 0.0.2'
                    
55gem 'rack-oauth2', '~> 1.2.1'
                    
56gem 'jwt', '~> 1.5.6'
                    
67
                    
68# GitLab Pages
                    
69gem 'validates_hostname', '~> 1.0.6'
                    
                
README.md https://gitlab.com/vino.v/gitlab-ee | Markdown | 384 lines
                    
3Automate GitLab via a simple and powerful API. All definitions can be found
                    
4under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api).
                    
5
                    
95
                    
96Read more about [GitLab as an OAuth2 client](oauth2.md).
                    
97
                    
254Date: Mon, 18 Jan 2016 09:43:18 GMT
                    
255Link: <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="last"
                    
256Status: 200 OK
                    
381
                    
382[GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API"
                    
383[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb
                    
383[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb
                    
384[ce-3749]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749
                    
385
                    
                
git_http_spec.rb https://gitlab.com/digiry/gitlab-ce | Ruby | 395 lines
                    
85          it "responds with status 404" do
                    
86            allow(Gitlab.config.gitlab_shell).to receive(:receive_pack).and_return(false)
                    
87
                    
96        it "responds with status 404" do
                    
97          allow(Gitlab.config.gitlab_shell).to receive(:upload_pack).and_return(false)
                    
98
                    
188              it "downloads get status 200" do
                    
189                clone_get "#{project.path_with_namespace}.git", user: 'oauth2', password: @token.token
                    
190
                    
194              it "uploads get status 401 (no project existence information leak)" do
                    
195                push_get "#{project.path_with_namespace}.git", user: 'oauth2', password: @token.token
                    
196
                    
208              it "repeated attempts followed by successful attempt" do
                    
209                options = Gitlab.config.rack_attack.git_basic_auth
                    
210                maxretry = options[:maxretry] - 1
                    
                
README.md https://gitlab.com/toanalien/gitlab-ee | Markdown | 326 lines
                    
3Automate GitLab via a simple and powerful API. All definitions can be found
                    
4under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api).
                    
5
                    
74
                    
75Instead of the `private_token` you can transmit the OAuth2 access token as a
                    
76header or as a parameter.
                    
89
                    
90Read more about [GitLab as an OAuth2 client](oauth2.md).
                    
91
                    
210Date: Mon, 18 Jan 2016 09:43:18 GMT
                    
211Link: <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="last"
                    
212Status: 200 OK
                    
324
                    
325[GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API"
                    
326[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb
                    
                
Gemfile https://gitlab.com/kalleva/gitlab-ee | Gemfile | 361 lines
                    
9# Specify a sprockets version due to increased performance
                    
10# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069
                    
11gem 'sprockets', '~> 3.6.0'
                    
25gem 'omniauth-auth0',         '~> 1.4.1'
                    
26gem 'omniauth-azure-oauth2',  '~> 0.0.6'
                    
27gem 'omniauth-bitbucket',     '~> 0.0.2'
                    
30gem 'omniauth-github',        '~> 1.1.1'
                    
31gem 'omniauth-gitlab',        '~> 1.0.0'
                    
32gem 'omniauth-google-oauth2', '~> 0.4.1'
                    
38gem 'gssapi', group: :kerberos
                    
39gem 'rack-oauth2',            '~> 1.2.1'
                    
40gem 'jwt'
                    
51
                    
52# GitLab Pages
                    
53gem 'validates_hostname', '~> 1.0.0'
                    
                
Gemfile https://gitlab.com/solidnerd/gitlab-ce | Gemfile | 441 lines
                    
40gem 'omniauth-auth0', '~> 2.0.0'
                    
41gem 'omniauth-azure-oauth2', '~> 0.0.9'
                    
42gem 'omniauth-cas3', '~> 1.1.4'
                    
44gem 'omniauth-github', '~> 1.3'
                    
45gem 'omniauth-gitlab', '~> 1.0.2'
                    
46gem 'omniauth-google-oauth2', '~> 0.5.3'
                    
47gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
                    
48gem 'omniauth-oauth2-generic', '~> 0.2.2'
                    
49gem 'omniauth-saml', '~> 1.10'
                    
53gem 'omniauth-authentiq', '~> 0.3.3'
                    
54gem 'rack-oauth2', '~> 1.2.1'
                    
55gem 'jwt', '~> 1.5.6'
                    
66
                    
67# GitLab Pages
                    
68gem 'validates_hostname', '~> 1.0.6'
                    
                
doorkeeper.rb https://gitlab.com/lemoncurry/gitlab-ce | Ruby | 102 lines
                    
14  resource_owner_from_credentials do |routes|
                    
15    Gitlab::Auth.new.find(params[:username], params[:password])
                    
16  end
                    
39  # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
                    
40  # by default in non-development environments). OAuth2 delegates security in
                    
41  # communication to the HTTPS protocol so it is wise to keep this enabled.
                    
71  # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL
                    
72  # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
                    
73  #
                    
                
api_guard.rb https://gitlab.com/artofhuman/gitlab-ce | Ruby | 144 lines
                    
80      def api_access_allowed?(user)
                    
81        Gitlab::UserAccess.new(user).allowed? && user.can?(:access_api)
                    
82      end
                    
99
                    
100        base.__send__(:rescue_from, *error_classes, oauth2_bearer_token_error_handler) # rubocop:disable GitlabSecurity/PublicSend
                    
101      end
                    
102
                    
103      def oauth2_bearer_token_error_handler
                    
104        proc do |e|
                    
106            case e
                    
107            when Gitlab::Auth::MissingTokenError
                    
108              Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new
                    
134                :insufficient_scope,
                    
135                Rack::OAuth2::Server::Resource::ErrorMethods::DEFAULT_DESCRIPTION[:insufficient_scope],
                    
136                { scope: e.scopes })
                    
                
Base.php https://gitlab.com/x33n/kanboard | PHP | 118 lines
                    
20 * @property \Core\MemoryCache             $memoryCache
                    
21 * @property \Core\OAuth2                  $oauth
                    
22 * @property \Core\Router                  $router
                    
25 * @property \Integration\GithubWebhook    $githubWebhook
                    
26 * @property \Integration\GitlabWebhook    $gitlabWebhook
                    
27 * @property \Integration\HipchatWebhook   $hipchatWebhook
                    
                
core.js https://gitlab.com/CarimA/NitxBotDiscord | JavaScript | 209 lines
                    
30            aliases: [ 'git', 'source', 'sourcecode' ],
                    
31            description: 'Posts a link to the GitLab repository for the bot.',
                    
32            action: (user, userID, channelID, event, args, callback) => {
                    
34                    to: channelID, 
                    
35                    message: `GitLab repository: **https://gitlab.com/CarimA/NitxBotDiscord**`
                    
36                });
                    
66                    to: channelID,
                    
67                    message: `Want me to come to your own server? Head on to https://discordapp.com/oauth2/authorize?client_id=223144453555224578&scope=bot and select your server under the dropdown menu and hit *Authorize*. Note that you require **Manage Server** permissions in order to invite me somewhere!`
                    
68                });
                    
                
README.md https://gitlab.com/OdNairy/gitlab-ee | Markdown | 73 lines
                    
6- [CI/CD](ci/README.md) GitLab Continuous Integration (CI) and Continuous Delivery (CD) getting started, `.gitlab-ci.yml` options, and examples.
                    
7- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
                    
8- [Container Registry](container_registry/README.md) Learn how to use GitLab Container Registry.
                    
8- [Container Registry](container_registry/README.md) Learn how to use GitLab Container Registry.
                    
9- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab.
                    
10- [Importing to GitLab](workflow/importing/README.md).
                    
38- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, LDAP and Twitter.
                    
39- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components.
                    
40- [Issue closing](customization/issue_closing.md) Customize how to close an issue from commit messages.
                    
52- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails.
                    
53- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE.
                    
54- [Downgrade back to CE](downgrade_ee_to_ce/README.md) Follow this guide if you need to downgrade from EE to CE.
                    
59- [Elasticsearch](integration/elasticsearch.md) Enable Elasticsearch.
                    
60- [GitLab GEO](gitlab-geo/README.md) Configure GitLab GEO, a secondary read-only GitLab instance.
                    
61- [GitLab Performance Monitoring](monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics.
                    
                
Gemfile https://gitlab.com/jnoortheen/gitlab-ce | Gemfile | 355 lines
                    
25gem 'omniauth-auth0', '~> 1.4.1'
                    
26gem 'omniauth-azure-oauth2', '~> 0.0.6'
                    
27gem 'omniauth-cas3', '~> 1.1.2'
                    
29gem 'omniauth-github', '~> 1.1.1'
                    
30gem 'omniauth-gitlab', '~> 1.0.2'
                    
31gem 'omniauth-google-oauth2', '~> 0.4.1'
                    
32gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
                    
33gem 'omniauth-oauth2-generic', '~> 0.2.2'
                    
34gem 'omniauth-saml', '~> 1.7.0'
                    
38gem 'omniauth-authentiq', '~> 0.3.0'
                    
39gem 'rack-oauth2', '~> 1.2.1'
                    
40gem 'jwt', '~> 1.5.6'
                    
51
                    
52# GitLab Pages
                    
53gem 'validates_hostname', '~> 1.0.6'
                    
                
omniauth.md https://gitlab.com/Stretch96/gitlab-ce | Markdown | 272 lines
                    
12- [Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user)
                    
13- [OmniAuth configuration sample when using Omnibus GitLab](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master#omniauth-google-twitter-github-login)
                    
14- [Enable or disable Sign In with an OmniAuth provider without disabling import sources](#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources)
                    
23- [Bitbucket](bitbucket.md)
                    
24- [GitLab.com](gitlab.md)
                    
25- [Google](google.md)
                    
160```ruby
                    
161  gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2']
                    
162```
                    
189
                    
190-   Add the gem to your [Gemfile](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/Gemfile):
                    
191
                    
261```ruby
                    
262  gitlab_rails['sync_profile_from_provider'] = ['twitter', 'google_oauth2']
                    
263  gitlab_rails['sync_profile_attributes'] = ['name', 'email', 'location']
                    
                
main.go https://gitlab.com/rvaz/orgo | Go | 79 lines
                    
7	log "github.com/Sirupsen/logrus"
                    
8	oauth2google "golang.org/x/oauth2/google"
                    
9	calendar "google.golang.org/api/calendar/v3"
                    
9	calendar "google.golang.org/api/calendar/v3"
                    
10	oauth2api "google.golang.org/api/oauth2/v2"
                    
11
                    
15	"gitlab.com/rvaz/orgo/dropbox"
                    
16	"gitlab.com/rvaz/orgo/google"
                    
17	"gitlab.com/rvaz/orgo/web"
                    
17	"gitlab.com/rvaz/orgo/web"
                    
18	"gitlab.com/rvaz/orgo/work"
                    
19	"golang.org/x/oauth2"
                    
40		Endpoint:     oauth2google.Endpoint,
                    
41		Scopes:       []string{calendar.CalendarScope, oauth2api.UserinfoEmailScope, oauth2api.UserinfoProfileScope},
                    
42	}
                    
                
oauth_login_spec.rb https://gitlab.com/wolfgang42/gitlab-ce | Ruby | 128 lines
                    
17
                    
18  providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2,
                    
19               :facebook, :cas3, :auth0, :authentiq, :salesforce]
                    
60        it 'when bypass-two-factor is enabled' do
                    
61          allow(Gitlab.config.omniauth).to receive_messages(allow_bypass_two_factor: true)
                    
62          login_via(provider.to_s, user, uid, remember_me: false, additional_info: additional_info)
                    
66        it 'when bypass-two-factor is disabled' do
                    
67          allow(Gitlab.config.omniauth).to receive_messages(allow_bypass_two_factor: false)
                    
68          login_with_provider(provider, enter_two_factor: true, additional_info: additional_info)
                    
                
auth_spec.rb https://gitlab.com/kalleva/gitlab-ee | Ruby | 108 lines
                    
2
                    
3describe Gitlab::Auth, lib: true do
                    
4  let(:gl_auth) { described_class }
                    
14      expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'gitlab-ci-token')
                    
15      expect(gl_auth.find_for_git_client('gitlab-ci-token', token, project: project, ip: ip)).to eq(Gitlab::Auth::Result.new(nil, :ci))
                    
16    end
                    
22      expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: user.username)
                    
23      expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, :gitlab_or_ldap))
                    
24    end
                    
32      expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'oauth2')
                    
33      expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, :oauth))
                    
34    end
                    
40      expect(gl_auth).to receive(:rate_limit!).with(ip, success: false, login: login)
                    
41      expect(gl_auth.find_for_git_client(login, 'bar', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new)
                    
42    end
                    
                
2018-03-26-summary-of-limited-gitlab-credentials-exposed.html.md https://gitlab.com/syedahmedz1/www-gitlab-com | Markdown | 59 lines
                    
13
                    
14From February 19, 2018 to March 19, 2018, some GitLab.com personal access tokens and third-party credentials were inadvertently exposed publicly via an unprotected logging dashboard. The affected users represent approximately 0.5 percent of our GitLab.com user base. While the dashboard was originally protected from unauthorized access, a recent configuration change made this internal system publically accessible.
                    
