100+ results results for 'gitlab oauth2 repo:axil/gitlab-ee' (591 ms)
3Automate GitLab via a simple and powerful API. All definitions can be found 4under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api). 5 94 95Read more about [GitLab as an OAuth2 client](oauth2.md). 96 261Date: Mon, 18 Jan 2016 09:43:18 GMT 262Link: <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=3&per_page=3>; rel="last" 263Status: 200 OK 388 389[GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API" 390[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb 391[ce-3749]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749 392[ce-5951]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5951 393README.md https://gitlab.com/jdipierro/gitlab-ce | Markdown | 392 lines
3Automate GitLab via a simple and powerful API. All definitions can be found 4under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api). 5 94 95Read more about [GitLab as an OAuth2 client](oauth2.md). 96 261Date: Mon, 18 Jan 2016 09:43:18 GMT 262Link: <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="last" 263Status: 200 OK 388 389[GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API" 390[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb 391[ce-3749]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749 392[ce-5951]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5951 393README.md https://gitlab.com/hazelyang/gitlab-ee | Markdown | 355 lines
3Automate GitLab via a simple and powerful API. All definitions can be found 4under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api). 5 86 87Read more about [GitLab as an OAuth2 client](oauth2.md). 88 90 91> [Introduced][ce-3749] in GitLab 8.8. 92 238Date: Mon, 18 Jan 2016 09:43:18 GMT 239Link: <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="last" 240Status: 200 OK 353[GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API" 354[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb 355[ce-3749]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749omniauth.md https://gitlab.com/xhang/gitlab | Markdown | 330 lines
12- [Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user) 13- [OmniAuth configuration sample when using Omnibus GitLab](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master#omniauth-google-twitter-github-login) 14- [Enable or disable Sign In with an OmniAuth provider without disabling import sources](#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources) 23- [Bitbucket](bitbucket.md) 24- [GitLab.com](gitlab.md) 25- [Google](google.md) 163```ruby 164gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2'] 165``` 194 195- Add the gem to your [Gemfile](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/Gemfile): 196 314```ruby 315gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'azure_oauth2' 316```omniauth.md https://gitlab.com/hvlad/gitlab-ce | Markdown | 330 lines
12- [Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user) 13- [OmniAuth configuration sample when using Omnibus GitLab](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master#omniauth-google-twitter-github-login) 14- [Enable or disable Sign In with an OmniAuth provider without disabling import sources](#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources) 23- [Bitbucket](bitbucket.md) 24- [GitLab.com](gitlab.md) 25- [Google](google.md) 163```ruby 164gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2'] 165``` 194 195- Add the gem to your [Gemfile](https://gitlab.com/gitlab-org/gitlab/blob/master/Gemfile): 196 314```ruby 315gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'azure_oauth2' 316```omniauth.md https://gitlab.com/tancnle/gitlab-ce | Markdown | 330 lines
12- [Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user) 13- [OmniAuth configuration sample when using Omnibus GitLab](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master#omniauth-google-twitter-github-login) 14- [Enable or disable Sign In with an OmniAuth provider without disabling import sources](#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources) 23- [Bitbucket](bitbucket.md) 24- [GitLab.com](gitlab.md) 25- [Google](google.md) 163```ruby 164gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2'] 165``` 194 195- Add the gem to your [Gemfile](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/Gemfile): 196 314```ruby 315gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'azure_oauth2' 316```Gemfile https://gitlab.com/kivlor/gitlab-ce | Gemfile | 438 lines
40gem 'omniauth-auth0', '~> 2.0.0' 41gem 'omniauth-azure-oauth2', '~> 0.0.9' 42gem 'omniauth-cas3', '~> 1.1.4' 44gem 'omniauth-github', '~> 1.1.1' 45gem 'omniauth-gitlab', '~> 1.0.2' 46gem 'omniauth-google-oauth2', '~> 0.5.3' 47gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos 48gem 'omniauth-oauth2-generic', '~> 0.2.2' 49gem 'omniauth-saml', '~> 1.10' 54gem 'omniauth-jwt', '~> 0.0.2' 55gem 'rack-oauth2', '~> 1.2.1' 56gem 'jwt', '~> 1.5.6' 67 68# GitLab Pages 69gem 'validates_hostname', '~> 1.0.6'git_http_spec.rb https://gitlab.com/pmorinerie/gitlab-ce | Ruby | 395 lines
85 it "responds with status 404" do 86 allow(Gitlab.config.gitlab_shell).to receive(:receive_pack).and_return(false) 87 96 it "responds with status 404" do 97 allow(Gitlab.config.gitlab_shell).to receive(:upload_pack).and_return(false) 98 188 it "downloads get status 200" do 189 clone_get "#{project.path_with_namespace}.git", user: 'oauth2', password: @token.token 190 194 it "uploads get status 401 (no project existence information leak)" do 195 push_get "#{project.path_with_namespace}.git", user: 'oauth2', password: @token.token 196 208 it "repeated attempts followed by successful attempt" do 209 options = Gitlab.config.rack_attack.git_basic_auth 210 maxretry = options[:maxretry] - 1README.md https://gitlab.com/vino.v/gitlab-ee | Markdown | 384 lines
3Automate GitLab via a simple and powerful API. All definitions can be found 4under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api). 5 95 96Read more about [GitLab as an OAuth2 client](oauth2.md). 97 254Date: Mon, 18 Jan 2016 09:43:18 GMT 255Link: <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="last" 256Status: 200 OK 381 382[GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API" 383[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb 383[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb 384[ce-3749]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749 385README.md https://gitlab.com/toanalien/gitlab-ee | Markdown | 326 lines
3Automate GitLab via a simple and powerful API. All definitions can be found 4under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api). 5 74 75Instead of the `private_token` you can transmit the OAuth2 access token as a 76header or as a parameter. 89 90Read more about [GitLab as an OAuth2 client](oauth2.md). 91 210Date: Mon, 18 Jan 2016 09:43:18 GMT 211Link: <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v3/projects/8/issues/8/notes?page=3&per_page=3>; rel="last" 212Status: 200 OK 324 325[GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API" 326[lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rbGemfile https://gitlab.com/natederbinsky/gitlab-ee | Gemfile | 361 lines
9# Specify a sprockets version due to increased performance 10# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069 11gem 'sprockets', '~> 3.6.0' 25gem 'omniauth-auth0', '~> 1.4.1' 26gem 'omniauth-azure-oauth2', '~> 0.0.6' 27gem 'omniauth-bitbucket', '~> 0.0.2' 30gem 'omniauth-github', '~> 1.1.1' 31gem 'omniauth-gitlab', '~> 1.0.0' 32gem 'omniauth-google-oauth2', '~> 0.4.1' 38gem 'gssapi', group: :kerberos 39gem 'rack-oauth2', '~> 1.2.1' 40gem 'jwt' 51 52# GitLab Pages 53gem 'validates_hostname', '~> 1.0.0'doorkeeper.rb https://gitlab.com/demisxbar/gitlab-ce | Ruby | 102 lines
14 resource_owner_from_credentials do |routes| 15 Gitlab::Auth.new.find(params[:username], params[:password]) 16 end 39 # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled 40 # by default in non-development environments). OAuth2 delegates security in 41 # communication to the HTTPS protocol so it is wise to keep this enabled. 71 # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL 72 # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi) 73 #Gemfile https://gitlab.com/solidnerd/gitlab-ce | Gemfile | 441 lines
40gem 'omniauth-auth0', '~> 2.0.0' 41gem 'omniauth-azure-oauth2', '~> 0.0.9' 42gem 'omniauth-cas3', '~> 1.1.4' 44gem 'omniauth-github', '~> 1.3' 45gem 'omniauth-gitlab', '~> 1.0.2' 46gem 'omniauth-google-oauth2', '~> 0.5.3' 47gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos 48gem 'omniauth-oauth2-generic', '~> 0.2.2' 49gem 'omniauth-saml', '~> 1.10' 53gem 'omniauth-authentiq', '~> 0.3.3' 54gem 'rack-oauth2', '~> 1.2.1' 55gem 'jwt', '~> 1.5.6' 66 67# GitLab Pages 68gem 'validates_hostname', '~> 1.0.6'api_guard.rb https://gitlab.com/artofhuman/gitlab-ce | Ruby | 144 lines
80 def api_access_allowed?(user) 81 Gitlab::UserAccess.new(user).allowed? && user.can?(:access_api) 82 end 99 100 base.__send__(:rescue_from, *error_classes, oauth2_bearer_token_error_handler) # rubocop:disable GitlabSecurity/PublicSend 101 end 102 103 def oauth2_bearer_token_error_handler 104 proc do |e| 106 case e 107 when Gitlab::Auth::MissingTokenError 108 Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new 134 :insufficient_scope, 135 Rack::OAuth2::Server::Resource::ErrorMethods::DEFAULT_DESCRIPTION[:insufficient_scope], 136 { scope: e.scopes })Base.php https://gitlab.com/x33n/kanboard | PHP | 118 lines
20 * @property \Core\MemoryCache $memoryCache 21 * @property \Core\OAuth2 $oauth 22 * @property \Core\Router $router 25 * @property \Integration\GithubWebhook $githubWebhook 26 * @property \Integration\GitlabWebhook $gitlabWebhook 27 * @property \Integration\HipchatWebhook $hipchatWebhookcore.js https://gitlab.com/CarimA/NitxBotDiscord | JavaScript | 209 lines
30 aliases: [ 'git', 'source', 'sourcecode' ], 31 description: 'Posts a link to the GitLab repository for the bot.', 32 action: (user, userID, channelID, event, args, callback) => { 34 to: channelID, 35 message: `GitLab repository: **https://gitlab.com/CarimA/NitxBotDiscord**` 36 }); 66 to: channelID, 67 message: `Want me to come to your own server? Head on to https://discordapp.com/oauth2/authorize?client_id=223144453555224578&scope=bot and select your server under the dropdown menu and hit *Authorize*. Note that you require **Manage Server** permissions in order to invite me somewhere!` 68 });README.md https://gitlab.com/OdNairy/gitlab-ee | Markdown | 73 lines