15
                    
29* [Sanitize private_token field in HA Proxy logs](https://gitlab.com/gitlab-cookbooks/gitlab_fluentd/merge_requests/7)
                    
30* [Reconfigure OAuth mechanism, removing ‘*’ email domain access](https://gitlab.com/gitlab-cookbooks/gitlab-oauth2-proxy/merge_requests/10)
                    
31
                    
33
                    
34On March 19, 2018, GitLab user Ryan Hefner discovered an authentication misconfiguration on our internal logging dashboard. A configuration change was made incorrectly on February 19, 2018, which resulted in potential public read-only access to the centralized, internal logging server for GitLab. This misconfiguration was resolved immediately upon notification.
                    
35
                    
35
                    
36GitLab uses an OAuth proxy service to authenticate all access to our internal logging infrastructure. Previously, this proxy service had been correctly configured to only allow access to authorized GitLab engineers. However, in the course of migrating this proxy service to our new cloud infrastructure, we inadvertently introduced a misconfiguration that allowed anyone with a valid Google account read-only access to our internal logging server, instead of the intended behavior of allowing only authorized GitLab engineering accounts.
                    
37
                    
58
                    
59In keeping with our company value of transparency we also believe in communicating about such incidents clearly and promptly. If you have any questions, please contact [security@gitlab.com](mailto:security@gitlab.com).
                    
60
                    
                
google.md https://gitlab.com/espadav8/gitlab-ce | Markdown | 93 lines
                    
25    - Application type: "Web Application"
                    
26    - Authorized JavaScript origins: This isn't really used by GitLab but go ahead and put 'https://gitlab.example.com' here.
                    
27    - Authorized redirect URI: 'https://gitlab.example.com/users/auth/google_oauth2/callback'
                    
34    ```sh
                    
35      sudo editor /etc/gitlab/gitlab.rb
                    
36    ```
                    
40    ```sh
                    
41      cd /home/git/gitlab
                    
42
                    
79
                    
80On the sign in page there should now be a Google icon below the regular sign in form. Click the icon to begin the authentication process. Google will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
                    
81
                    
92[reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
                    
93[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
                    
94
                    
                
Gemfile https://gitlab.com/griest/gitlab-ce | Gemfile | 429 lines
                    
28gem 'omniauth-auth0', '~> 1.4.1'
                    
29gem 'omniauth-azure-oauth2', '~> 0.0.9'
                    
30gem 'omniauth-cas3', '~> 1.1.4'
                    
32gem 'omniauth-github', '~> 1.1.1'
                    
33gem 'omniauth-gitlab', '~> 1.0.2'
                    
34gem 'omniauth-google-oauth2', '~> 0.5.2'
                    
35gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
                    
36gem 'omniauth-oauth2-generic', '~> 0.2.2'
                    
37gem 'omniauth-saml', '~> 1.7.0'
                    
41gem 'omniauth-authentiq', '~> 0.3.1'
                    
42gem 'rack-oauth2', '~> 1.2.1'
                    
43gem 'jwt', '~> 1.5.6'
                    
54
                    
55# GitLab Pages
                    
56gem 'validates_hostname', '~> 1.0.6'
                    
                
admin_settings_spec.rb https://gitlab.com/beverett/gitlab-ce | Ruby | 284 lines
                    
83
                    
84    expect(Gitlab::CurrentSettings.home_page_url).to eq "https://about.gitlab.com/"
                    
85    expect(page).to have_content "Application settings saved successfully"
                    
96    expect(page).to have_content "Application settings saved successfully"
                    
97    expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).to include('google_oauth2')
                    
98
                    
104    expect(page).to have_content "Application settings saved successfully"
                    
105    expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).not_to include('google_oauth2')
                    
106  end
                    
116    expect(Gitlab::CurrentSettings.help_page_text).to eq "Example text"
                    
117    expect(Gitlab::CurrentSettings.help_page_hide_commercial_content).to be_truthy
                    
118    expect(Gitlab::CurrentSettings.help_page_support_url).to eq "http://example.com/help"
                    
128
                    
129    expect(Gitlab::CurrentSettings.max_pages_size).to eq 15
                    
130    expect(Gitlab::CurrentSettings.pages_domain_verification_enabled?).to be_truthy
                    
                
personal_access_tokens.md https://gitlab.com/gitlab-r2devops/gitlab-foss | Markdown | 198 lines
                    
9
                    
10> - Notifications for expiring tokens [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) in GitLab 12.6.
                    
11> - Token lifetime limits [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) in GitLab 12.6.
                    
11> - Token lifetime limits [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) in GitLab 12.6.
                    
12> - Additional notifications for expiring tokens [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214721) in GitLab 13.3.
                    
13> - Prefill for token name and scopes [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/334664) in GitLab 14.1.
                    
97| `read_user`        | Read-only for endpoints under `/users`. Essentially, access to any of the `GET` requests in the [Users API](../../api/users.md). |
                    
98| `read_api`         | Read-only for the complete API, including all groups and projects, the Container Registry, and the Package Registry. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28944) in GitLab 12.10.) |
                    
99| `read_repository`  | Read-only (pull) for the repository through `git clone`. |
                    
101| `read_registry`    | Read-only (pull) for [Container Registry](../packages/container_registry/index.md) images if a project is private and authorization is required. |
                    
102| `write_registry`   | Read-write (push) for [Container Registry](../packages/container_registry/index.md) images if a project is private and authorization is required. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28958) in GitLab 12.10.) |
                    
103| `sudo`             | API actions as any user in the system (if the authenticated user is an administrator). |
                    
137   The token must be 20 characters long. The scopes must be valid and are visible
                    
138   [in the source code](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/auth.rb).
                    
139
                    
                
auth_spec.rb https://gitlab.com/vilhelmen/gitlab-ce | Ruby | 177 lines
                    
2
                    
3describe Gitlab::Auth, lib: true do
                    
4  let(:gl_auth) { described_class }
                    
24
                    
25          expect(subject).to eq(Gitlab::Auth::Result.new(build.user, build.project, :build, build_authentication_abilities))
                    
26        end
                    
60      expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: user.username)
                    
61      expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
                    
62    end
                    
75      ip = 'ip'
                    
76      token = Gitlab::LfsToken.new(key).token
                    
77
                    
88      expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'oauth2')
                    
89      expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, read_authentication_abilities))
                    
90    end
                    
                
auth_spec.rb https://gitlab.com/ivlt/gitlab-ce | Ruby | 177 lines
                    
2
                    
3describe Gitlab::Auth, lib: true do
                    
4  let(:gl_auth) { described_class }
                    
24
                    
25          expect(subject).to eq(Gitlab::Auth::Result.new(build.user, build.project, :build, build_authentication_abilities))
                    
26        end
                    
60      expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: user.username)
                    
61      expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
                    
62    end
                    
75      ip = 'ip'
                    
76      token = Gitlab::LfsToken.new(key).generate
                    
77
                    
88      expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'oauth2')
                    
89      expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, read_authentication_abilities))
                    
90    end
                    
                
wiki_pipeline.rb https://gitlab.com/18dit020/gitlab | Ruby | 55 lines
                    
22          wiki = context.portable.wiki
                    
23          url = data[:url].sub("://", "://oauth2:#{context.configuration.access_token}@")
                    
24
                    
24
                    
25          Gitlab::UrlBlocker.validate!(url, allow_local_network: allow_local_requests?, allow_localhost: allow_local_requests?)
                    
26
                    
35          root = context.configuration.url
                    
36          Gitlab::Utils.append_path(root, wiki_path)
                    
37        end
                    
39        def allow_local_requests?
                    
40          Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services?
                    
41        end
                    
                
Gemfile https://gitlab.com/axil/gitlab-ee.git | Gemfile | 303 lines
                    
23gem 'omniauth-github',        '~> 1.1.1'
                    
24gem 'omniauth-gitlab',        '~> 1.0.0'
                    
25gem 'omniauth-google-oauth2', '~> 0.2.0'
                    
31gem 'gssapi', group: :kerberos
                    
32gem 'rack-oauth2',            '~> 1.0.5'
                    
33
                    
42# Extracting information from a git repository
                    
43# Provide access to Gitlab::Git library
                    
44gem "gitlab_git", '~> 7.2.20'
                    
46# LDAP Auth
                    
47# GitLab fork with several improvements to original library. For full list of changes
                    
48# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
                    
48# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
                    
49gem 'gitlab_omniauth-ldap', '~> 1.2.1', require: "omniauth-ldap"
                    
50gem 'net-ldap'
                    
                
README.md https://gitlab.com/Hubbitus/gitlab-ee | Markdown | 67 lines
                    
6- [CI](ci/README.md) GitLab Continuous Integration (CI) getting started, `.gitlab-ci.yml` options, and examples.
                    
7- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
                    
8- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab.
                    
19- [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN.
                    
20- [GitLab Pages](pages/README.md) Using GitLab Pages.
                    
21- [Custom templates for issues and merge requests](customization/issue_and_merge_request_template.md) Pre-fill the description of issues and merge requests to your liking.
                    
35- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, LDAP and Twitter.
                    
36- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components
                    
37- [Issue closing](customization/issue_closing.md) Customize how to close an issue from commit messages.
                    
48- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails.
                    
49- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE.
                    
50- [Downgrade back to CE](downgrade_ee_to_ce/README.md) Follow this guide if you need to downgrade from EE to CE.
                    
58- [High Availability](administration/high_availability/README.md) Configure multiple servers for scaling or high availability
                    
59- [GitLab GEO](gitlab-geo/README.md) Configure GitLab GEO, a
                    
60  secondary read-only GitLab instance
                    
                
Gemfile https://gitlab.com/das_j/gitlab-ce | Gemfile | 349 lines
                    
9# Specify a sprockets version due to increased performance
                    
10# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069
                    
11gem 'sprockets', '~> 3.6.0'
                    
24gem 'omniauth-auth0',         '~> 1.4.1'
                    
25gem 'omniauth-azure-oauth2',  '~> 0.0.6'
                    
26gem 'omniauth-bitbucket',     '~> 0.0.2'
                    
29gem 'omniauth-github',        '~> 1.1.1'
                    
30gem 'omniauth-gitlab',        '~> 1.0.0'
                    
31gem 'omniauth-google-oauth2', '~> 0.2.0'
                    
36gem 'omniauth_crowd',         '~> 2.2.0'
                    
37gem 'rack-oauth2',            '~> 1.2.1'
                    
38gem 'jwt'
                    
53# Extracting information from a git repository
                    
54# Provide access to Gitlab::Git library
                    
55gem "gitlab_git", '~> 10.0'
                    
                
github_controller.rb https://gitlab.com/klml/gitlab-ee | Ruby | 268 lines
                    
17  rescue_from Octokit::TooManyRequests, with: :provider_rate_limit
                    
18  rescue_from Gitlab::GithubImport::RateLimitError, with: :rate_limit_threshold_exceeded
                    
19
                    
41    # Request repos to display error page if provider token is invalid
                    
42    # Improving in https://gitlab.com/gitlab-org/gitlab-foss/issues/55585
                    
43    client_repos
                    
104  def expire_etag_cache
                    
105    Gitlab::EtagCaching::Store.new.tap do |store|
                    
106      store.touch(realtime_changes_path)
                    
111    @client ||= if Feature.enabled?(:remove_legacy_github_client)
                    
112                  Gitlab::GithubImport::Client.new(session[access_token_key])
                    
113                else
                    
138
                    
139    @oauth_client ||= ::OAuth2::Client.new(
                    
140      oauth_config.app_id,
                    
                
README.md https://gitlab.com/smuthusamy.fivedtech/gitlab-ee | Markdown | 79 lines
                    
8- [Custom templates for issues and merge requests](customization/issue_and_merge_request_template.md) Pre-fill the description of issues and merge requests to your liking.
                    
9- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
                    
10- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry.
                    
10- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry.
                    
11- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab.
                    
12- [GitLab Pages](pages/README.md) Using GitLab Pages.
                    
42- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, LDAP and Twitter.
                    
43- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components.
                    
44- [Issue closing pattern](administration/issue_closing_pattern.md) Customize how to close an issue from commit messages.
                    
57- [Reply by email](administration/reply_by_email.md) Allow users to comment on issues and merge requests by replying to notification emails.
                    
58- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE.
                    
59- [Downgrade back to CE](downgrade_ee_to_ce/README.md) Follow this guide if you need to downgrade from EE to CE.
                    
64- [Elasticsearch](integration/elasticsearch.md) Enable Elasticsearch.
                    
65- [GitLab GEO](gitlab-geo/README.md) Configure GitLab GEO, a secondary read-only GitLab instance.
                    
66- [GitLab Performance Monitoring](administration/monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics.
                    
                
doorkeeper.rb https://gitlab.com/abuhazim/gitlab-foss | Ruby | 123 lines
                    
8  # Restore to pre-5.1 generator due to breaking change.
                    
9  # See https://gitlab.com/gitlab-org/gitlab/-/issues/244371
                    
10  default_generator_method :hex
                    
25  resource_owner_from_credentials do |routes|
                    
26    user = Gitlab::Auth.find_with_user_password(params[:username], params[:password], increment_failed_attempts: true)
                    
27    user unless user.try(:two_factor_enabled?)
                    
41  # Until 15.0, applications can opt-out of expiring tokens.
                    
42  # Removal issue: https://gitlab.com/gitlab-org/gitlab/-/issues/340848
                    
43  custom_access_token_expires_in do |context|
                    
59  # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
                    
60  # by default in non-development environments). OAuth2 delegates security in
                    
61  # communication to the HTTPS protocol so it is wise to keep this enabled.
                    
120  #
                    
121  # We might want to disable this in the future, see https://gitlab.com/gitlab-org/gitlab/-/issues/323615
                    
122  skip_client_authentication_for_password_grant true
                    
                
README.md https://gitlab.com/daniel.hoffmann/gitlab-ee | Markdown | 94 lines
                    
5- [API](api/README.md) Automate GitLab via a simple and powerful API.
                    
6- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
                    
7- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab.
                    
18- [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN.
                    
19- [GitLab Pages](pages/README.md) Using GitLab Pages.
                    
20- [Custom templates for issues and merge requests](customization/issue_and_merge_request_template.md) Pre-fill the description of issues and merge requests to your liking.
                    
64- [Install](install/README.md) Requirements, directory structures and installation from source.
                    
65- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components
                    
66- [Installing your license](license/README.md)
                    
78- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails.
                    
79- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE.
                    
80- [Downgrade back to CE](downgrade_ee_to_ce/README.md) Follow this guide if you need to downgrade from EE to CE.
                    
85- [Elasticsearch](integration/elasticsearch.md) Enable Elasticsearch
                    
86- [GitLab Performance Monitoring](monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics
                    
87
                    
                
Gemfile https://gitlab.com/axil/gitlab | Gemfile | 523 lines
                    
25gem 'devise', '~> 4.7.2'
                    
26# TODO: verify ARM compile issue on 3.1.13+ version (see https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18828)
                    
27gem 'bcrypt', '3.1.12'
                    
89gem 'graphql', '~> 1.11.4'
                    
90# NOTE: graphiql-rails v1.5+ doesn't work: https://gitlab.com/gitlab-org/gitlab/issues/31771
                    
91# TODO: remove app/views/graphiql/rails/editors/show.html.erb when https://github.com/rmosolgo/graphiql-rails/pull/71 is released:
                    
423
                    
424  # Moved in `test` because https://gitlab.com/gitlab-org/gitlab/-/issues/217527
                    
425  gem 'derailed_benchmarks', require: false
                    
429
                    
430# https://gitlab.com/gitlab-org/gitlab/issues/207207
                    
431gem 'gitlab-mail_room', '~> 0.0.8', require: 'mail_room'
                    
500# Monkey-patched in `config/initializers/mail_encoding_patch.rb`
                    
501# See https://gitlab.com/gitlab-org/gitlab/issues/197386
                    
502gem 'mail', '= 2.7.1'
                    
                
atlassian.md https://gitlab.com/klml/gitlab-ee | Markdown | 86 lines
                    
20
                    
211. Note the `Client ID` and `Secret` for the [GitLab configuration](#gitlab-configuration) steps.
                    
22
                    
24
                    
251. Enter the GitLab callback URL using the format `https://gitlab.example.com/users/auth/atlassian_oauth2/callback` and click **Save changes**.
                    
26
                    
42   ```shell
                    
43   sudo editor /etc/gitlab/gitlab.rb
                    
44   ```
                    
48   ```shell
                    
49   sudo -u git -H editor /home/git/gitlab/config/gitlab.yml
                    
50   ```
                    
81
                    
821. [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) or [restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect if you installed GitLab via Omnibus or from source respectively.
                    
83
                    
                
Gemfile https://gitlab.com/cuongtm/gitlab-ee | Gemfile | 343 lines
                    
9# Specify a sprockets version due to increased performance
                    
10# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069
                    
11gem 'sprockets', '~> 3.6.0'
                    
25gem 'omniauth-auth0',         '~> 1.4.1'
                    
26gem 'omniauth-azure-oauth2',  '~> 0.0.6'
                    
27gem 'omniauth-bitbucket',     '~> 0.0.2'
                    
30gem 'omniauth-github',        '~> 1.1.1'
                    
31gem 'omniauth-gitlab',        '~> 1.0.0'
                    
32gem 'omniauth-google-oauth2', '~> 0.2.0'
                    
38gem 'gssapi', group: :kerberos
                    
39gem 'rack-oauth2',            '~> 1.2.1'
                    
40
                    
49
                    
50# GitLab Pages
                    
51gem 'validates_hostname', '~> 1.0.0'
                    
                
bitbucket.md https://gitlab.com/tbeadle/gitlab-ce | Markdown | 138 lines
                    
45    | **Application description** | Fill this in if you wish. |
                    
46    | **Callback URL** | The URL to your GitLab installation, e.g., `https://gitlab.example.com`. |
                    
47    | **URL** | The URL to your GitLab installation, e.g., `https://gitlab.example.com`. |
                    
75    # For Omnibus packages
                    
76    sudo editor /etc/gitlab/gitlab.rb
                    
77
                    
78    # For installations from source
                    
79    sudo -u git -H editor /home/git/gitlab/config/gitlab.yml
                    
80    ```
                    
134[bb-import]: ../workflow/importing/import_projects_from_bitbucket.md
                    
135[bb-old]: https://gitlab.com/gitlab-org/gitlab-ce/blob/8-14-stable/doc/integration/bitbucket.md
                    
136[bitbucket-docs]: https://confluence.atlassian.com/bitbucket/use-the-ssh-protocol-with-bitbucket-cloud-221449711.html#UsetheSSHprotocolwithBitbucketCloud-KnownhostorBitbucket%27spublickeyfingerprints
                    
136[bitbucket-docs]: https://confluence.atlassian.com/bitbucket/use-the-ssh-protocol-with-bitbucket-cloud-221449711.html#UsetheSSHprotocolwithBitbucketCloud-KnownhostorBitbucket%27spublickeyfingerprints
                    
137[reconfigure GitLab]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
                    
138[restart]: ../administration/restart_gitlab.md#installations-from-source
                    
                
auth.rb https://gitlab.com/espadav8/gitlab-ce | Ruby | 228 lines
                    
6
                    
7    # Scopes used for GitLab API access
                    
8    API_SCOPES = [:api, :read_user].freeze
                    
37        rate_limit!(ip, success: result.success?, login: login)
                    
38        Gitlab::Auth::UniqueIpsLimiter.limit_user!(result.actor)
                    
39
                    
98          if service && service.activated? && service.valid_token?(password)
                    
99            Gitlab::Auth::Result.new(nil, project, :ci, build_authentication_abilities)
                    
100          end
                    
109
                    
110        Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)
                    
111      end
                    
113      def oauth_access_token_check(login, password)
                    
114        if login == "oauth2" && password.present?
                    
115          token = Doorkeeper::AccessToken.by_token(password)
                    
                
2021-03-06-tokens-pls.md https://gitlab.com/jamietanna/jvt.me | Markdown | 52 lines
                    
1---
                    
2title: "Introducing tokens-pls, a Web Application to Test OAuth2 Code Flows"
                    
3description: "Announcing my new project, tokens-pls, which allows for easier manual testing with the OAuth2 code flow for Public Clients."
                    
5- indieauth
                    
6- oauth2
                    
7- token-pls
                    
17
                    
18Fortunately, the OAuth2 Authorization Code grant is pretty straightforward, so doing this locally with i.e. `curl` is an OK process to go through, as well as using a guided tool such as <span class="h-card"><a class="u-url" href="https://seblog.nl">Sebastiaan Andeweg</a></span>'s <a href="http://gimme-a-token.5eb.nl/">gimme-a-token.5eb.nl</a>.
                    
19
                    
21
                    
22I was thinking of creating a small script to go through the OAuth2 flow locally, with me copying-and-pasting the callback URL with granted authorization code, but thought I'd think a bit better about making this as easy as possible.
                    