6- [CI/CD](ci/README.md) GitLab Continuous Integration (CI) and Continuous Delivery (CD) getting started, `.gitlab-ci.yml` options, and examples. 7- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab. 8- [Container Registry](container_registry/README.md) Learn how to use GitLab Container Registry. 8- [Container Registry](container_registry/README.md) Learn how to use GitLab Container Registry. 9- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab. 10- [Importing to GitLab](workflow/importing/README.md). 38- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, LDAP and Twitter. 39- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components. 40- [Issue closing](customization/issue_closing.md) Customize how to close an issue from commit messages. 52- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails. 53- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE. 54- [Downgrade back to CE](downgrade_ee_to_ce/README.md) Follow this guide if you need to downgrade from EE to CE. 59- [Elasticsearch](integration/elasticsearch.md) Enable Elasticsearch. 60- [GitLab GEO](gitlab-geo/README.md) Configure GitLab GEO, a secondary read-only GitLab instance. 61- [GitLab Performance Monitoring](monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics.Gemfile https://gitlab.com/jnoortheen/gitlab-ce | Gemfile | 355 lines
25gem 'omniauth-auth0', '~> 1.4.1' 26gem 'omniauth-azure-oauth2', '~> 0.0.6' 27gem 'omniauth-cas3', '~> 1.1.2' 29gem 'omniauth-github', '~> 1.1.1' 30gem 'omniauth-gitlab', '~> 1.0.2' 31gem 'omniauth-google-oauth2', '~> 0.4.1' 32gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos 33gem 'omniauth-oauth2-generic', '~> 0.2.2' 34gem 'omniauth-saml', '~> 1.7.0' 38gem 'omniauth-authentiq', '~> 0.3.0' 39gem 'rack-oauth2', '~> 1.2.1' 40gem 'jwt', '~> 1.5.6' 51 52# GitLab Pages 53gem 'validates_hostname', '~> 1.0.6'omniauth.md https://gitlab.com/Stretch96/gitlab-ce | Markdown | 272 lines
12- [Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user) 13- [OmniAuth configuration sample when using Omnibus GitLab](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master#omniauth-google-twitter-github-login) 14- [Enable or disable Sign In with an OmniAuth provider without disabling import sources](#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources) 23- [Bitbucket](bitbucket.md) 24- [GitLab.com](gitlab.md) 25- [Google](google.md) 160```ruby 161 gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2'] 162``` 189 190- Add the gem to your [Gemfile](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/Gemfile): 191 261```ruby 262 gitlab_rails['sync_profile_from_provider'] = ['twitter', 'google_oauth2'] 263 gitlab_rails['sync_profile_attributes'] = ['name', 'email', 'location']main.go https://gitlab.com/rvaz/orgo | Go | 79 lines
7 log "github.com/Sirupsen/logrus" 8 oauth2google "golang.org/x/oauth2/google" 9 calendar "google.golang.org/api/calendar/v3" 9 calendar "google.golang.org/api/calendar/v3" 10 oauth2api "google.golang.org/api/oauth2/v2" 11 15 "gitlab.com/rvaz/orgo/dropbox" 16 "gitlab.com/rvaz/orgo/google" 17 "gitlab.com/rvaz/orgo/web" 17 "gitlab.com/rvaz/orgo/web" 18 "gitlab.com/rvaz/orgo/work" 19 "golang.org/x/oauth2" 40 Endpoint: oauth2google.Endpoint, 41 Scopes: []string{calendar.CalendarScope, oauth2api.UserinfoEmailScope, oauth2api.UserinfoProfileScope}, 42 }oauth_login_spec.rb https://gitlab.com/wolfgang42/gitlab-ce | Ruby | 128 lines
17 18 providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2, 19 :facebook, :cas3, :auth0, :authentiq, :salesforce] 60 it 'when bypass-two-factor is enabled' do 61 allow(Gitlab.config.omniauth).to receive_messages(allow_bypass_two_factor: true) 62 login_via(provider.to_s, user, uid, remember_me: false, additional_info: additional_info) 66 it 'when bypass-two-factor is disabled' do 67 allow(Gitlab.config.omniauth).to receive_messages(allow_bypass_two_factor: false) 68 login_with_provider(provider, enter_two_factor: true, additional_info: additional_info)auth_spec.rb https://gitlab.com/paulsen.jan/gitlab-ee | Ruby | 108 lines
2 3describe Gitlab::Auth, lib: true do 4 let(:gl_auth) { described_class } 14 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'gitlab-ci-token') 15 expect(gl_auth.find_for_git_client('gitlab-ci-token', token, project: project, ip: ip)).to eq(Gitlab::Auth::Result.new(nil, :ci)) 16 end 22 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: user.username) 23 expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, :gitlab_or_ldap)) 24 end 32 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'oauth2') 33 expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, :oauth)) 34 end 40 expect(gl_auth).to receive(:rate_limit!).with(ip, success: false, login: login) 41 expect(gl_auth.find_for_git_client(login, 'bar', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new) 42 end2018-03-26-summary-of-limited-gitlab-credentials-exposed.html.md https://gitlab.com/syedahmedz1/www-gitlab-com | Markdown | 59 lines
13 14From February 19, 2018 to March 19, 2018, some GitLab.com personal access tokens and third-party credentials were inadvertently exposed publicly via an unprotected logging dashboard. The affected users represent approximately 0.5 percent of our GitLab.com user base. While the dashboard was originally protected from unauthorized access, a recent configuration change made this internal system publically accessible. 15 29* [Sanitize private_token field in HA Proxy logs](https://gitlab.com/gitlab-cookbooks/gitlab_fluentd/merge_requests/7) 30* [Reconfigure OAuth mechanism, removing ‘*’ email domain access](https://gitlab.com/gitlab-cookbooks/gitlab-oauth2-proxy/merge_requests/10) 31 33 34On March 19, 2018, GitLab user Ryan Hefner discovered an authentication misconfiguration on our internal logging dashboard. A configuration change was made incorrectly on February 19, 2018, which resulted in potential public read-only access to the centralized, internal logging server for GitLab. This misconfiguration was resolved immediately upon notification. 35 35 36GitLab uses an OAuth proxy service to authenticate all access to our internal logging infrastructure. Previously, this proxy service had been correctly configured to only allow access to authorized GitLab engineers. However, in the course of migrating this proxy service to our new cloud infrastructure, we inadvertently introduced a misconfiguration that allowed anyone with a valid Google account read-only access to our internal logging server, instead of the intended behavior of allowing only authorized GitLab engineering accounts. 37 58 59In keeping with our company value of transparency we also believe in communicating about such incidents clearly and promptly. If you have any questions, please contact [security@gitlab.com](mailto:security@gitlab.com). 60google.md https://gitlab.com/espadav8/gitlab-ce | Markdown | 93 lines
25 - Application type: "Web Application" 26 - Authorized JavaScript origins: This isn't really used by GitLab but go ahead and put 'https://gitlab.example.com' here. 27 - Authorized redirect URI: 'https://gitlab.example.com/users/auth/google_oauth2/callback' 34 ```sh 35 sudo editor /etc/gitlab/gitlab.rb 36 ``` 40 ```sh 41 cd /home/git/gitlab 42 79 80On the sign in page there should now be a Google icon below the regular sign in form. Click the icon to begin the authentication process. Google will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in. 81 92[reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure 93[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source 94Gemfile https://gitlab.com/nulldoxyz/gitlab-ce | Gemfile | 423 lines
28gem 'omniauth-auth0', '~> 1.4.1' 29gem 'omniauth-azure-oauth2', '~> 0.0.9' 30gem 'omniauth-cas3', '~> 1.1.4' 32gem 'omniauth-github', '~> 1.1.1' 33gem 'omniauth-gitlab', '~> 1.0.2' 34gem 'omniauth-google-oauth2', '~> 0.5.2' 35gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos 36gem 'omniauth-oauth2-generic', '~> 0.2.2' 37gem 'omniauth-saml', '~> 1.7.0' 41gem 'omniauth-authentiq', '~> 0.3.1' 42gem 'rack-oauth2', '~> 1.2.1' 43gem 'jwt', '~> 1.5.6' 54 55# GitLab Pages 56gem 'validates_hostname', '~> 1.0.6'admin_settings_spec.rb https://gitlab.com/beverett/gitlab-ce | Ruby | 284 lines
83 84 expect(Gitlab::CurrentSettings.home_page_url).to eq "https://about.gitlab.com/" 85 expect(page).to have_content "Application settings saved successfully" 96 expect(page).to have_content "Application settings saved successfully" 97 expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).to include('google_oauth2') 98 104 expect(page).to have_content "Application settings saved successfully" 105 expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).not_to include('google_oauth2') 106 end 116 expect(Gitlab::CurrentSettings.help_page_text).to eq "Example text" 117 expect(Gitlab::CurrentSettings.help_page_hide_commercial_content).to be_truthy 118 expect(Gitlab::CurrentSettings.help_page_support_url).to eq "http://example.com/help" 128 129 expect(Gitlab::CurrentSettings.max_pages_size).to eq 15 130 expect(Gitlab::CurrentSettings.pages_domain_verification_enabled?).to be_truthypersonal_access_tokens.md https://gitlab.com/gitlab-r2devops/gitlab-foss | Markdown | 198 lines
9 10> - Notifications for expiring tokens [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) in GitLab 12.6. 11> - Token lifetime limits [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) in GitLab 12.6. 11> - Token lifetime limits [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) in GitLab 12.6. 12> - Additional notifications for expiring tokens [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214721) in GitLab 13.3. 13> - Prefill for token name and scopes [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/334664) in GitLab 14.1. 97| `read_user` | Read-only for endpoints under `/users`. Essentially, access to any of the `GET` requests in the [Users API](../../api/users.md). | 98| `read_api` | Read-only for the complete API, including all groups and projects, the Container Registry, and the Package Registry. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28944) in GitLab 12.10.) | 99| `read_repository` | Read-only (pull) for the repository through `git clone`. | 101| `read_registry` | Read-only (pull) for [Container Registry](../packages/container_registry/index.md) images if a project is private and authorization is required. | 102| `write_registry` | Read-write (push) for [Container Registry](../packages/container_registry/index.md) images if a project is private and authorization is required. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28958) in GitLab 12.10.) | 103| `sudo` | API actions as any user in the system (if the authenticated user is an administrator). | 137 The token must be 20 characters long. The scopes must be valid and are visible 138 [in the source code](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/auth.rb). 139auth_spec.rb https://gitlab.com/vilhelmen/gitlab-ce | Ruby | 177 lines