23
                    
23
                    
24I've created a Sinatra app, [tokens-pls](https://gitlab.com/jamietanna/tokens-pls) for this, which provides an easy tool for going through the Authorization Code flow for a [Public Client](https://tools.ietf.org/html/draft-ietf-oauth-v2-1-01#section-2.1), which is currently hosted on Heroku at [tokens-pls.herokuapp.com](https://tokens-pls.herokuapp.com).
                    
25
                    
                
doorkeeper.rb https://gitlab.com/effigies/gitlab-ce | Ruby | 102 lines
                    
14  resource_owner_from_credentials do |routes|
                    
15    Gitlab::Auth.find_with_user_password(params[:username], params[:password])
                    
16  end
                    
39  # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
                    
40  # by default in non-development environments). OAuth2 delegates security in
                    
41  # communication to the HTTPS protocol so it is wise to keep this enabled.
                    
71  # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL
                    
72  # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
                    
73  #
                    
                
index.md https://github.com/backstage/backstage.git | Markdown | 118 lines
                    
21- [GitHub](github/provider.md)
                    
22- [GitLab](gitlab/provider.md)
                    
23- [Google](google/provider.md)
                    
110
                    
111There are generic authentication providers for OAuth2 and SAML. These can reduce
                    
112the amount of code needed to implement a custom authentication provider that
                    
                
admin_settings_spec.rb https://gitlab.com/tbeadle/gitlab-ce | Ruby | 336 lines
                    
86
                    
87    expect(Gitlab::CurrentSettings.home_page_url).to eq "https://about.gitlab.com/"
                    
88    expect(page).to have_content "Application settings saved successfully"
                    
115    expect(page).to have_content "Application settings saved successfully"
                    
116    expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).to include('google_oauth2')
                    
117
                    
123    expect(page).to have_content "Application settings saved successfully"
                    
124    expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).not_to include('google_oauth2')
                    
125  end
                    
135    expect(page).to have_content "Application settings saved successfully"
                    
136    expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).to include('google_oauth2')
                    
137
                    
146    expect(page).to have_content "Application settings saved successfully"
                    
147    expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).to include('google_oauth2')
                    
148  end
                    
                
doorkeeper.rb https://gitlab.com/toanalien/gitlab-ee | Ruby | 102 lines
                    
14  resource_owner_from_credentials do |routes|
                    
15    Gitlab::Auth.find_in_gitlab_or_ldap(params[:username], params[:password])
                    
16  end
                    
39  # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
                    
40  # by default in non-development environments). OAuth2 delegates security in
                    
41  # communication to the HTTPS protocol so it is wise to keep this enabled.
                    
71  # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL
                    
72  # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
                    
73  #
                    
                
Gemfile https://gitlab.com/ja-me-sk/gitlab-ce | Gemfile | 410 lines
                    
28gem 'omniauth-auth0', '~> 1.4.1'
                    
29gem 'omniauth-azure-oauth2', '~> 0.0.6'
                    
30gem 'omniauth-cas3', '~> 1.1.2'
                    
32gem 'omniauth-github', '~> 1.1.1'
                    
33gem 'omniauth-gitlab', '~> 1.0.2'
                    
34gem 'omniauth-google-oauth2', '~> 0.4.1'
                    
35gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
                    
36gem 'omniauth-oauth2-generic', '~> 0.2.2'
                    
37gem 'omniauth-saml', '~> 1.7.0'
                    
41gem 'omniauth-authentiq', '~> 0.3.1'
                    
42gem 'rack-oauth2', '~> 1.2.1'
                    
43gem 'jwt', '~> 1.5.6'
                    
54
                    
55# GitLab Pages
                    
56gem 'validates_hostname', '~> 1.0.6'
                    
                
AuthHelper.php git://github.com/composer/composer.git | PHP | 264 lines
                    
115            }
                    
116        } elseif (in_array($origin, $this->config->get('gitlab-domains'), true)) {
                    
117            $message = "\n".'Could not fetch '.$url.', enter your ' . $origin . ' credentials ' .($statusCode === 401 ? 'to access private repos' : 'to go over the API rate limit');
                    
117            $message = "\n".'Could not fetch '.$url.', enter your ' . $origin . ' credentials ' .($statusCode === 401 ? 'to access private repos' : 'to go over the API rate limit');
                    
118            $gitLabUtil = new GitLab($this->io, $this->config, null);
                    
119
                    
119
                    
120            if ($this->io->hasAuthentication($origin) && ($auth = $this->io->getAuthentication($origin)) && in_array($auth['password'], array('gitlab-ci-token', 'private-token', 'oauth2'), true)) {
                    
121                throw new TransportException("Invalid credentials for '" . $url . "', aborting.", $statusCode);
                    
123
                    
124            if (!$gitLabUtil->authorizeOAuth($origin)
                    
125                && (!$this->io->isInteractive() || !$gitLabUtil->authorizeOAuthInteractively(parse_url($url, PHP_URL_SCHEME), $origin, $message))
                    
207                }
                    
208            } elseif (in_array($origin, $this->config->get('gitlab-domains'), true)) {
                    
209                if ($auth['password'] === 'oauth2') {
                    
                
Gemfile https://gitlab.com/mattl/gitlab-ce | Gemfile | 347 lines
                    
23gem 'omniauth-auth0',         '~> 1.4.1'
                    
24gem 'omniauth-azure-oauth2',  '~> 0.0.6'
                    
25gem 'omniauth-bitbucket',     '~> 0.0.2'
                    
28gem 'omniauth-github',        '~> 1.1.1'
                    
29gem 'omniauth-gitlab',        '~> 1.0.0'
                    
30gem 'omniauth-google-oauth2', '~> 0.4.1'
                    
35gem 'omniauth_crowd',         '~> 2.2.0'
                    
36gem 'rack-oauth2',            '~> 1.2.1'
                    
37gem 'jwt'
                    
52# Extracting information from a git repository
                    
53# Provide access to Gitlab::Git library
                    
54gem 'gitlab_git', '~> 10.6.7'
                    
56# LDAP Auth
                    
57# GitLab fork with several improvements to original library. For full list of changes
                    
58# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
                    
                
Gemfile https://gitlab.com/zczhuohuo/gitlab-ce | Gemfile | 347 lines
                    
23gem 'omniauth-auth0',         '~> 1.4.1'
                    
24gem 'omniauth-azure-oauth2',  '~> 0.0.6'
                    
25gem 'omniauth-bitbucket',     '~> 0.0.2'
                    
28gem 'omniauth-github',        '~> 1.1.1'
                    
29gem 'omniauth-gitlab',        '~> 1.0.0'
                    
30gem 'omniauth-google-oauth2', '~> 0.4.1'
                    
35gem 'omniauth_crowd',         '~> 2.2.0'
                    
36gem 'rack-oauth2',            '~> 1.2.1'
                    
37gem 'jwt'
                    
52# Extracting information from a git repository
                    
53# Provide access to Gitlab::Git library
                    
54gem 'gitlab_git', '~> 10.6.6'
                    
56# LDAP Auth
                    
57# GitLab fork with several improvements to original library. For full list of changes
                    
58# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
                    
                
Gemfile https://gitlab.com/simepy/gitlab-ce | Gemfile | 274 lines
                    
40# Provide access to Gitlab::Git library
                    
41gem "gitlab_git", '~> 7.2.6'
                    
42
                    
43# Ruby/Rack Git Smart-HTTP Server Handler
                    
44# GitLab fork with a lot of changes (improved thread-safety, better memory usage etc)
                    
45# For full list of changes see https://github.com/SaitoWu/grack/compare/master...gitlabhq:master
                    
50# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
                    
51gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap"
                    
52
                    
56# Language detection
                    
57# GitLab fork of linguist does not require pygments/python dependency.
                    
58# New version of original gem also dropped pygments support but it has strict
                    
59# dependency to unstable rugged version. We have internal issue for replacing
                    
60# fork with original gem when we meet on same rugged version - https://dev.gitlab.org/gitlab/gitlabhq/issues/2052.
                    
61gem "gitlab-linguist", "~> 3.0.1", require: "linguist"
                    
                
Gemfile https://gitlab.com/smuthusamy.fivedtech/gitlab-ee | Gemfile | 361 lines
                    
23gem 'omniauth-auth0',         '~> 1.4.1'
                    
24gem 'omniauth-azure-oauth2',  '~> 0.0.6'
                    
25gem 'omniauth-bitbucket',     '~> 0.0.2'
                    
28gem 'omniauth-github',        '~> 1.1.1'
                    
29gem 'omniauth-gitlab',        '~> 1.0.0'
                    
30gem 'omniauth-google-oauth2', '~> 0.4.1'
                    
36gem 'gssapi', group: :kerberos
                    
37gem 'rack-oauth2',            '~> 1.2.1'
                    
38gem 'jwt'
                    
49
                    
50# GitLab Pages
                    
51gem 'validates_hostname', '~> 1.0.0'
                    
56# Extracting information from a git repository
                    
57# Provide access to Gitlab::Git library
                    
58gem 'gitlab_git', '~> 10.6.8'
                    
                
Gemfile https://gitlab.com/vansch/gitlab-ee | Gemfile | 361 lines
                    
23gem 'omniauth-auth0',         '~> 1.4.1'
                    
24gem 'omniauth-azure-oauth2',  '~> 0.0.6'
                    
25gem 'omniauth-bitbucket',     '~> 0.0.2'
                    
28gem 'omniauth-github',        '~> 1.1.1'
                    
29gem 'omniauth-gitlab',        '~> 1.0.0'
                    
30gem 'omniauth-google-oauth2', '~> 0.4.1'
                    
36gem 'gssapi', group: :kerberos
                    
37gem 'rack-oauth2',            '~> 1.2.1'
                    
38gem 'jwt'
                    
49
                    
50# GitLab Pages
                    
51gem 'validates_hostname', '~> 1.0.0'
                    
56# Extracting information from a git repository
                    
57# Provide access to Gitlab::Git library
                    
58gem 'gitlab_git', '~> 10.6.7'
                    
                
README.md https://gitlab.com/gecgooden/gitlab-ce | Markdown | 68 lines
                    
11- [CI/CD](ci/README.md) GitLab Continuous Integration (CI) and Continuous Delivery (CD) getting started, `.gitlab-ci.yml` options, and examples.
                    
12- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
                    
13- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry.
                    
13- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry.
                    
14- [GitLab basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab.
                    
15- [Importing to GitLab](workflow/importing/README.md) Import your projects from GitHub, Bitbucket, GitLab.com, FogBugz and SVN into GitLab.
                    
26- [Git Attributes](user/project/git_attributes.md) Managing Git attributes using a `.gitattributes` file.
                    
27- [Git cheatsheet](https://gitlab.com/gitlab-com/marketing/raw/master/design/print/git-cheatsheet/print-pdf/git-cheatsheet.pdf) Download a PDF describing the most used Git operations.
                    
28
                    
35- [Install](install/README.md) Requirements, directory structures and installation from source.
                    
36- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components.
                    
37- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, Twitter.
                    
52- [Reply by email](administration/reply_by_email.md) Allow users to comment on issues and merge requests by replying to notification emails.
                    
53- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE.
                    
54- [Git LFS configuration](workflow/lfs/lfs_administration.md)
                    
                
auth.rb https://gitlab.com/Ben305/gitlab-ce | Ruby | 255 lines
                    
31          user_with_password_for_git(login, password) ||
                    
32          Gitlab::Auth::Result.new
                    
33
                    
34        rate_limit!(ip, success: result.success?, login: login)
                    
35        Gitlab::Auth::UniqueIpsLimiter.limit_user!(result.actor)
                    
36
                    
102          # in the Service.available_services_names whitelist.
                    