2 3describe Gitlab::Auth, lib: true do 4 let(:gl_auth) { described_class } 24 25 expect(subject).to eq(Gitlab::Auth::Result.new(build.user, build.project, :build, build_authentication_abilities)) 26 end 60 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: user.username) 61 expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)) 62 end 75 ip = 'ip' 76 token = Gitlab::LfsToken.new(key).token 77 88 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'oauth2') 89 expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, read_authentication_abilities)) 90 endauth_spec.rb https://gitlab.com/ivlt/gitlab-ce | Ruby | 177 lines
2 3describe Gitlab::Auth, lib: true do 4 let(:gl_auth) { described_class } 24 25 expect(subject).to eq(Gitlab::Auth::Result.new(build.user, build.project, :build, build_authentication_abilities)) 26 end 60 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: user.username) 61 expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)) 62 end 75 ip = 'ip' 76 token = Gitlab::LfsToken.new(key).generate 77 88 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'oauth2') 89 expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, read_authentication_abilities)) 90 endwiki_pipeline.rb https://gitlab.com/18dit020/gitlab | Ruby | 55 lines
22 wiki = context.portable.wiki 23 url = data[:url].sub("://", "://oauth2:#{context.configuration.access_token}@") 24 24 25 Gitlab::UrlBlocker.validate!(url, allow_local_network: allow_local_requests?, allow_localhost: allow_local_requests?) 26 35 root = context.configuration.url 36 Gitlab::Utils.append_path(root, wiki_path) 37 end 39 def allow_local_requests? 40 Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services? 41 endGemfile https://gitlab.com/axil/gitlab-ee.git | Gemfile | 303 lines
23gem 'omniauth-github', '~> 1.1.1' 24gem 'omniauth-gitlab', '~> 1.0.0' 25gem 'omniauth-google-oauth2', '~> 0.2.0' 31gem 'gssapi', group: :kerberos 32gem 'rack-oauth2', '~> 1.0.5' 33 42# Extracting information from a git repository 43# Provide access to Gitlab::Git library 44gem "gitlab_git", '~> 7.2.20' 46# LDAP Auth 47# GitLab fork with several improvements to original library. For full list of changes 48# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master 48# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master 49gem 'gitlab_omniauth-ldap', '~> 1.2.1', require: "omniauth-ldap" 50gem 'net-ldap'README.md https://gitlab.com/sbeleidy/gitlab-ee | Markdown | 67 lines
6- [CI](ci/README.md) GitLab Continuous Integration (CI) getting started, `.gitlab-ci.yml` options, and examples. 7- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab. 8- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab. 19- [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN. 20- [GitLab Pages](pages/README.md) Using GitLab Pages. 21- [Custom templates for issues and merge requests](customization/issue_and_merge_request_template.md) Pre-fill the description of issues and merge requests to your liking. 35- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, LDAP and Twitter. 36- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components 37- [Issue closing](customization/issue_closing.md) Customize how to close an issue from commit messages. 48- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails. 49- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE. 50- [Downgrade back to CE](downgrade_ee_to_ce/README.md) Follow this guide if you need to downgrade from EE to CE. 58- [High Availability](administration/high_availability/README.md) Configure multiple servers for scaling or high availability 59- [GitLab GEO](gitlab-geo/README.md) Configure GitLab GEO, a 60 secondary read-only GitLab instanceGemfile https://gitlab.com/das_j/gitlab-ce | Gemfile | 349 lines
9# Specify a sprockets version due to increased performance 10# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069 11gem 'sprockets', '~> 3.6.0' 24gem 'omniauth-auth0', '~> 1.4.1' 25gem 'omniauth-azure-oauth2', '~> 0.0.6' 26gem 'omniauth-bitbucket', '~> 0.0.2' 29gem 'omniauth-github', '~> 1.1.1' 30gem 'omniauth-gitlab', '~> 1.0.0' 31gem 'omniauth-google-oauth2', '~> 0.2.0' 36gem 'omniauth_crowd', '~> 2.2.0' 37gem 'rack-oauth2', '~> 1.2.1' 38gem 'jwt' 53# Extracting information from a git repository 54# Provide access to Gitlab::Git library 55gem "gitlab_git", '~> 10.0'github_controller.rb https://gitlab.com/klml/gitlab-ee | Ruby | 268 lines
17 rescue_from Octokit::TooManyRequests, with: :provider_rate_limit 18 rescue_from Gitlab::GithubImport::RateLimitError, with: :rate_limit_threshold_exceeded 19 41 # Request repos to display error page if provider token is invalid 42 # Improving in https://gitlab.com/gitlab-org/gitlab-foss/issues/55585 43 client_repos 104 def expire_etag_cache 105 Gitlab::EtagCaching::Store.new.tap do |store| 106 store.touch(realtime_changes_path) 111 @client ||= if Feature.enabled?(:remove_legacy_github_client) 112 Gitlab::GithubImport::Client.new(session[access_token_key]) 113 else 138 139 @oauth_client ||= ::OAuth2::Client.new( 140 oauth_config.app_id,README.md https://gitlab.com/smuthusamy.fivedtech/gitlab-ee | Markdown | 79 lines
8- [Custom templates for issues and merge requests](customization/issue_and_merge_request_template.md) Pre-fill the description of issues and merge requests to your liking. 9- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab. 10- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry. 10- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry. 11- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab. 12- [GitLab Pages](pages/README.md) Using GitLab Pages. 42- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, LDAP and Twitter. 43- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components. 44- [Issue closing pattern](administration/issue_closing_pattern.md) Customize how to close an issue from commit messages. 57- [Reply by email](administration/reply_by_email.md) Allow users to comment on issues and merge requests by replying to notification emails. 58- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE. 59- [Downgrade back to CE](downgrade_ee_to_ce/README.md) Follow this guide if you need to downgrade from EE to CE. 64- [Elasticsearch](integration/elasticsearch.md) Enable Elasticsearch. 65- [GitLab GEO](gitlab-geo/README.md) Configure GitLab GEO, a secondary read-only GitLab instance. 66- [GitLab Performance Monitoring](administration/monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics.doorkeeper.rb https://gitlab.com/realsatomic/gitlab | Ruby | 123 lines
8 # Restore to pre-5.1 generator due to breaking change. 9 # See https://gitlab.com/gitlab-org/gitlab/-/issues/244371 10 default_generator_method :hex 25 resource_owner_from_credentials do |routes| 26 user = Gitlab::Auth.find_with_user_password(params[:username], params[:password], increment_failed_attempts: true) 27 user unless user.try(:two_factor_enabled?) 41 # Until 15.0, applications can opt-out of expiring tokens. 42 # Removal issue: https://gitlab.com/gitlab-org/gitlab/-/issues/340848 43 custom_access_token_expires_in do |context| 59 # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled 60 # by default in non-development environments). OAuth2 delegates security in 61 # communication to the HTTPS protocol so it is wise to keep this enabled. 120 # 121 # We might want to disable this in the future, see https://gitlab.com/gitlab-org/gitlab/-/issues/323615 122 skip_client_authentication_for_password_grant trueREADME.md https://gitlab.com/daniel.hoffmann/gitlab-ee | Markdown | 94 lines
5- [API](api/README.md) Automate GitLab via a simple and powerful API. 6- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab. 7- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab. 18- [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN. 19- [GitLab Pages](pages/README.md) Using GitLab Pages. 20- [Custom templates for issues and merge requests](customization/issue_and_merge_request_template.md) Pre-fill the description of issues and merge requests to your liking. 64- [Install](install/README.md) Requirements, directory structures and installation from source. 65- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components 66- [Installing your license](license/README.md) 78- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails. 79- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE. 80- [Downgrade back to CE](downgrade_ee_to_ce/README.md) Follow this guide if you need to downgrade from EE to CE. 85- [Elasticsearch](integration/elasticsearch.md) Enable Elasticsearch 86- [GitLab Performance Monitoring](monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics 87Gemfile https://gitlab.com/axil/gitlab | Gemfile | 523 lines
25gem 'devise', '~> 4.7.2' 26# TODO: verify ARM compile issue on 3.1.13+ version (see https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18828) 27gem 'bcrypt', '3.1.12' 89gem 'graphql', '~> 1.11.4' 90# NOTE: graphiql-rails v1.5+ doesn't work: https://gitlab.com/gitlab-org/gitlab/issues/31771 91# TODO: remove app/views/graphiql/rails/editors/show.html.erb when https://github.com/rmosolgo/graphiql-rails/pull/71 is released: 423 424 # Moved in `test` because https://gitlab.com/gitlab-org/gitlab/-/issues/217527 425 gem 'derailed_benchmarks', require: false 429 430# https://gitlab.com/gitlab-org/gitlab/issues/207207 431gem 'gitlab-mail_room', '~> 0.0.8', require: 'mail_room' 500# Monkey-patched in `config/initializers/mail_encoding_patch.rb` 501# See https://gitlab.com/gitlab-org/gitlab/issues/197386 502gem 'mail', '= 2.7.1'atlassian.md https://gitlab.com/klml/gitlab-ee | Markdown | 86 lines