103          service = project.public_send("#{underscored_service}_service") # rubocop:disable GitlabSecurity/PublicSend
                    
104
                    
114
                    
115        raise Gitlab::Auth::MissingPersonalAccessTokenError if user.two_factor_enabled?
                    
116
                    
116
                    
117        Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)
                    
118      end
                    
                
Gemfile https://gitlab.com/maelvls/gitlab-ce | Gemfile | 278 lines
                    
40# Provide access to Gitlab::Git library
                    
41gem "gitlab_git", '~> 7.2.14'
                    
42
                    
43# Ruby/Rack Git Smart-HTTP Server Handler
                    
44# GitLab fork with a lot of changes (improved thread-safety, better memory usage etc)
                    
45# For full list of changes see https://github.com/SaitoWu/grack/compare/master...gitlabhq:master
                    
50# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
                    
51gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap"
                    
52
                    
56# Language detection
                    
57# GitLab fork of linguist does not require pygments/python dependency.
                    
58# New version of original gem also dropped pygments support but it has strict
                    
59# dependency to unstable rugged version. We have internal issue for replacing
                    
60# fork with original gem when we meet on same rugged version - https://dev.gitlab.org/gitlab/gitlabhq/issues/2052.
                    
61gem "gitlab-linguist", "~> 3.0.1", require: "linguist"
                    
                
client.rb https://gitlab.com/18dit020/gitlab | Ruby | 224 lines
                    
24      ROLES_LIST = %w[roles/iam.serviceAccountUser roles/artifactregistry.admin roles/cloudbuild.builds.builder roles/run.admin roles/storage.admin roles/cloudsql.admin roles/browser].freeze
                    
25      REVOKE_URL = 'https://oauth2.googleapis.com/revoke'
                    
26
                    
113        # generate account id
                    
114        random_account_id = "gitlab-" + SecureRandom.hex(11)
                    
115
                    
151        uri = URI(REVOKE_URL)
                    
152        Gitlab::HTTP.post(uri, body: { 'token' => access_token })
                    
153      end
                    
201        Google::Apis::RequestOptions.new.tap do |options|
                    
202          options.header = { 'User-Agent': "GitLab/#{Gitlab::VERSION.match('(\d+\.\d+)').captures.first} (GPN:GitLab;)" }
                    
203        end
                    
                
gitlab_controller.rb https://gitlab.com/artofhuman/gitlab-ce | Ruby | 76 lines
                    
9
                    
10  rescue_from OAuth2::Error, with: :gitlab_unauthorized
                    
11
                    
12  def callback
                    
13    session[:gitlab_access_token] = client.get_token(params[:code], callback_import_gitlab_url)
                    
14    redirect_to status_import_gitlab_url
                    
36    if current_user.can?(:create_projects, target_namespace)
                    
37      project = Gitlab::GitlabImport::ProjectCreator.new(repo, target_namespace, current_user, access_params).execute
                    
38
                    
51  def client
                    
52    @client ||= Gitlab::GitlabImport::Client.new(session[:gitlab_access_token])
                    
53  end
                    
73  def access_params
                    
74    { gitlab_access_token: session[:gitlab_access_token] }
                    
75  end
                    
                
benchmark-tests.js https://gitlab.com/0072016/SDK-JavaScript- | JavaScript | 324 lines
                    
41
                    
42runBenchmarks && Tinytest.add("constraint solver - benchmark on gems - rails, gitlabhq", function (test) {
                    
43  var r = new ConstraintSolver.PackagesResolver(railsCatalog);
                    
55    'omniauth': '1.1.3',
                    
56    'omniauth-google-oauth2': null,
                    
57    'omniauth-twitter': null,
                    
58    'omniauth-github': null,
                    
59    'gitlab-git': '5.7.1',
                    
60    'gitlab-grack': '2.0.0',
                    
60    'gitlab-grack': '2.0.0',
                    
61    'gitlab-omniauth-ldap': '1.0.4',
                    
62    'gitlab-gollum-lib': '1.1.0',
                    
62    'gitlab-gollum-lib': '1.1.0',
                    
63    'gitlab-linguist': '3.0.0',
                    
64    'grape': '0.6.1',
                    
                
index.md https://gitlab.com/artofhuman/gitlab-ce | Markdown | 48 lines
                    
13- **Integrations:**
                    
14  - [GitLab as OAuth2 authentication service provider](../../integration/oauth_provider.md#introduction-to-oauth)
                    
15  - [GitLab as OpenID Connect identity provider](../../integration/openid_connect_provider.md)
                    
23  - [How to Configure LDAP with GitLab CE](../../administration/auth/how_to_configure_ldap_gitlab_ce/index.md)
                    
24  - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/)
                    
25  - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/)
                    
33  - [Okta SSO provider](../../administration/auth/okta.md)
                    
34  - [Kerberos integration (GitLab EE)](https://docs.gitlab.com/ee/integration/kerberos.html)
                    
35
                    
40- [Impersonation tokens](../../api/README.md#impersonation-tokens)
                    
41- [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider)
                    
42
                    
46- [Jenkins GitLab OAuth Plugin](https://wiki.jenkins.io/display/JENKINS/GitLab+OAuth+Plugin)
                    
47- [How to customize GitLab to support OpenID authentication](http://eric.van-der-vlist.com/blog/2013/11/23/how-to-customize-gitlab-to-support-openid-authentication/)
                    
48- [OKD - Configuring Authentication and User Agent](https://docs.okd.io/latest/install_config/configuring_authentication.html#GitLab)
                    
                
omniauth_callbacks_controller.rb https://gitlab.com/axil/gitlab | Ruby | 292 lines
                    
16  def handle_omniauth
                    
17    omniauth_flow(Gitlab::Auth::OAuth)
                    
18  end
                    
48  def saml
                    
49    omniauth_flow(Gitlab::Auth::Saml)
                    
50  rescue Gitlab::Auth::Saml::IdentityLinker::UnverifiedRequest
                    
86
                    
87  def atlassian_oauth2
                    
88    omniauth_flow(Gitlab::Auth::Atlassian)
                    
150  def handle_service_ticket(provider, ticket)
                    
151    Gitlab::Auth::OAuth::Session.create provider, ticket
                    
152    session[:service_tickets] ||= {}
                    
181    end
                    
182  rescue Gitlab::Auth::OAuth::User::SigninDisabledForProviderError
                    
183    handle_disabled_provider
                    
                
grack_auth.rb https://gitlab.com/svansteenis/gitlab-ee | Ruby | 257 lines
                    
27      # Need this if under RELATIVE_URL_ROOT
                    
28      unless Gitlab.config.gitlab.relative_url_root.empty?
                    
29        # If website is mounted using relative_url_root need to remove it first
                    
29        # If website is mounted using relative_url_root need to remove it first
                    
30        @env['PATH_INFO'] = @request.path.sub(Gitlab.config.gitlab.relative_url_root,'')
                    
31      else
                    
38
                    
39      lfs_response = Gitlab::Lfs::Router.new(project, @user, @request).try_call
                    
40      return lfs_response unless lfs_response.nil?
                    
51    def allow_basic_auth?
                    
52      return true unless Gitlab.config.kerberos.enabled &&
                    
53                         Gitlab.config.kerberos.use_dedicated_port &&
                    
53                         Gitlab.config.kerberos.use_dedicated_port &&
                    
54                         @env['SERVER_PORT'] == Gitlab.config.kerberos.port.to_s
                    
55    end
                    
                
index.md https://gitlab.com/fuxu/gitlab-ce | Markdown | 48 lines
                    
12- **Integrations:**
                    
13  - [GitLab as OAuth2 authentication service provider](../../integration/oauth_provider.md#introduction-to-oauth)
                    
14  - [GitLab as OpenID Connect identity provider](../../integration/openid_connect_provider.md)
                    
22  - [How to Configure LDAP with GitLab CE](../../articles/how_to_configure_ldap_gitlab_ce/index.md)
                    
23  - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/)
                    
24  - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/)
                    
32  - [Okta SSO provider](../../administration/auth/okta.md)
                    
33  - [Kerberos integration (GitLab EE)](https://docs.gitlab.com/ee/integration/kerberos.html)
                    
34
                    
39- [Impersonation tokens](../../api/README.md#impersonation-tokens)
                    
40- [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider)
                    
41
                    
46- [Setup Gitlab CE with Active Directory authentication](https://www.caseylabs.com/setup-gitlab-ce-with-active-directory-authentication/)
                    
47- [How to customize GitLab to support OpenID authentication](http://eric.van-der-vlist.com/blog/2013/11/23/how-to-customize-gitlab-to-support-openid-authentication/)
                    
48- [Openshift - Configuring Authentication and User Agent](https://docs.openshift.org/latest/install_config/configuring_authentication.html#GitLab)
                    
                
auth_helper.rb https://gitlab.com/jamedjo/gitlab-ce | Ruby | 80 lines
                    
1module AuthHelper
                    
2  PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook azure_oauth2 authentiq).freeze
                    
3  FORM_BASED_PROVIDERS = [/\Aldap/, 'crowd'].freeze
                    
5  def ldap_enabled?
                    
6    Gitlab::LDAP::Config.enabled?
                    
7  end
                    
9  def omniauth_enabled?
                    
10    Gitlab.config.omniauth.enabled
                    
11  end
                    
17  def auth_providers
                    
18    Gitlab::OAuth::Provider.providers
                    
19  end
                    
21  def label_for_provider(name)
                    
22    Gitlab::OAuth::Provider.label_for(name)
                    
23  end
                    
                
twitter.md https://gitlab.com/wolfgang42/gitlab-ce | Markdown | 84 lines
                    
91. Fill in the application details.
                    
10   - Name: This can be anything. Consider something like `<Organization>'s GitLab` or `<Your Name>'s GitLab` or
                    
11   something else descriptive.
                    
12   - Description: Create a description.
                    
13   - Website: The URL to your GitLab installation. `https://gitlab.example.com`
                    
14   - Callback URL: `https://gitlab.example.com/users/auth/twitter/callback`
                    
37   ```sh
                    
38     sudo editor /etc/gitlab/gitlab.rb
                    
39   ```
                    
80
                    
81On the sign in page there should now be a Twitter icon below the regular sign in form. Click the icon to begin the authentication process. Twitter will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
                    
82
                    
83[reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
                    
84[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
                    
85
                    
                
user.go https://gitlab.com/vafl/vafl | Go | 117 lines
                    
3import (
                    
4	"gitlab.com/vafl/vafl/utils"
                    
5	"golang.org/x/net/context"
                    
5	"golang.org/x/net/context"
                    
6	"golang.org/x/oauth2"
                    
7	"google.golang.org/api/classroom/v1"
                    
20	ctx := context.Background()
                    
21	client := oauth2.NewClient(ctx, oauth2.StaticTokenSource(&oauth2.Token{AccessToken: u.AccessToken}))
                    
22
                    
                
README.md https://gitlab.com/Munken/gitlab-ce | Markdown | 65 lines
                    
2
                    
3GitLab integrates with multiple third-party services to allow external issue
                    
4trackers and external authentication.
                    
10- [LDAP](ldap.md) Set up sign in via LDAP
                    
11- [OmniAuth](omniauth.md) Sign in via Twitter, GitHub, GitLab.com, Google, Bitbucket, Facebook, Shibboleth, SAML, Crowd and Azure
                    
12- [SAML](saml.md) Configure GitLab as a SAML 2.0 Service Provider
                    
13- [CAS](cas.md) Configure GitLab to sign in using CAS
                    
14- [OAuth2 provider](oauth_provider.md) OAuth2 application creation
                    
15- [Gmail actions buttons](gmail_action_buttons_for_gitlab.md) Adds GitLab actions to messages
                    
19
                    
20GitLab Enterprise Edition contains [advanced Jenkins support][jenkins].
                    