20 211. Note the `Client ID` and `Secret` for the [GitLab configuration](#gitlab-configuration) steps. 22 24 251. Enter the GitLab callback URL using the format `https://gitlab.example.com/users/auth/atlassian_oauth2/callback` and click **Save changes**. 26 42 ```shell 43 sudo editor /etc/gitlab/gitlab.rb 44 ``` 48 ```shell 49 sudo -u git -H editor /home/git/gitlab/config/gitlab.yml 50 ``` 81 821. [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) or [restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect if you installed GitLab via Omnibus or from source respectively. 83Gemfile https://gitlab.com/cuongtm/gitlab-ee | Gemfile | 343 lines
9# Specify a sprockets version due to increased performance 10# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069 11gem 'sprockets', '~> 3.6.0' 25gem 'omniauth-auth0', '~> 1.4.1' 26gem 'omniauth-azure-oauth2', '~> 0.0.6' 27gem 'omniauth-bitbucket', '~> 0.0.2' 30gem 'omniauth-github', '~> 1.1.1' 31gem 'omniauth-gitlab', '~> 1.0.0' 32gem 'omniauth-google-oauth2', '~> 0.2.0' 38gem 'gssapi', group: :kerberos 39gem 'rack-oauth2', '~> 1.2.1' 40 49 50# GitLab Pages 51gem 'validates_hostname', '~> 1.0.0'bitbucket.md https://gitlab.com/tbeadle/gitlab-ce | Markdown | 138 lines
45 | **Application description** | Fill this in if you wish. | 46 | **Callback URL** | The URL to your GitLab installation, e.g., `https://gitlab.example.com`. | 47 | **URL** | The URL to your GitLab installation, e.g., `https://gitlab.example.com`. | 75 # For Omnibus packages 76 sudo editor /etc/gitlab/gitlab.rb 77 78 # For installations from source 79 sudo -u git -H editor /home/git/gitlab/config/gitlab.yml 80 ``` 134[bb-import]: ../workflow/importing/import_projects_from_bitbucket.md 135[bb-old]: https://gitlab.com/gitlab-org/gitlab-ce/blob/8-14-stable/doc/integration/bitbucket.md 136[bitbucket-docs]: https://confluence.atlassian.com/bitbucket/use-the-ssh-protocol-with-bitbucket-cloud-221449711.html#UsetheSSHprotocolwithBitbucketCloud-KnownhostorBitbucket%27spublickeyfingerprints 136[bitbucket-docs]: https://confluence.atlassian.com/bitbucket/use-the-ssh-protocol-with-bitbucket-cloud-221449711.html#UsetheSSHprotocolwithBitbucketCloud-KnownhostorBitbucket%27spublickeyfingerprints 137[reconfigure GitLab]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure 138[restart]: ../administration/restart_gitlab.md#installations-from-sourceauth.rb https://gitlab.com/espadav8/gitlab-ce | Ruby | 228 lines
6 7 # Scopes used for GitLab API access 8 API_SCOPES = [:api, :read_user].freeze 37 rate_limit!(ip, success: result.success?, login: login) 38 Gitlab::Auth::UniqueIpsLimiter.limit_user!(result.actor) 39 98 if service && service.activated? && service.valid_token?(password) 99 Gitlab::Auth::Result.new(nil, project, :ci, build_authentication_abilities) 100 end 109 110 Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities) 111 end 113 def oauth_access_token_check(login, password) 114 if login == "oauth2" && password.present? 115 token = Doorkeeper::AccessToken.by_token(password)2021-03-06-tokens-pls.md https://gitlab.com/jamietanna/jvt.me | Markdown | 52 lines
1--- 2title: "Introducing tokens-pls, a Web Application to Test OAuth2 Code Flows" 3description: "Announcing my new project, tokens-pls, which allows for easier manual testing with the OAuth2 code flow for Public Clients." 5- indieauth 6- oauth2 7- token-pls 17 18Fortunately, the OAuth2 Authorization Code grant is pretty straightforward, so doing this locally with i.e. `curl` is an OK process to go through, as well as using a guided tool such as <span class="h-card"><a class="u-url" href="https://seblog.nl">Sebastiaan Andeweg</a></span>'s <a href="http://gimme-a-token.5eb.nl/">gimme-a-token.5eb.nl</a>. 19 21 22I was thinking of creating a small script to go through the OAuth2 flow locally, with me copying-and-pasting the callback URL with granted authorization code, but thought I'd think a bit better about making this as easy as possible. 23 23 24I've created a Sinatra app, [tokens-pls](https://gitlab.com/jamietanna/tokens-pls) for this, which provides an easy tool for going through the Authorization Code flow for a [Public Client](https://tools.ietf.org/html/draft-ietf-oauth-v2-1-01#section-2.1), which is currently hosted on Heroku at [tokens-pls.herokuapp.com](https://tokens-pls.herokuapp.com). 25doorkeeper.rb https://gitlab.com/henrytextemma/gitlab-ce | Ruby | 102 lines
14 resource_owner_from_credentials do |routes| 15 Gitlab::Auth.find_with_user_password(params[:username], params[:password]) 16 end 39 # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled 40 # by default in non-development environments). OAuth2 delegates security in 41 # communication to the HTTPS protocol so it is wise to keep this enabled. 71 # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL 72 # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi) 73 #index.md https://github.com/backstage/backstage.git | Markdown | 118 lines
21- [GitHub](github/provider.md) 22- [GitLab](gitlab/provider.md) 23- [Google](google/provider.md) 110 111There are generic authentication providers for OAuth2 and SAML. These can reduce 112the amount of code needed to implement a custom authentication provider thatadmin_settings_spec.rb https://gitlab.com/tbeadle/gitlab-ce | Ruby | 336 lines
86 87 expect(Gitlab::CurrentSettings.home_page_url).to eq "https://about.gitlab.com/" 88 expect(page).to have_content "Application settings saved successfully" 115 expect(page).to have_content "Application settings saved successfully" 116 expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).to include('google_oauth2') 117 123 expect(page).to have_content "Application settings saved successfully" 124 expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).not_to include('google_oauth2') 125 end 135 expect(page).to have_content "Application settings saved successfully" 136 expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).to include('google_oauth2') 137 146 expect(page).to have_content "Application settings saved successfully" 147 expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).to include('google_oauth2') 148 enddoorkeeper.rb https://gitlab.com/toanalien/gitlab-ee | Ruby | 102 lines
14 resource_owner_from_credentials do |routes| 15 Gitlab::Auth.find_in_gitlab_or_ldap(params[:username], params[:password]) 16 end 39 # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled 40 # by default in non-development environments). OAuth2 delegates security in 41 # communication to the HTTPS protocol so it is wise to keep this enabled. 71 # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL 72 # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi) 73 #Gemfile https://gitlab.com/ja-me-sk/gitlab-ce | Gemfile | 410 lines
28gem 'omniauth-auth0', '~> 1.4.1' 29gem 'omniauth-azure-oauth2', '~> 0.0.6' 30gem 'omniauth-cas3', '~> 1.1.2' 32gem 'omniauth-github', '~> 1.1.1' 33gem 'omniauth-gitlab', '~> 1.0.2' 34gem 'omniauth-google-oauth2', '~> 0.4.1' 35gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos 36gem 'omniauth-oauth2-generic', '~> 0.2.2' 37gem 'omniauth-saml', '~> 1.7.0' 41gem 'omniauth-authentiq', '~> 0.3.1' 42gem 'rack-oauth2', '~> 1.2.1' 43gem 'jwt', '~> 1.5.6' 54 55# GitLab Pages 56gem 'validates_hostname', '~> 1.0.6'AuthHelper.php git://github.com/composer/composer.git | PHP | 264 lines
115 } 116 } elseif (in_array($origin, $this->config->get('gitlab-domains'), true)) { 117 $message = "\n".'Could not fetch '.$url.', enter your ' . $origin . ' credentials ' .($statusCode === 401 ? 'to access private repos' : 'to go over the API rate limit'); 117 $message = "\n".'Could not fetch '.$url.', enter your ' . $origin . ' credentials ' .($statusCode === 401 ? 'to access private repos' : 'to go over the API rate limit'); 118 $gitLabUtil = new GitLab($this->io, $this->config, null); 119 119 120 if ($this->io->hasAuthentication($origin) && ($auth = $this->io->getAuthentication($origin)) && in_array($auth['password'], array('gitlab-ci-token', 'private-token', 'oauth2'), true)) { 121 throw new TransportException("Invalid credentials for '" . $url . "', aborting.", $statusCode); 123 124 if (!$gitLabUtil->authorizeOAuth($origin) 125 && (!$this->io->isInteractive() || !$gitLabUtil->authorizeOAuthInteractively(parse_url($url, PHP_URL_SCHEME), $origin, $message)) 207 } 208 } elseif (in_array($origin, $this->config->get('gitlab-domains'), true)) { 209 if ($auth['password'] === 'oauth2') {Gemfile https://gitlab.com/gsharma/gitlab-ce | Gemfile | 347 lines
23gem 'omniauth-auth0', '~> 1.4.1' 24gem 'omniauth-azure-oauth2', '~> 0.0.6' 25gem 'omniauth-bitbucket', '~> 0.0.2' 28gem 'omniauth-github', '~> 1.1.1' 29gem 'omniauth-gitlab', '~> 1.0.0' 30gem 'omniauth-google-oauth2', '~> 0.4.1' 35gem 'omniauth_crowd', '~> 2.2.0' 36gem 'rack-oauth2', '~> 1.2.1' 37gem 'jwt' 52# Extracting information from a git repository 53# Provide access to Gitlab::Git library 54gem 'gitlab_git', '~> 10.6.7' 56# LDAP Auth 57# GitLab fork with several improvements to original library. For full list of changes 58# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:masterGemfile https://gitlab.com/aebrow4/gitlab-ce | Gemfile | 347 lines
23gem 'omniauth-auth0', '~> 1.4.1' 24gem 'omniauth-azure-oauth2', '~> 0.0.6' 25gem 'omniauth-bitbucket', '~> 0.0.2' 28gem 'omniauth-github', '~> 1.1.1' 29gem 'omniauth-gitlab', '~> 1.0.0' 30gem 'omniauth-google-oauth2', '~> 0.4.1' 35gem 'omniauth_crowd', '~> 2.2.0' 36gem 'rack-oauth2', '~> 1.2.1' 37gem 'jwt' 52# Extracting information from a git repository 53# Provide access to Gitlab::Git library 54gem 'gitlab_git', '~> 10.6.6' 56# LDAP Auth 57# GitLab fork with several improvements to original library. For full list of changes 58# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:masterGemfile https://gitlab.com/simepy/gitlab-ce | Gemfile | 274 lines