21
                    
21
                    
22[jenkins]: http://docs.gitlab.com/ee/integration/jenkins.html
                    
23
                    
                
2022-04-11-architect-oidc-login.md https://gitlab.com/jamietanna/jvt.me | Markdown | 179 lines
                    
1---
                    
2title: "Protecting an Architect Framework Application with OAuth2 or OpenID Connect\
                    
3  \ Authentication"
                    
23
                    
24One of the things I like to do to is secure my services behind OAuth2/OpenID Connect, as it's a standard way of handling authorization, and a "log in with OAuth2/OpenID Connect" is a well-supported operation across languages and technologies.
                    
25
                    
27
                    
28As I use [IndieAuth](https://indieauth.spec.indieweb.org) as my identity layer, and we've recently made a lot of efforts to align IndieAuth with OAuth2, it's actually very straightforward to integrate with a standard OAuth2 client.
                    
29
                    
31
                    
32I have taken the below code from a sample project [on GitLab](https://gitlab.com/jamietanna/architect-fraemwork-openid-connect-example), as a standalone way to test this.
                    
33
                    
93
                    
94To actually start the authentication flow, we need a page to trigger this. In my case, I've got a `/start?me=${profile_url}` endpoint that uses IndieAuth to discover OAuth2 endpoints and then go through the OAuth2 flow as such, but you could just as easily have a `/start/github` that redirects to the GitHub authorization URL.
                    
95
                    
                
README.md https://gitlab.com/nlowe/gitlab-ce | Markdown | 74 lines
                    
5- [API](api/README.md) Automate GitLab via a simple and powerful API.
                    
6- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
                    
7- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab.
                    
8- [Importing to GitLab](workflow/importing/README.md).
                    
9- [Markdown](markdown/markdown.md) GitLab's advanced formatting system.
                    
10- [Migrating from SVN](migration/README.md) Convert a SVN repository to Git and GitLab
                    
15- [SSH](ssh/README.md) Setup your ssh keys and deploy keys for secure access to your projects.
                    
16- [Web hooks](web_hooks/web_hooks.md) Let GitLab notify you when new code has been pushed to your project.
                    
17- [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN.
                    
21- [Quick Start](ci/quick_start/README.md)
                    
22- [Configuring project (.gitlab-ci.yml)](ci/yaml/README.md)
                    
23- [Configuring runner](ci/runners/README.md)
                    
66- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails.
                    
67- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE.
                    
68- [Git LFS configuration](workflow/lfs/lfs_administration.md)
                    
                
auth.rb https://gitlab.com/yuanchenxi95/gitlab-ee | Ruby | 124 lines
                    
1module Gitlab
                    
2  module Auth
                    
25        if Devise.omniauth_providers.include?(:kerberos)
                    
26          kerberos_user = Gitlab::Kerberos::Authentication.login(login, password)
                    
27          return kerberos_user if kerberos_user
                    
33          # Second chance - try LDAP authentication
                    
34          return nil unless Gitlab::LDAP::Config.enabled?
                    
35
                    
35
                    
36          Gitlab::LDAP::Authentication.login(login, password)
                    
37        else
                    
42      def rate_limit!(ip, success:, login:)
                    
43        rate_limiter = Gitlab::Auth::IpRateLimiter.new(ip)
                    
44        return unless rate_limiter.enabled?
                    
71
                    
72        if underscored_service == 'gitlab_ci'
                    
73          project && project.valid_build_token?(password)
                    
                
auth_spec.rb https://gitlab.com/YarNayar/gitlab-ce | Ruby | 319 lines
                    
86      def operation
                    
87        expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
                    
88      end
                    
124        expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: 'oauth2')
                    
125        expect(gl_auth.find_for_git_client("oauth2", token_w_api_scope.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, full_authentication_abilities))
                    
126      end
                    
131        expect(gl_auth).to receive(:rate_limit!).with('ip', success: false, login: 'oauth2')
                    
132        expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(nil, nil))
                    
133      end
                    
185        expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip'))
                    
186          .to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
                    
187      end
                    
196        expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip'))
                    
197          .to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
                    
198      end
                    
                
overview.rst https://gitlab.com/superiorthreads/django-allauth | ReStructuredText | 160 lines
                    
43
                    
44- Basecamp (OAuth2)
                    
45
                    
73
                    
74- GitLab (OAuth2)
                    
75
                    
79
                    
80- Instagram (OAuth2)
                    
81
                    
117
                    
118- Untappd (OAuth2)
                    
119
                    
132
                    
133Note: OAuth/OAuth2 support is built using a common code base, making it easy to add support for additional OAuth/OAuth2 providers. More will follow soon...
                    
134
                    
                
README.md https://gitlab.com/Stretch96/gitlab-ee | Markdown | 78 lines
                    
8- [Custom templates for issues and merge requests](customization/issue_and_merge_request_template.md) Pre-fill the description of issues and merge requests to your liking.
                    
9- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
                    
10- [Container Registry](container_registry/README.md) Learn how to use GitLab Container Registry.
                    
10- [Container Registry](container_registry/README.md) Learn how to use GitLab Container Registry.
                    
11- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab.
                    
12- [GitLab Pages](pages/README.md) Using GitLab Pages.
                    
41- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, LDAP and Twitter.
                    
42- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components.
                    
43- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, Twitter.
                    
57- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails.
                    
58- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE.
                    
59- [Downgrade back to CE](downgrade_ee_to_ce/README.md) Follow this guide if you need to downgrade from EE to CE.
                    
64- [Elasticsearch](integration/elasticsearch.md) Enable Elasticsearch.
                    
65- [GitLab GEO](gitlab-geo/README.md) Configure GitLab GEO, a secondary read-only GitLab instance.
                    
66- [GitLab Performance Monitoring](monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics.
                    
                
Gemfile https://gitlab.com/kujiy/gitlab-ce | Gemfile | 351 lines
                    
9# Specify a sprockets version due to increased performance
                    
10# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069
                    
11gem 'sprockets', '~> 3.6.0'
                    
24gem 'omniauth-auth0',         '~> 1.4.1'
                    
25gem 'omniauth-azure-oauth2',  '~> 0.0.6'
                    
26gem 'omniauth-bitbucket',     '~> 0.0.2'
                    
29gem 'omniauth-github',        '~> 1.1.1'
                    
30gem 'omniauth-gitlab',        '~> 1.0.0'
                    
31gem 'omniauth-google-oauth2', '~> 0.2.0'
                    
36gem 'omniauth_crowd',         '~> 2.2.0'
                    
37gem 'rack-oauth2',            '~> 1.2.1'
                    
38gem 'jwt'
                    
53# Extracting information from a git repository
                    
54# Provide access to Gitlab::Git library
                    
55gem "gitlab_git", '~> 10.2'
                    
                
README.md https://gitlab.com/klml/gitlab-ee | Markdown | 52 lines
                    
5group: Access
                    
6info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
                    
7---
                    
8
                    
9# GitLab authentication and authorization **(FREE SELF)**
                    
10
                    
10
                    
11GitLab integrates with the following external authentication and authorization
                    
12providers:
                    
23- [GitHub](../../integration/github.md)
                    
24- [GitLab.com](../../integration/gitlab.md)
                    
25- [Google OAuth](../../integration/google.md)
                    
32- [SAML](../../integration/saml.md)
                    
33- [SAML for GitLab.com groups](../../user/group/saml_sso/index.md) **(PREMIUM SAAS)**
                    
34- [Shibboleth](../../integration/shibboleth.md)
                    
                
auth_spec.rb https://gitlab.com/twang2218/gitlab | Ruby | 380 lines
                    
99      expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: user.username)
                    
100      expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
                    
101    end
                    
163        expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: 'oauth2')
                    
164        expect(gl_auth.find_for_git_client("oauth2", token_w_api_scope.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, full_authentication_abilities))
                    
165      end
                    
170        expect(gl_auth).to receive(:rate_limit!).with('ip', success: false, login: 'oauth2')
                    
171        expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(nil, nil))
                    
172      end
                    
230        expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip'))
                    
231          .to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
                    
232      end
                    
241        expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip'))
                    
242          .to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
                    
243      end
                    
                
icons_helper_spec.rb https://gitlab.com/artofhuman/gitlab-ce | Ruby | 215 lines
                    
35        expect(sprite_icon_path)
                    
36          .to eq ActionController::Base.helpers.image_path("icons.svg", host: Gitlab.config.gitlab.url)
                    
37      end
                    
95
                    
96    it 'returns right icon name for google_oauth2 auth' do
                    
97      icon_name = 'google_oauth2'
                    
                
2017-08-14-gitlab-9-dot-4-dot-5-released.html.md https://gitlab.com/nick.volynkin/www-gitlab-com | Markdown | 98 lines
                    
59[!13203]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13203
                    
60[!13459]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13459
                    
61[!12863]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12863
                    
61[!12863]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12863
                    
62[!13076]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13076
                    
63[!13450]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13450
                    
69[!2640]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2640
                    
70[!2583]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2583
                    
71[!2564]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2564
                    
71[!2564]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2564
                    
72[!1813]: https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/1813
                    
73[!1810]: https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/1810
                    
73[!1810]: https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/1810
                    
74[!1816]: https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/1816
                    
75
                    
                
icons_helper.rb https://gitlab.com/wolfgang42/gitlab-ce | Ruby | 163 lines
                    
32    # we have to set the current path deliberately to prevent addition of asset_host
                    
33    sprite_base_url = Gitlab.config.gitlab.url if ActionController::Base.asset_host
                    
34    ActionController::Base.helpers.image_path('icons.svg', host: sprite_base_url)
                    
39    # we have to set the current path deliberately to prevent addition of asset_host
                    
40    sprite_base_url = Gitlab.config.gitlab.url if ActionController::Base.asset_host
                    
41    ActionController::Base.helpers.image_path('file_icons.svg', host: sprite_base_url)
                    
44  def sprite_icon(icon_name, size: nil, css_class: nil)
                    
45    if Gitlab::Sentry.should_raise_for_dev?
                    
46      unless known_sprites.include?(icon_name)
                    
46      unless known_sprites.include?(icon_name)
                    
47        exception = ArgumentError.new("#{icon_name} is not a known icon in @gitlab-org/gitlab-svg")
                    
48        raise exception
                    
67      names = "key"
                    
68    when "google_oauth2"
                    
69      names = "google"
                    
                
README.md https://gitlab.com/marcia/gitlab-ce | Markdown | 61 lines
                    
7- [CI/CD](ci/README.md) GitLab Continuous Integration (CI) and Continuous Delivery (CD) getting started, `.gitlab-ci.yml` options, and examples.
                    
8- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
                    
9- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry.
                    
9- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry.
                    
10- [GitLab basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab.
                    
11- [Importing to GitLab](workflow/importing/README.md).
                    
30- [Install](install/README.md) Requirements, directory structures and installation from source.
                    
31- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components.
                    
32- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, Twitter.
                    
46- [Reply by email](administration/reply_by_email.md) Allow users to comment on issues and merge requests by replying to notification emails.
                    
47- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE.
                    
48- [Git LFS configuration](workflow/lfs/lfs_administration.md)
                    
49- [Housekeeping](administration/housekeeping.md) Keep your Git repository tidy and fast.
                    