40# Provide access to Gitlab::Git library 41gem "gitlab_git", '~> 7.2.6' 42 43# Ruby/Rack Git Smart-HTTP Server Handler 44# GitLab fork with a lot of changes (improved thread-safety, better memory usage etc) 45# For full list of changes see https://github.com/SaitoWu/grack/compare/master...gitlabhq:master 50# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master 51gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap" 52 56# Language detection 57# GitLab fork of linguist does not require pygments/python dependency. 58# New version of original gem also dropped pygments support but it has strict 59# dependency to unstable rugged version. We have internal issue for replacing 60# fork with original gem when we meet on same rugged version - https://dev.gitlab.org/gitlab/gitlabhq/issues/2052. 61gem "gitlab-linguist", "~> 3.0.1", require: "linguist"Gemfile https://gitlab.com/smuthusamy.fivedtech/gitlab-ee | Gemfile | 361 lines
23gem 'omniauth-auth0', '~> 1.4.1' 24gem 'omniauth-azure-oauth2', '~> 0.0.6' 25gem 'omniauth-bitbucket', '~> 0.0.2' 28gem 'omniauth-github', '~> 1.1.1' 29gem 'omniauth-gitlab', '~> 1.0.0' 30gem 'omniauth-google-oauth2', '~> 0.4.1' 36gem 'gssapi', group: :kerberos 37gem 'rack-oauth2', '~> 1.2.1' 38gem 'jwt' 49 50# GitLab Pages 51gem 'validates_hostname', '~> 1.0.0' 56# Extracting information from a git repository 57# Provide access to Gitlab::Git library 58gem 'gitlab_git', '~> 10.6.8'Gemfile https://gitlab.com/vansch/gitlab-ee | Gemfile | 361 lines
23gem 'omniauth-auth0', '~> 1.4.1' 24gem 'omniauth-azure-oauth2', '~> 0.0.6' 25gem 'omniauth-bitbucket', '~> 0.0.2' 28gem 'omniauth-github', '~> 1.1.1' 29gem 'omniauth-gitlab', '~> 1.0.0' 30gem 'omniauth-google-oauth2', '~> 0.4.1' 36gem 'gssapi', group: :kerberos 37gem 'rack-oauth2', '~> 1.2.1' 38gem 'jwt' 49 50# GitLab Pages 51gem 'validates_hostname', '~> 1.0.0' 56# Extracting information from a git repository 57# Provide access to Gitlab::Git library 58gem 'gitlab_git', '~> 10.6.7'README.md https://gitlab.com/gecgooden/gitlab-ce | Markdown | 68 lines
11- [CI/CD](ci/README.md) GitLab Continuous Integration (CI) and Continuous Delivery (CD) getting started, `.gitlab-ci.yml` options, and examples. 12- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab. 13- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry. 13- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry. 14- [GitLab basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab. 15- [Importing to GitLab](workflow/importing/README.md) Import your projects from GitHub, Bitbucket, GitLab.com, FogBugz and SVN into GitLab. 26- [Git Attributes](user/project/git_attributes.md) Managing Git attributes using a `.gitattributes` file. 27- [Git cheatsheet](https://gitlab.com/gitlab-com/marketing/raw/master/design/print/git-cheatsheet/print-pdf/git-cheatsheet.pdf) Download a PDF describing the most used Git operations. 28 35- [Install](install/README.md) Requirements, directory structures and installation from source. 36- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components. 37- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, Twitter. 52- [Reply by email](administration/reply_by_email.md) Allow users to comment on issues and merge requests by replying to notification emails. 53- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE. 54- [Git LFS configuration](workflow/lfs/lfs_administration.md)auth.rb https://gitlab.com/Ben305/gitlab-ce | Ruby | 255 lines
31 user_with_password_for_git(login, password) || 32 Gitlab::Auth::Result.new 33 34 rate_limit!(ip, success: result.success?, login: login) 35 Gitlab::Auth::UniqueIpsLimiter.limit_user!(result.actor) 36 102 # in the Service.available_services_names whitelist. 103 service = project.public_send("#{underscored_service}_service") # rubocop:disable GitlabSecurity/PublicSend 104 114 115 raise Gitlab::Auth::MissingPersonalAccessTokenError if user.two_factor_enabled? 116 116 117 Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities) 118 endGemfile https://gitlab.com/maelvls/gitlab-ce | Gemfile | 278 lines
40# Provide access to Gitlab::Git library 41gem "gitlab_git", '~> 7.2.14' 42 43# Ruby/Rack Git Smart-HTTP Server Handler 44# GitLab fork with a lot of changes (improved thread-safety, better memory usage etc) 45# For full list of changes see https://github.com/SaitoWu/grack/compare/master...gitlabhq:master 50# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master 51gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap" 52 56# Language detection 57# GitLab fork of linguist does not require pygments/python dependency. 58# New version of original gem also dropped pygments support but it has strict 59# dependency to unstable rugged version. We have internal issue for replacing 60# fork with original gem when we meet on same rugged version - https://dev.gitlab.org/gitlab/gitlabhq/issues/2052. 61gem "gitlab-linguist", "~> 3.0.1", require: "linguist"client.rb https://gitlab.com/18dit020/gitlab | Ruby | 224 lines
24 ROLES_LIST = %w[roles/iam.serviceAccountUser roles/artifactregistry.admin roles/cloudbuild.builds.builder roles/run.admin roles/storage.admin roles/cloudsql.admin roles/browser].freeze 25 REVOKE_URL = 'https://oauth2.googleapis.com/revoke' 26 113 # generate account id 114 random_account_id = "gitlab-" + SecureRandom.hex(11) 115 151 uri = URI(REVOKE_URL) 152 Gitlab::HTTP.post(uri, body: { 'token' => access_token }) 153 end 201 Google::Apis::RequestOptions.new.tap do |options| 202 options.header = { 'User-Agent': "GitLab/#{Gitlab::VERSION.match('(\d+\.\d+)').captures.first} (GPN:GitLab;)" } 203 endgitlab_controller.rb https://gitlab.com/artofhuman/gitlab-ce | Ruby | 76 lines
9 10 rescue_from OAuth2::Error, with: :gitlab_unauthorized 11 12 def callback 13 session[:gitlab_access_token] = client.get_token(params[:code], callback_import_gitlab_url) 14 redirect_to status_import_gitlab_url 36 if current_user.can?(:create_projects, target_namespace) 37 project = Gitlab::GitlabImport::ProjectCreator.new(repo, target_namespace, current_user, access_params).execute 38 51 def client 52 @client ||= Gitlab::GitlabImport::Client.new(session[:gitlab_access_token]) 53 end 73 def access_params 74 { gitlab_access_token: session[:gitlab_access_token] } 75 endbenchmark-tests.js https://gitlab.com/0072016/SDK-JavaScript- | JavaScript | 324 lines
41 42runBenchmarks && Tinytest.add("constraint solver - benchmark on gems - rails, gitlabhq", function (test) { 43 var r = new ConstraintSolver.PackagesResolver(railsCatalog); 55 'omniauth': '1.1.3', 56 'omniauth-google-oauth2': null, 57 'omniauth-twitter': null, 58 'omniauth-github': null, 59 'gitlab-git': '5.7.1', 60 'gitlab-grack': '2.0.0', 60 'gitlab-grack': '2.0.0', 61 'gitlab-omniauth-ldap': '1.0.4', 62 'gitlab-gollum-lib': '1.1.0', 62 'gitlab-gollum-lib': '1.1.0', 63 'gitlab-linguist': '3.0.0', 64 'grape': '0.6.1',index.md https://gitlab.com/artofhuman/gitlab-ce | Markdown | 48 lines
13- **Integrations:** 14 - [GitLab as OAuth2 authentication service provider](../../integration/oauth_provider.md#introduction-to-oauth) 15 - [GitLab as OpenID Connect identity provider](../../integration/openid_connect_provider.md) 23 - [How to Configure LDAP with GitLab CE](../../administration/auth/how_to_configure_ldap_gitlab_ce/index.md) 24 - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/) 25 - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/) 33 - [Okta SSO provider](../../administration/auth/okta.md) 34 - [Kerberos integration (GitLab EE)](https://docs.gitlab.com/ee/integration/kerberos.html) 35 40- [Impersonation tokens](../../api/README.md#impersonation-tokens) 41- [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider) 42 46- [Jenkins GitLab OAuth Plugin](https://wiki.jenkins.io/display/JENKINS/GitLab+OAuth+Plugin) 47- [How to customize GitLab to support OpenID authentication](http://eric.van-der-vlist.com/blog/2013/11/23/how-to-customize-gitlab-to-support-openid-authentication/) 48- [OKD - Configuring Authentication and User Agent](https://docs.okd.io/latest/install_config/configuring_authentication.html#GitLab)omniauth_callbacks_controller.rb https://gitlab.com/axil/gitlab | Ruby | 292 lines
16 def handle_omniauth 17 omniauth_flow(Gitlab::Auth::OAuth) 18 end 48 def saml 49 omniauth_flow(Gitlab::Auth::Saml) 50 rescue Gitlab::Auth::Saml::IdentityLinker::UnverifiedRequest 86 87 def atlassian_oauth2 88 omniauth_flow(Gitlab::Auth::Atlassian) 150 def handle_service_ticket(provider, ticket) 151 Gitlab::Auth::OAuth::Session.create provider, ticket 152 session[:service_tickets] ||= {} 181 end 182 rescue Gitlab::Auth::OAuth::User::SigninDisabledForProviderError 183 handle_disabled_providergrack_auth.rb https://gitlab.com/svansteenis/gitlab-ee | Ruby | 257 lines
27 # Need this if under RELATIVE_URL_ROOT 28 unless Gitlab.config.gitlab.relative_url_root.empty? 29 # If website is mounted using relative_url_root need to remove it first 29 # If website is mounted using relative_url_root need to remove it first 30 @env['PATH_INFO'] = @request.path.sub(Gitlab.config.gitlab.relative_url_root,'') 31 else 38 39 lfs_response = Gitlab::Lfs::Router.new(project, @user, @request).try_call 40 return lfs_response unless lfs_response.nil? 51 def allow_basic_auth? 52 return true unless Gitlab.config.kerberos.enabled && 53 Gitlab.config.kerberos.use_dedicated_port && 53 Gitlab.config.kerberos.use_dedicated_port && 54 @env['SERVER_PORT'] == Gitlab.config.kerberos.port.to_s 55 endindex.md https://gitlab.com/fuxu/gitlab-ce | Markdown | 48 lines
12- **Integrations:** 13 - [GitLab as OAuth2 authentication service provider](../../integration/oauth_provider.md#introduction-to-oauth) 14 - [GitLab as OpenID Connect identity provider](../../integration/openid_connect_provider.md) 22 - [How to Configure LDAP with GitLab CE](../../articles/how_to_configure_ldap_gitlab_ce/index.md) 23 - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/) 24 - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/) 32 - [Okta SSO provider](../../administration/auth/okta.md) 33 - [Kerberos integration (GitLab EE)](https://docs.gitlab.com/ee/integration/kerberos.html) 34 39- [Impersonation tokens](../../api/README.md#impersonation-tokens) 40- [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider) 41 46- [Setup Gitlab CE with Active Directory authentication](https://www.caseylabs.com/setup-gitlab-ce-with-active-directory-authentication/) 47- [How to customize GitLab to support OpenID authentication](http://eric.van-der-vlist.com/blog/2013/11/23/how-to-customize-gitlab-to-support-openid-authentication/) 48- [Openshift - Configuring Authentication and User Agent](https://docs.openshift.org/latest/install_config/configuring_authentication.html#GitLab)auth_helper.rb https://gitlab.com/jamedjo/gitlab-ce | Ruby | 80 lines