50- [GitLab Performance Monitoring](administration/monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics.
                    
51- [Monitoring uptime](user/admin_area/monitoring/health_check.md) Check the server status using the health check endpoint.
                    
                
Gemfile https://gitlab.com/Clusterfack/gitlab-ce.git | Gemfile | 278 lines
                    
40# Provide access to Gitlab::Git library
                    
41gem "gitlab_git", '~> 7.2.15'
                    
42
                    
43# Ruby/Rack Git Smart-HTTP Server Handler
                    
44# GitLab fork with a lot of changes (improved thread-safety, better memory usage etc)
                    
45# For full list of changes see https://github.com/SaitoWu/grack/compare/master...gitlabhq:master
                    
50# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
                    
51gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap"
                    
52
                    
56# Language detection
                    
57# GitLab fork of linguist does not require pygments/python dependency.
                    
58# New version of original gem also dropped pygments support but it has strict
                    
59# dependency to unstable rugged version. We have internal issue for replacing
                    
60# fork with original gem when we meet on same rugged version - https://dev.gitlab.org/gitlab/gitlabhq/issues/2052.
                    
61gem "gitlab-linguist", "~> 3.0.1", require: "linguist"
                    
                
index.md https://gitlab.com/klml/gitlab-ee | Markdown | 144 lines
                    
25
                    
26> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/45912) in GitLab 11.4.
                    
27
                    
43  applications. The simplest way to get started is to add a cluster using one
                    
44  of the [GitLab integrations](../add_remove_clusters.md#create-new-cluster).
                    
45- **Ingress** - Ingress can provide load balancing, SSL termination, and name-based
                    
62
                    
63Follow this step-by-step guide to configure an executable runbook in GitLab using
                    
64the components outlined above and the pre-loaded demo runbook.
                    
81   JupyterHub and start the server. Authentication is enabled for any user of the
                    
82   GitLab instance with OAuth2. This button redirects you to a page at GitLab
                    
83   requesting authorization for JupyterHub to use your GitLab account.
                    
132
                    
133      ![GitLab variables](img/gitlab-variables.png)
                    
134
                    
                
Gemfile https://gitlab.com/artofhuman/gitlab-ce | Gemfile | 433 lines
                    
14# Default values for AR models
                    
15gem 'gitlab-default_value_for', '~> 3.1.1', require: 'default_value_for'
                    
16
                    
31gem 'omniauth-auth0', '~> 2.0.0'
                    
32gem 'omniauth-azure-oauth2', '~> 0.0.9'
                    
33gem 'omniauth-cas3', '~> 1.1.4'
                    
35gem 'omniauth-github', '~> 1.3'
                    
36gem 'omniauth-gitlab', '~> 1.0.2'
                    
37gem 'omniauth-google-oauth2', '~> 0.6.0'
                    
38gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
                    
39gem 'omniauth-oauth2-generic', '~> 0.2.2'
                    
40gem 'omniauth-saml', '~> 1.10'
                    
44gem 'omniauth-authentiq', '~> 0.3.3'
                    
45gem 'rack-oauth2', '~> 1.2.1'
                    
46gem 'jwt', '~> 2.1.0'
                    
                
azure.md https://gitlab.com/523/gitlab-ce | Markdown | 149 lines
                    
29     installation. For example:
                    
30     - For the v1.0 endpoint: `https://gitlab.example.com/users/auth/azure_oauth2/callback`.
                    
31     - For the v2.0 endpoint: `https://gitlab.example.com/users/auth/azure_activedirectory_v2/callback`.
                    
59     ```shell
                    
60     sudo editor /etc/gitlab/gitlab.rb
                    
61     ```
                    
65     ```shell
                    
66     cd /home/git/gitlab
                    
67
                    
82       {
                    
83         name: "azure_oauth2",
                    
84         # label: "Provider name", # optional label for login button, defaults to "Azure AD"
                    
138
                    
1391. [Reconfigure GitLab](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure)
                    
140   if you installed using Omnibus, or [restart GitLab](../administration/restart_gitlab.md#installations-from-source)
                    
                
icons_helper.rb https://gitlab.com/klml/gitlab-ee | Ruby | 168 lines
                    
21      # we have to set the current path deliberately to prevent addition of asset_host
                    
22      sprite_base_url = Gitlab.config.gitlab.url if ActionController::Base.asset_host
                    
23      ActionController::Base.helpers.image_path('icons.svg', host: sprite_base_url)
                    
29    # we have to set the current path deliberately to prevent addition of asset_host
                    
30    sprite_base_url = Gitlab.config.gitlab.url if ActionController::Base.asset_host
                    
31    ActionController::Base.helpers.image_path('file_icons.svg', host: sprite_base_url)
                    
36      if known_sprites&.exclude?(icon_name)
                    
37        exception = ArgumentError.new("#{icon_name} is not a known icon in @gitlab-org/gitlab-svg")
                    
38        Gitlab::ErrorTracking.track_and_raise_for_dev_exception(exception)
                    
72      name = "key"
                    
73    when "google_oauth2"
                    
74      name = "google"
                    
157
                    
158    @known_sprites ||= Gitlab::Json.parse(File.read(Rails.root.join('node_modules/@gitlab/svgs/dist/icons.json')))['icons']
                    
159  end
                    
                
Gemfile https://gitlab.com/sijis/gitlab-ee.git | Gemfile | 278 lines
                    
40# Provide access to Gitlab::Git library
                    
41gem "gitlab_git", '~> 7.2.5'
                    
42
                    
43# Ruby/Rack Git Smart-HTTP Server Handler
                    
44# GitLab fork with a lot of changes (improved thread-safety, better memory usage etc)
                    
45# For full list of changes see https://github.com/SaitoWu/grack/compare/master...gitlabhq:master
                    
50# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
                    
51gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap"
                    
52gem 'net-ldap'
                    
60# dependency to unstable rugged version. We have internal issue for replacing 
                    
61# fork with original gem when we meet on same rugged version - https://dev.gitlab.org/gitlab/gitlabhq/issues/2052.
                    
62gem "gitlab-linguist", "~> 3.0.1", require: "linguist"
                    
271group :production do
                    
272  gem "gitlab_meta", '7.0'
                    
273end
                    
                
auth.rb https://bitbucket.org/terrchen/gitlab-ce.git | Ruby | 306 lines
                    
1module Gitlab
                    
2  module Auth
                    
69
                    
70        Gitlab::Auth::UniqueIpsLimiter.limit_user! do
                    
71          user = User.by_login(login)
                    
123      def authenticate_using_internal_or_ldap_password?
                    
124        Gitlab::CurrentSettings.password_authentication_enabled_for_git? || Gitlab::Auth::LDAP::Config.enabled?
                    
125      end
                    
139          if service && service.activated? && service.valid_token?(password)
                    
140            Gitlab::Auth::Result.new(nil, project, :ci, build_authentication_abilities)
                    
141          end
                    
150
                    
151        Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)
                    
152      end
                    
299      def registry_scopes
                    
300        return [] unless Gitlab.config.registry.enabled
                    
301
                    
                
README.md https://gitlab.com/Rhine25/gitlab-ce | Markdown | 54 lines
                    
6- [CI](ci/README.md) GitLab Continuous Integration (CI) getting started, `.gitlab-ci.yml` options, and examples.
                    
7- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
                    
8- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab.
                    
17- [Webhooks](web_hooks/web_hooks.md) Let GitLab notify you when new code has been pushed to your project.
                    
18- [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN.
                    
19
                    
25- [Install](install/README.md) Requirements, directory structures and installation from source.
                    
26- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components
                    
27- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, Twitter.
                    
39- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails.
                    
40- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE.
                    
41- [Git LFS configuration](workflow/lfs/lfs_administration.md)
                    
42- [Housekeeping](administration/housekeeping.md) Keep your Git repository tidy and fast.
                    
43- [GitLab Performance Monitoring](monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics
                    
44- [Monitoring uptime](monitoring/health_check.md) Check the server status using the health check endpoint
                    
                
Gemfile https://gitlab.com/davidhooey/gitlab-ce.git | Gemfile | 235 lines
                    
28gem 'omniauth', "~> 1.1.3"
                    
29gem 'omniauth-google-oauth2'
                    
30gem 'omniauth-twitter'
                    
33# Extracting information from a git repository
                    
34# Provide access to Gitlab::Git library
                    
35gem "gitlab_git", '~> 5.7.1'
                    
37# Ruby/Rack Git Smart-HTTP Server Handler
                    
38gem 'gitlab-grack', '~> 2.0.0.pre', require: 'grack'
                    
39
                    
40# LDAP Auth
                    
41gem 'gitlab_omniauth-ldap', '1.0.4', require: "omniauth-ldap"
                    
42
                    
43# Git Wiki
                    
44gem "gitlab-gollum-lib", "~> 1.1.0", require: 'gollum-lib'
                    
45
                    
                
2019-10-30-reader-mail-hugo-micropub.md https://gitlab.com/jamietanna/jvt.me | Markdown | 101 lines
                    
40
                    
41My code can be found at [<i class="fa fa-gitlab"></i> jamietanna/www-api](https://gitlab.com/jamietanna/www-api/tree/master/www-api-web/micropub) and is available as Free Software, under the [GNU Affero General Public License v3](https://www.gnu.org/licenses/agpl-3.0.en.html) so please do use it, but remember to abide by the license terms.
                    
42
                    
48
                    
49Firstly, I would ask how the site's content is stored? Is it stored in a git repo and put into GitLab.com, GitHub.com, or some other source control offering? Or is it not tracked anywhere?
                    
50
                    
60
                    
61I found that being a well-formed [OAuth2 Resource Server](https://www.oauth.com/oauth2-servers/the-resource-server/) can be a bit of work, and then also being a well-formed IndieAuth Resource Server, too.
                    
62
                    
89
                    
90For this, because my site is using GitLab CI as its means to build/test/deploy the site, I didn't need to do anything special to get the site building. As soon as the commit arrived on `master`, it would start the process to build + deploy it.
                    
91
                    
93
                    
94For this, I wanted to go API first and interact with GitLab.com's API (as I use GitLab.com for my repo hosting) rather than actually `git commit`ing locally, so I would recommend similar.
                    