1module AuthHelper 2 PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook azure_oauth2 authentiq).freeze 3 FORM_BASED_PROVIDERS = [/\Aldap/, 'crowd'].freeze 5 def ldap_enabled? 6 Gitlab::LDAP::Config.enabled? 7 end 9 def omniauth_enabled? 10 Gitlab.config.omniauth.enabled 11 end 17 def auth_providers 18 Gitlab::OAuth::Provider.providers 19 end 21 def label_for_provider(name) 22 Gitlab::OAuth::Provider.label_for(name) 23 enduser.go https://gitlab.com/vafl/vafl | Go | 117 lines
3import ( 4 "gitlab.com/vafl/vafl/utils" 5 "golang.org/x/net/context" 5 "golang.org/x/net/context" 6 "golang.org/x/oauth2" 7 "google.golang.org/api/classroom/v1" 20 ctx := context.Background() 21 client := oauth2.NewClient(ctx, oauth2.StaticTokenSource(&oauth2.Token{AccessToken: u.AccessToken})) 22README.md https://gitlab.com/Munken/gitlab-ce | Markdown | 65 lines
2 3GitLab integrates with multiple third-party services to allow external issue 4trackers and external authentication. 10- [LDAP](ldap.md) Set up sign in via LDAP 11- [OmniAuth](omniauth.md) Sign in via Twitter, GitHub, GitLab.com, Google, Bitbucket, Facebook, Shibboleth, SAML, Crowd and Azure 12- [SAML](saml.md) Configure GitLab as a SAML 2.0 Service Provider 13- [CAS](cas.md) Configure GitLab to sign in using CAS 14- [OAuth2 provider](oauth_provider.md) OAuth2 application creation 15- [Gmail actions buttons](gmail_action_buttons_for_gitlab.md) Adds GitLab actions to messages 19 20GitLab Enterprise Edition contains [advanced Jenkins support][jenkins]. 21 21 22[jenkins]: http://docs.gitlab.com/ee/integration/jenkins.html 23twitter.md https://gitlab.com/markglenfletcher/gitlab-ee | Markdown | 84 lines
91. Fill in the application details. 10 - Name: This can be anything. Consider something like `<Organization>'s GitLab` or `<Your Name>'s GitLab` or 11 something else descriptive. 12 - Description: Create a description. 13 - Website: The URL to your GitLab installation. `https://gitlab.example.com` 14 - Callback URL: `https://gitlab.example.com/users/auth/twitter/callback` 37 ```sh 38 sudo editor /etc/gitlab/gitlab.rb 39 ``` 80 81On the sign in page there should now be a Twitter icon below the regular sign in form. Click the icon to begin the authentication process. Twitter will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in. 82 83[reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure 84[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source 852022-04-11-architect-oidc-login.md https://gitlab.com/jamietanna/jvt.me | Markdown | 179 lines
1--- 2title: "Protecting an Architect Framework Application with OAuth2 or OpenID Connect\ 3 \ Authentication" 23 24One of the things I like to do to is secure my services behind OAuth2/OpenID Connect, as it's a standard way of handling authorization, and a "log in with OAuth2/OpenID Connect" is a well-supported operation across languages and technologies. 25 27 28As I use [IndieAuth](https://indieauth.spec.indieweb.org) as my identity layer, and we've recently made a lot of efforts to align IndieAuth with OAuth2, it's actually very straightforward to integrate with a standard OAuth2 client. 29 31 32I have taken the below code from a sample project [on GitLab](https://gitlab.com/jamietanna/architect-fraemwork-openid-connect-example), as a standalone way to test this. 33 93 94To actually start the authentication flow, we need a page to trigger this. In my case, I've got a `/start?me=${profile_url}` endpoint that uses IndieAuth to discover OAuth2 endpoints and then go through the OAuth2 flow as such, but you could just as easily have a `/start/github` that redirects to the GitHub authorization URL. 95README.md https://gitlab.com/nlowe/gitlab-ce | Markdown | 74 lines
5- [API](api/README.md) Automate GitLab via a simple and powerful API. 6- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab. 7- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab. 8- [Importing to GitLab](workflow/importing/README.md). 9- [Markdown](markdown/markdown.md) GitLab's advanced formatting system. 10- [Migrating from SVN](migration/README.md) Convert a SVN repository to Git and GitLab 15- [SSH](ssh/README.md) Setup your ssh keys and deploy keys for secure access to your projects. 16- [Web hooks](web_hooks/web_hooks.md) Let GitLab notify you when new code has been pushed to your project. 17- [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN. 21- [Quick Start](ci/quick_start/README.md) 22- [Configuring project (.gitlab-ci.yml)](ci/yaml/README.md) 23- [Configuring runner](ci/runners/README.md) 66- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails. 67- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE. 68- [Git LFS configuration](workflow/lfs/lfs_administration.md)auth.rb https://gitlab.com/tagyangyang/gitlab-ee | Ruby | 124 lines
1module Gitlab 2 module Auth 25 if Devise.omniauth_providers.include?(:kerberos) 26 kerberos_user = Gitlab::Kerberos::Authentication.login(login, password) 27 return kerberos_user if kerberos_user 33 # Second chance - try LDAP authentication 34 return nil unless Gitlab::LDAP::Config.enabled? 35 35 36 Gitlab::LDAP::Authentication.login(login, password) 37 else 42 def rate_limit!(ip, success:, login:) 43 rate_limiter = Gitlab::Auth::IpRateLimiter.new(ip) 44 return unless rate_limiter.enabled? 71 72 if underscored_service == 'gitlab_ci' 73 project && project.valid_build_token?(password)auth_spec.rb https://gitlab.com/YarNayar/gitlab-ce | Ruby | 319 lines
86 def operation 87 expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)) 88 end 124 expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: 'oauth2') 125 expect(gl_auth.find_for_git_client("oauth2", token_w_api_scope.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, full_authentication_abilities)) 126 end 131 expect(gl_auth).to receive(:rate_limit!).with('ip', success: false, login: 'oauth2') 132 expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(nil, nil)) 133 end 185 expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip')) 186 .to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)) 187 end 196 expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip')) 197 .to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)) 198 endoverview.rst https://gitlab.com/superiorthreads/django-allauth | ReStructuredText | 160 lines
43 44- Basecamp (OAuth2) 45 73 74- GitLab (OAuth2) 75 79 80- Instagram (OAuth2) 81 117 118- Untappd (OAuth2) 119 132 133Note: OAuth/OAuth2 support is built using a common code base, making it easy to add support for additional OAuth/OAuth2 providers. More will follow soon... 134README.md https://gitlab.com/Stretch96/gitlab-ee | Markdown | 78 lines
8- [Custom templates for issues and merge requests](customization/issue_and_merge_request_template.md) Pre-fill the description of issues and merge requests to your liking. 9- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab. 10- [Container Registry](container_registry/README.md) Learn how to use GitLab Container Registry. 10- [Container Registry](container_registry/README.md) Learn how to use GitLab Container Registry. 11- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab. 12- [GitLab Pages](pages/README.md) Using GitLab Pages. 41- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, LDAP and Twitter. 42- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components. 43- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, Twitter. 57- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails. 58- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE. 59- [Downgrade back to CE](downgrade_ee_to_ce/README.md) Follow this guide if you need to downgrade from EE to CE. 64- [Elasticsearch](integration/elasticsearch.md) Enable Elasticsearch. 65- [GitLab GEO](gitlab-geo/README.md) Configure GitLab GEO, a secondary read-only GitLab instance. 66- [GitLab Performance Monitoring](monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics.Gemfile https://gitlab.com/kujiy/gitlab-ce | Gemfile | 351 lines
9# Specify a sprockets version due to increased performance 10# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069 11gem 'sprockets', '~> 3.6.0' 24gem 'omniauth-auth0', '~> 1.4.1' 25gem 'omniauth-azure-oauth2', '~> 0.0.6' 26gem 'omniauth-bitbucket', '~> 0.0.2' 29gem 'omniauth-github', '~> 1.1.1' 30gem 'omniauth-gitlab', '~> 1.0.0' 31gem 'omniauth-google-oauth2', '~> 0.2.0' 36gem 'omniauth_crowd', '~> 2.2.0' 37gem 'rack-oauth2', '~> 1.2.1' 38gem 'jwt' 53# Extracting information from a git repository 54# Provide access to Gitlab::Git library 55gem "gitlab_git", '~> 10.2'README.md https://gitlab.com/klml/gitlab-ee | Markdown | 52 lines
5group: Access 6info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments 7--- 8 9# GitLab authentication and authorization **(FREE SELF)** 10 10 11GitLab integrates with the following external authentication and authorization 12providers: 23- [GitHub](../../integration/github.md) 24- [GitLab.com](../../integration/gitlab.md) 25- [Google OAuth](../../integration/google.md) 32- [SAML](../../integration/saml.md) 33- [SAML for GitLab.com groups](../../user/group/saml_sso/index.md) **(PREMIUM SAAS)** 34- [Shibboleth](../../integration/shibboleth.md)auth_spec.rb https://gitlab.com/twang2218/gitlab | Ruby | 380 lines
99 expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: user.username) 100 expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)) 101 end 163 expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: 'oauth2') 164 expect(gl_auth.find_for_git_client("oauth2", token_w_api_scope.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, full_authentication_abilities)) 165 end 170 expect(gl_auth).to receive(:rate_limit!).with('ip', success: false, login: 'oauth2') 171 expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(nil, nil)) 172 end 230 expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip')) 231 .to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)) 232 end 241 expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip')) 242 .to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)) 243 endicons_helper_spec.rb https://gitlab.com/artofhuman/gitlab-ce | Ruby | 215 lines