95
                    
                
test_www_oauth.py https://gitlab.com/murder187ss/buildbot | Python | 299 lines
                    
60        self.githubAuth = oauth2.GitHubAuth("ghclientID", "clientSECRET")
                    
61        self.gitlabAuth = oauth2.GitLabAuth("https://gitlab.test/", "glclientID", "clientSECRET")
                    
62
                    
140    @defer.inlineCallbacks
                    
141    def test_GitlabVerifyCode(self):
                    
142        requests.get.side_effect = []
                    
193        self.assertEqual(self.gitlabAuth.getConfigDict(), {'fa_icon': 'fa-git', 'autologin': False,
                    
194                                                           'name': 'GitLab', 'oauth2': True})
                    
195
                    
290
                    
291class OAuth2AuthGoogleE2E(OAuth2AuthGitHubE2E):
                    
292    authClass = "GoogleAuth"
                    
294
                    
295class OAuth2AuthGitLabE2E(OAuth2AuthGitHubE2E):
                    
296    authClass = "GitLabAuth"
                    
                
google.md https://gitlab.com/rymai/gitlab | Markdown | 120 lines
                    
31     ```
                    
32     https://gitlab.example.com/users/auth/google_oauth2/callback
                    
33     https://gitlab.example.com/-/google_api/auth/callback
                    
57   ```shell
                    
58   sudo editor /etc/gitlab/gitlab.rb
                    
59   ```
                    
70
                    
71   For Omnibus GitLab:
                    
72
                    
86   ```yaml
                    
87   - { name: 'google_oauth2', app_id: 'YOUR_APP_ID',
                    
88     app_secret: 'YOUR_APP_SECRET',
                    
119[reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
                    
120[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
                    
121
                    
                
builder_spec.rb https://gitlab.com/abuhazim/gitlab-foss | Ruby | 76 lines
                    
4
                    
5RSpec.describe Gitlab::APIAuthentication::Builder do
                    
6  describe '#build' do
                    
59          allow.token_types(:pat).sent_through(:http_private, :query_private)
                    
60          allow.token_types(:oauth2).sent_through(:http_bearer, :query_access)
                    
61        end
                    
69
                    
70          http_bearer: [:oauth2],
                    
71          query_access: [:oauth2]
                    
                
Gemfile https://gitlab.com/leftathome/gitlab-ee | Gemfile | 349 lines
                    
9# Specify a sprockets version due to increased performance
                    
10# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069
                    
11gem 'sprockets', '~> 3.6.0'
                    
25gem 'omniauth-auth0',         '~> 1.4.1'
                    
26gem 'omniauth-azure-oauth2',  '~> 0.0.6'
                    
27gem 'omniauth-bitbucket',     '~> 0.0.2'
                    
30gem 'omniauth-github',        '~> 1.1.1'
                    
31gem 'omniauth-gitlab',        '~> 1.0.0'
                    
32gem 'omniauth-google-oauth2', '~> 0.2.0'
                    
38gem 'gssapi', group: :kerberos
                    
39gem 'rack-oauth2',            '~> 1.2.1'
                    
40gem 'jwt'
                    
50
                    
51# GitLab Pages
                    
52gem 'validates_hostname', '~> 1.0.0'
                    
                
oauth_provider.md https://gitlab.com/lavvy/artifacts-browser-demo | Markdown | 35 lines
                    
1## GitLab as OAuth2 authentication service provider
                    
2
                    
3This document is about using GitLab as an OAuth authentication service provider to sign into other services.
                    
4If you want to use other OAuth authentication service providers to sign into GitLab please see the [OAuth2 client documentation](../api/oauth2.md)
                    
5
                    
5
                    
6OAuth2 provides client applications a 'secure delegated access' to server resources on behalf of a resource owner. Or you can allow users to sign in to your application with their GitLab.com account.
                    
7In fact OAuth allows to issue access token to third-party clients by an authorization server, 
                    
8with the approval of the resource owner, or end-user. 
                    
9Mostly, OAuth2 is using for SSO (Single sign-on). But you can find a lot of different usages for this functionality. 
                    
10For example, our feature 'GitLab Importer' is using OAuth protocol to give an access to repositories without sharing user credentials to GitLab.com account. 
                    
10For example, our feature 'GitLab Importer' is using OAuth protocol to give an access to repositories without sharing user credentials to GitLab.com account. 
                    
11Also GitLab.com application can be used for authentication to your GitLab instance if needed [GitLab OmniAuth](gitlab.md).
                    
12
                    
12
                    
13GitLab has two ways to add new OAuth2 application to an instance, you can add application as regular user and through admin area. So GitLab actually can have an instance-wide and a user-wide applications. There is no defferences between them except the different permission levels.
                    
14
                    
                
oauth_provider.md https://gitlab.com/523/gitlab-ce | Markdown | 131 lines
                    
57     - Using the **Copy** button on the **Secret** field
                    
58       [in GitLab 14.2 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/332844).
                    
59
                    
61
                    
62> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16227) in GitLab 13.11.
                    
63
                    
75     - Using the **Copy** button on the **Secret** field
                    
76       [in GitLab 14.2 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/332844).
                    
77
                    
91> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/21745) in GitLab 14.3, with the ability to opt out.
                    
92> - Ability to opt-out of expiring access token [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/340848) in GitLab 15.0.
                    
93
                    
95The ability to opt-out of expiring access tokens was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/340848)
                    
96in GitLab 14.3 and [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/340848) in 15.0. All
                    
97existing integrations must be updated to support access token refresh.
                    
                
revoke_oauth_controller_spec.rb https://gitlab.com/523/gitlab-ce | Ruby | 86 lines
                    
7
                    
8  describe 'POST #create', :snowplow, :clean_gitlab_redis_sessions, :aggregate_failures do
                    
9    let_it_be(:project) { create(:project, :public) }
                    
30
                    
31      it 'redirects to Google OAuth2 authorize URL' do
                    
32        sign_in(user)
                    
41      before do
                    
42        stub_request(:post, "https://oauth2.googleapis.com/revoke")
                    
43          .to_return(status: 200, body: "", headers: {})
                    
50        expect(response).to redirect_to(project_google_cloud_index_path(project))
                    
51        expect(flash[:notice]).to eq('Google OAuth2 token revocation requested')
                    
52        expect_snowplow_event(
                    
64      before do
                    
65        stub_request(:post, "https://oauth2.googleapis.com/revoke")
                    
66          .to_return(status: 400, body: "", headers: {})
                    
                
azure.md https://gitlab.com/klml/gitlab-ee | Markdown | 200 lines
                    
11Microsoft documentation suggests that you should use the [OpenID Connect protocol to use the v2 endpoints](../administration/auth/oidc.md#microsoft-azure) for new projects.
                    
12To use v2 endpoints via OmniAuth, please follow [Microsoft Azure OAuth2 OmniAuth Provider v2 instructions](#microsoft-azure-oauth2-omniauth-provider-v2).
                    
13
                    
87   - *If you installed from Omnibus GitLab,*
                    
88     [reconfigure](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab.
                    
89   - *If you installed from source,*
                    
190   - *If you installed from Omnibus GitLab,*
                    
191     [reconfigure](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab.
                    
192   - *If you installed from source,*
                    
192   - *If you installed from source,*
                    
193     [restart GitLab](../administration/restart_gitlab.md#installations-from-source).
                    
194
                    
196Select the icon to begin the authentication process. Microsoft then asks you to
                    
197sign in and authorize the GitLab application. If successful, you are returned to GitLab and signed in.
                    
198
                    
                
auth_helper_spec.rb https://gitlab.com/SaiAshirwadInformatia/gitlab-ce | Ruby | 79 lines
                    
72
                    
73    [:twitter, :facebook, :google_oauth2, :gitlab, :github, :bitbucket, :crowd, :auth0, :authentiq].each do |provider|
                    
74      it "returns false if the provider is #{provider}" do
                    
                
index.md https://gitlab.com/espadav8/gitlab-ce | Markdown | 48 lines
                    
10  - [Support for Universal 2nd Factor Authentication - YubiKeys](https://about.gitlab.com/2016/06/22/gitlab-adds-support-for-u2f/)
                    
11  - [Security Webcast with Yubico](https://about.gitlab.com/2016/08/31/gitlab-and-yubico-security-webcast/)
                    
12- **Integrations:**
                    
21  - [How to Configure LDAP with GitLab CE](../../articles/how_to_configure_ldap_gitlab_ce/index.md)
                    
22  - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/)
                    
23  - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/)
                    
38- [Impersonation tokens](../../api/README.md#impersonation-tokens)
                    
39- [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider)
                    
40- [GitLab Runner API - Authentication](../../api/ci/runners.md#authentication)
                    
43
                    
44- [Kanboard Plugin GitLab Authentication](https://kanboard.net/plugin/gitlab-auth)
                    
45- [Jenkins GitLab OAuth Plugin](https://wiki.jenkins-ci.org/display/JENKINS/GitLab+OAuth+Plugin)
                    
46- [Setup Gitlab CE with Active Directory authentication](https://www.caseylabs.com/setup-gitlab-ce-with-active-directory-authentication/)
                    
47- [How to customize GitLab to support OpenID authentication](http://eric.van-der-vlist.com/blog/2013/11/23/how-to-customize-gitlab-to-support-openid-authentication/)
                    
48- [Openshift - Configuring Authentication and User Agent](https://docs.openshift.org/latest/install_config/configuring_authentication.html#GitLab)
                    
                
default.rb https://gitlab.com/conrado/cookbook-gitlab.git | Ruby | 209 lines
                    
19# GitLab shell
                    
20default['gitlab']['shell_repository'] = "https://github.com/gitlabhq/gitlab-shell.git"
                    
21default['gitlab']['shell_revision'] = "v1.8.0"
                    
28default['gitlab']['redis_port'] = "6379"
                    
29default['gitlab']['namespace']  = "resque:gitlab"
                    
30default['gitlab']['self_signed_cert'] = false
                    
32# GitLab
                    
33default['gitlab']['repository'] = "https://github.com/gitlabhq/gitlabhq.git"
                    
34default['gitlab']['deploy_key'] = "" # Optional. Private key used to connect to private GitLab repository.
                    
61default['gitlab']['oauth_allow_single_sign_on'] = false
                    
62default['gitlab']['oauth_providers'] = [] # Example: default['gitlab']['oauth_providers'] = [ { "name": "google_oauth2", "app_id": "YOUR APP ID", "app_secret": "YOUR APP SECRET", "args": "access_type: 'offline', approval_prompt: ''" }, { "name": "twitter", "app_id": "YOUR APP ID", "app_secret": "YOUR APP SECRET" }, { "name":"github", "app_id": "YOUR APP ID", "app_secret": "YOUR APP SECRET" }]
                    
63
                    
153# GitLab hq
                    
154default['gitlab']['path'] = "/home/git/gitlab" # Do not change this attribute in production since some code from the GitLab repo such as init.d assume this path.
                    
155default['gitlab']['satellites_path'] = "/home/git/gitlab-satellites"
                    
                
google.md https://gitlab.com/certik/gitlab-ce | Markdown | 108 lines
                    
25    - Application type: "Web Application"
                    
26    - Authorized JavaScript origins: This isn't really used by GitLab but go ahead and put 'https://gitlab.example.com' here.
                    
27    - Authorized redirect URI: 'https://gitlab.example.com/users/auth/google_oauth2/callback'
                    
34    ```sh
                    
35      sudo editor /etc/gitlab/gitlab.rb
                    
36    ```
                    
52    ```ruby
                    
53      gitlab_rails['omniauth_providers'] = [
                    
54        {
                    
94
                    
95On the sign in page there should now be a Google icon below the regular sign in form. Click the icon to begin the authentication process. Google will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
                    
96
                    
107[reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
                    
108[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
                    
109
                    
                
bitbucket_controller_spec.rb https://gitlab.com/18dit020/gitlab | Ruby | 367 lines
                    
131
                    
132      expect(response).to have_gitlab_http_status(:ok)
                    
133    end
                    
205
                    
206        context "when the namespace is not owned by the GitLab user" do
                    
207          it "doesn't create a project" do
                    
218          it "creates the namespace" do
                    
219            expect(Gitlab::BitbucketImport::ProjectCreator)
                    
220              .to receive(:new).and_return(double(execute: project))
                    
225          it "takes the new namespace" do
                    
226            expect(Gitlab::BitbucketImport::ProjectCreator)
                    
227              .to receive(:new).with(bitbucket_repo, bitbucket_repo.name, an_instance_of(Group), user, access_params)
                    
267          let(:fake_response) { double('Faraday::Response', headers: {}, body: '', status: 403) }
                    
268          let(:error) { OAuth2::Error.new(OAuth2::Response.new(fake_response)) }
                    
269
                    
                
 

Source

Language