35 expect(sprite_icon_path) 36 .to eq ActionController::Base.helpers.image_path("icons.svg", host: Gitlab.config.gitlab.url) 37 end 95 96 it 'returns right icon name for google_oauth2 auth' do 97 icon_name = 'google_oauth2'2017-08-14-gitlab-9-dot-4-dot-5-released.html.md https://gitlab.com/nick.volynkin/www-gitlab-com | Markdown | 98 lines
59[!13203]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13203 60[!13459]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13459 61[!12863]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12863 61[!12863]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12863 62[!13076]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13076 63[!13450]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13450 69[!2640]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2640 70[!2583]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2583 71[!2564]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2564 71[!2564]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2564 72[!1813]: https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/1813 73[!1810]: https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/1810 73[!1810]: https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/1810 74[!1816]: https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/1816 75icons_helper.rb https://gitlab.com/wolfgang42/gitlab-ce | Ruby | 163 lines
32 # we have to set the current path deliberately to prevent addition of asset_host 33 sprite_base_url = Gitlab.config.gitlab.url if ActionController::Base.asset_host 34 ActionController::Base.helpers.image_path('icons.svg', host: sprite_base_url) 39 # we have to set the current path deliberately to prevent addition of asset_host 40 sprite_base_url = Gitlab.config.gitlab.url if ActionController::Base.asset_host 41 ActionController::Base.helpers.image_path('file_icons.svg', host: sprite_base_url) 44 def sprite_icon(icon_name, size: nil, css_class: nil) 45 if Gitlab::Sentry.should_raise_for_dev? 46 unless known_sprites.include?(icon_name) 46 unless known_sprites.include?(icon_name) 47 exception = ArgumentError.new("#{icon_name} is not a known icon in @gitlab-org/gitlab-svg") 48 raise exception 67 names = "key" 68 when "google_oauth2" 69 names = "google"README.md https://gitlab.com/marcia/gitlab-ce | Markdown | 61 lines
7- [CI/CD](ci/README.md) GitLab Continuous Integration (CI) and Continuous Delivery (CD) getting started, `.gitlab-ci.yml` options, and examples. 8- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab. 9- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry. 9- [Container Registry](user/project/container_registry.md) Learn how to use GitLab Container Registry. 10- [GitLab basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab. 11- [Importing to GitLab](workflow/importing/README.md). 30- [Install](install/README.md) Requirements, directory structures and installation from source. 31- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components. 32- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, Twitter. 46- [Reply by email](administration/reply_by_email.md) Allow users to comment on issues and merge requests by replying to notification emails. 47- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE. 48- [Git LFS configuration](workflow/lfs/lfs_administration.md) 49- [Housekeeping](administration/housekeeping.md) Keep your Git repository tidy and fast. 50- [GitLab Performance Monitoring](administration/monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics. 51- [Monitoring uptime](user/admin_area/monitoring/health_check.md) Check the server status using the health check endpoint.Gemfile https://gitlab.com/Clusterfack/gitlab-ce.git | Gemfile | 278 lines
40# Provide access to Gitlab::Git library 41gem "gitlab_git", '~> 7.2.15' 42 43# Ruby/Rack Git Smart-HTTP Server Handler 44# GitLab fork with a lot of changes (improved thread-safety, better memory usage etc) 45# For full list of changes see https://github.com/SaitoWu/grack/compare/master...gitlabhq:master 50# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master 51gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap" 52 56# Language detection 57# GitLab fork of linguist does not require pygments/python dependency. 58# New version of original gem also dropped pygments support but it has strict 59# dependency to unstable rugged version. We have internal issue for replacing 60# fork with original gem when we meet on same rugged version - https://dev.gitlab.org/gitlab/gitlabhq/issues/2052. 61gem "gitlab-linguist", "~> 3.0.1", require: "linguist"index.md https://gitlab.com/klml/gitlab-ee | Markdown | 144 lines
25 26> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/45912) in GitLab 11.4. 27 43 applications. The simplest way to get started is to add a cluster using one 44 of the [GitLab integrations](../add_remove_clusters.md#create-new-cluster). 45- **Ingress** - Ingress can provide load balancing, SSL termination, and name-based 62 63Follow this step-by-step guide to configure an executable runbook in GitLab using 64the components outlined above and the pre-loaded demo runbook. 81 JupyterHub and start the server. Authentication is enabled for any user of the 82 GitLab instance with OAuth2. This button redirects you to a page at GitLab 83 requesting authorization for JupyterHub to use your GitLab account. 132 133 ![GitLab variables](img/gitlab-variables.png) 134Gemfile https://gitlab.com/artofhuman/gitlab-ce | Gemfile | 433 lines
14# Default values for AR models 15gem 'gitlab-default_value_for', '~> 3.1.1', require: 'default_value_for' 16 31gem 'omniauth-auth0', '~> 2.0.0' 32gem 'omniauth-azure-oauth2', '~> 0.0.9' 33gem 'omniauth-cas3', '~> 1.1.4' 35gem 'omniauth-github', '~> 1.3' 36gem 'omniauth-gitlab', '~> 1.0.2' 37gem 'omniauth-google-oauth2', '~> 0.6.0' 38gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos 39gem 'omniauth-oauth2-generic', '~> 0.2.2' 40gem 'omniauth-saml', '~> 1.10' 44gem 'omniauth-authentiq', '~> 0.3.3' 45gem 'rack-oauth2', '~> 1.2.1' 46gem 'jwt', '~> 2.1.0'azure.md https://gitlab.com/523/gitlab-ce | Markdown | 149 lines
29 installation. For example: 30 - For the v1.0 endpoint: `https://gitlab.example.com/users/auth/azure_oauth2/callback`. 31 - For the v2.0 endpoint: `https://gitlab.example.com/users/auth/azure_activedirectory_v2/callback`. 59 ```shell 60 sudo editor /etc/gitlab/gitlab.rb 61 ``` 65 ```shell 66 cd /home/git/gitlab 67 82 { 83 name: "azure_oauth2", 84 # label: "Provider name", # optional label for login button, defaults to "Azure AD" 138 1391. [Reconfigure GitLab](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) 140 if you installed using Omnibus, or [restart GitLab](../administration/restart_gitlab.md#installations-from-source)icons_helper.rb https://gitlab.com/klml/gitlab-ee | Ruby | 168 lines
21 # we have to set the current path deliberately to prevent addition of asset_host 22 sprite_base_url = Gitlab.config.gitlab.url if ActionController::Base.asset_host 23 ActionController::Base.helpers.image_path('icons.svg', host: sprite_base_url) 29 # we have to set the current path deliberately to prevent addition of asset_host 30 sprite_base_url = Gitlab.config.gitlab.url if ActionController::Base.asset_host 31 ActionController::Base.helpers.image_path('file_icons.svg', host: sprite_base_url) 36 if known_sprites&.exclude?(icon_name) 37 exception = ArgumentError.new("#{icon_name} is not a known icon in @gitlab-org/gitlab-svg") 38 Gitlab::ErrorTracking.track_and_raise_for_dev_exception(exception) 72 name = "key" 73 when "google_oauth2" 74 name = "google" 157 158 @known_sprites ||= Gitlab::Json.parse(File.read(Rails.root.join('node_modules/@gitlab/svgs/dist/icons.json')))['icons'] 159 endGemfile https://gitlab.com/sijis/gitlab-ee.git | Gemfile | 278 lines
40# Provide access to Gitlab::Git library 41gem "gitlab_git", '~> 7.2.5' 42 43# Ruby/Rack Git Smart-HTTP Server Handler 44# GitLab fork with a lot of changes (improved thread-safety, better memory usage etc) 45# For full list of changes see https://github.com/SaitoWu/grack/compare/master...gitlabhq:master 50# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master 51gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap" 52gem 'net-ldap' 60# dependency to unstable rugged version. We have internal issue for replacing 61# fork with original gem when we meet on same rugged version - https://dev.gitlab.org/gitlab/gitlabhq/issues/2052. 62gem "gitlab-linguist", "~> 3.0.1", require: "linguist" 271group :production do 272 gem "gitlab_meta", '7.0' 273endauth.rb https://bitbucket.org/terrchen/gitlab-ce.git | Ruby | 306 lines
1module Gitlab 2 module Auth 69 70 Gitlab::Auth::UniqueIpsLimiter.limit_user! do 71 user = User.by_login(login) 123 def authenticate_using_internal_or_ldap_password? 124 Gitlab::CurrentSettings.password_authentication_enabled_for_git? || Gitlab::Auth::LDAP::Config.enabled? 125 end 139 if service && service.activated? && service.valid_token?(password) 140 Gitlab::Auth::Result.new(nil, project, :ci, build_authentication_abilities) 141 end 150 151 Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities) 152 end 299 def registry_scopes 300 return [] unless Gitlab.config.registry.enabled 301README.md https://gitlab.com/Rhine25/gitlab-ce | Markdown | 54 lines
6- [CI](ci/README.md) GitLab Continuous Integration (CI) getting started, `.gitlab-ci.yml` options, and examples. 7- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab. 8- [GitLab Basics](gitlab-basics/README.md) Find step by step how to start working on your commandline and on GitLab. 17- [Webhooks](web_hooks/web_hooks.md) Let GitLab notify you when new code has been pushed to your project. 18- [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN. 19 25- [Install](install/README.md) Requirements, directory structures and installation from source. 26- [Restart GitLab](administration/restart_gitlab.md) Learn how to restart GitLab and its components 27- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, Twitter. 39- [Reply by email](incoming_email/README.md) Allow users to comment on issues and merge requests by replying to notification emails. 40- [Migrate GitLab CI to CE/EE](migrate_ci_to_ce/README.md) Follow this guide to migrate your existing GitLab CI data to GitLab CE/EE. 41- [Git LFS configuration](workflow/lfs/lfs_administration.md) 42- [Housekeeping](administration/housekeeping.md) Keep your Git repository tidy and fast. 43- [GitLab Performance Monitoring](monitoring/performance/introduction.md) Configure GitLab and InfluxDB for measuring performance metrics 44- [Monitoring uptime](monitoring/health_check.md) Check the server status using the health check endpointGemfile https://gitlab.com/davidhooey/gitlab-ce.git | Gemfile | 235 lines
28gem 'omniauth', "~> 1.1.3" 29gem 'omniauth-google-oauth2' 30gem 'omniauth-twitter' 33# Extracting information from a git repository 34# Provide access to Gitlab::Git library 35gem "gitlab_git", '~> 5.7.1' 37# Ruby/Rack Git Smart-HTTP Server Handler 38gem 'gitlab-grack', '~> 2.0.0.pre', require: 'grack' 39 40# LDAP Auth 41gem 'gitlab_omniauth-ldap', '1.0.4', require: "omniauth-ldap" 42 43# Git Wiki 44gem "gitlab-gollum-lib", "~> 1.1.0", require: 'gollum-lib' 452019-10-30-reader-mail-hugo-micropub.md https://gitlab.com/jamietanna/jvt.me | Markdown | 101 lines
40 41My code can be found at [<i class="fa fa-gitlab"></i> jamietanna/www-api](https://gitlab.com/jamietanna/www-api/tree/master/www-api-web/micropub) and is available as Free Software, under the [GNU Affero General Public License v3](https://www.gnu.org/licenses/agpl-3.0.en.html) so please do use it, but remember to abide by the license terms. 42 48 49Firstly, I would ask how the site's content is stored? Is it stored in a git repo and put into GitLab.com, GitHub.com, or some other source control offering? Or is it not tracked anywhere? 50 60 61I found that being a well-formed [OAuth2 Resource Server](https://www.oauth.com/oauth2-servers/the-resource-server/) can be a bit of work, and then also being a well-formed IndieAuth Resource Server, too. 62 89 90For this, because my site is using GitLab CI as its means to build/test/deploy the site, I didn't need to do anything special to get the site building. As soon as the commit arrived on `master`, it would start the process to build + deploy it. 91 93 94For this, I wanted to go API first and interact with GitLab.com's API (as I use GitLab.com for my repo hosting) rather than actually `git commit`ing locally, so I would recommend similar. 95test_www_oauth.py https://gitlab.com/murder187ss/buildbot | Python | 299 lines
60 self.githubAuth = oauth2.GitHubAuth("ghclientID", "clientSECRET") 61 self.gitlabAuth = oauth2.GitLabAuth("https://gitlab.test/", "glclientID", "clientSECRET") 62 140 @defer.inlineCallbacks 141 def test_GitlabVerifyCode(self): 142 requests.get.side_effect = [] 193 self.assertEqual(self.gitlabAuth.getConfigDict(), {'fa_icon': 'fa-git', 'autologin': False, 194 'name': 'GitLab', 'oauth2': True}) 195 290 291class OAuth2AuthGoogleE2E(OAuth2AuthGitHubE2E): 292 authClass = "GoogleAuth" 294 295class OAuth2AuthGitLabE2E(OAuth2AuthGitHubE2E): 296 authClass = "GitLabAuth"google.md https://gitlab.com/rymai/gitlab | Markdown | 120 lines
31 ``` 32 https://gitlab.example.com/users/auth/google_oauth2/callback 33 https://gitlab.example.com/-/google_api/auth/callback 57 ```shell 58 sudo editor /etc/gitlab/gitlab.rb 59 ``` 70 71 For Omnibus GitLab: 72 86 ```yaml 87 - { name: 'google_oauth2', app_id: 'YOUR_APP_ID', 88 app_secret: 'YOUR_APP_SECRET', 119[reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure 120[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source 121revoke_oauth_controller_spec.rb https://gitlab.com/gitlab-r2devops/gitlab-foss | Ruby | 86 lines
7 8 describe 'POST #create', :snowplow, :clean_gitlab_redis_sessions, :aggregate_failures do 9 let_it_be(:project) { create(:project, :public) } 30 31 it 'redirects to Google OAuth2 authorize URL' do 32 sign_in(user) 41 before do 42 stub_request(:post, "https://oauth2.googleapis.com/revoke") 43 .to_return(status: 200, body: "", headers: {}) 50 expect(response).to redirect_to(project_google_cloud_index_path(project)) 51 expect(flash[:notice]).to eq('Google OAuth2 token revocation requested') 52 expect_snowplow_event( 64 before do 65 stub_request(:post, "https://oauth2.googleapis.com/revoke") 66 .to_return(status: 400, body: "", headers: {})builder_spec.rb https://gitlab.com/gitlab-r2devops/gitlab-foss | Ruby | 76 lines
4 5RSpec.describe Gitlab::APIAuthentication::Builder do 6 describe '#build' do 59 allow.token_types(:pat).sent_through(:http_private, :query_private) 60 allow.token_types(:oauth2).sent_through(:http_bearer, :query_access) 61 end 69 70 http_bearer: [:oauth2], 71 query_access: [:oauth2]Gemfile https://gitlab.com/leftathome/gitlab-ee | Gemfile | 349 lines
9# Specify a sprockets version due to increased performance 10# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069 11gem 'sprockets', '~> 3.6.0' 25gem 'omniauth-auth0', '~> 1.4.1' 26gem 'omniauth-azure-oauth2', '~> 0.0.6' 27gem 'omniauth-bitbucket', '~> 0.0.2' 30gem 'omniauth-github', '~> 1.1.1' 31gem 'omniauth-gitlab', '~> 1.0.0' 32gem 'omniauth-google-oauth2', '~> 0.2.0' 38gem 'gssapi', group: :kerberos 39gem 'rack-oauth2', '~> 1.2.1' 40gem 'jwt' 50 51# GitLab Pages 52gem 'validates_hostname', '~> 1.0.0'oauth_provider.md https://gitlab.com/lavvy/artifacts-browser-demo | Markdown | 35 lines
1## GitLab as OAuth2 authentication service provider 2 3This document is about using GitLab as an OAuth authentication service provider to sign into other services. 4If you want to use other OAuth authentication service providers to sign into GitLab please see the [OAuth2 client documentation](../api/oauth2.md) 5 5 6OAuth2 provides client applications a 'secure delegated access' to server resources on behalf of a resource owner. Or you can allow users to sign in to your application with their GitLab.com account. 7In fact OAuth allows to issue access token to third-party clients by an authorization server, 8with the approval of the resource owner, or end-user. 9Mostly, OAuth2 is using for SSO (Single sign-on). But you can find a lot of different usages for this functionality. 10For example, our feature 'GitLab Importer' is using OAuth protocol to give an access to repositories without sharing user credentials to GitLab.com account. 10For example, our feature 'GitLab Importer' is using OAuth protocol to give an access to repositories without sharing user credentials to GitLab.com account. 11Also GitLab.com application can be used for authentication to your GitLab instance if needed [GitLab OmniAuth](gitlab.md). 12 12 13GitLab has two ways to add new OAuth2 application to an instance, you can add application as regular user and through admin area. So GitLab actually can have an instance-wide and a user-wide applications. There is no defferences between them except the different permission levels. 14oauth_provider.md https://gitlab.com/zillemarco/gitlab | Markdown | 131 lines
57 - Using the **Copy** button on the **Secret** field 58 [in GitLab 14.2 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/332844). 59 61 62> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16227) in GitLab 13.11. 63 75 - Using the **Copy** button on the **Secret** field 76 [in GitLab 14.2 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/332844). 77 91> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/21745) in GitLab 14.3, with the ability to opt out. 92> - Ability to opt-out of expiring access token [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/340848) in GitLab 15.0. 93 95The ability to opt-out of expiring access tokens was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/340848) 96in GitLab 14.3 and [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/340848) in 15.0. All 97existing integrations must be updated to support access token refresh.azure.md https://gitlab.com/klml/gitlab-ee | Markdown | 200 lines
11Microsoft documentation suggests that you should use the [OpenID Connect protocol to use the v2 endpoints](../administration/auth/oidc.md#microsoft-azure) for new projects. 12To use v2 endpoints via OmniAuth, please follow [Microsoft Azure OAuth2 OmniAuth Provider v2 instructions](#microsoft-azure-oauth2-omniauth-provider-v2). 13 87 - *If you installed from Omnibus GitLab,* 88 [reconfigure](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab. 89 - *If you installed from source,* 190 - *If you installed from Omnibus GitLab,* 191 [reconfigure](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab. 192 - *If you installed from source,* 192 - *If you installed from source,* 193 [restart GitLab](../administration/restart_gitlab.md#installations-from-source). 194 196Select the icon to begin the authentication process. Microsoft then asks you to 197sign in and authorize the GitLab application. If successful, you are returned to GitLab and signed in. 198auth_helper_spec.rb https://gitlab.com/certik/gitlab-ce | Ruby | 79 lines
72 73 [:twitter, :facebook, :google_oauth2, :gitlab, :github, :bitbucket, :crowd, :auth0, :authentiq].each do |provider| 74 it "returns false if the provider is #{provider}" doindex.md https://gitlab.com/espadav8/gitlab-ce | Markdown | 48 lines
10 - [Support for Universal 2nd Factor Authentication - YubiKeys](https://about.gitlab.com/2016/06/22/gitlab-adds-support-for-u2f/) 11 - [Security Webcast with Yubico](https://about.gitlab.com/2016/08/31/gitlab-and-yubico-security-webcast/) 12- **Integrations:** 21 - [How to Configure LDAP with GitLab CE](../../articles/how_to_configure_ldap_gitlab_ce/index.md) 22 - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/) 23 - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/) 38- [Impersonation tokens](../../api/README.md#impersonation-tokens) 39- [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider) 40- [GitLab Runner API - Authentication](../../api/ci/runners.md#authentication) 43 44- [Kanboard Plugin GitLab Authentication](https://kanboard.net/plugin/gitlab-auth) 45- [Jenkins GitLab OAuth Plugin](https://wiki.jenkins-ci.org/display/JENKINS/GitLab+OAuth+Plugin) 46- [Setup Gitlab CE with Active Directory authentication](https://www.caseylabs.com/setup-gitlab-ce-with-active-directory-authentication/) 47- [How to customize GitLab to support OpenID authentication](http://eric.van-der-vlist.com/blog/2013/11/23/how-to-customize-gitlab-to-support-openid-authentication/) 48- [Openshift - Configuring Authentication and User Agent](https://docs.openshift.org/latest/install_config/configuring_authentication.html#GitLab)default.rb https://gitlab.com/conrado/cookbook-gitlab.git | Ruby | 209 lines
19# GitLab shell 20default['gitlab']['shell_repository'] = "https://github.com/gitlabhq/gitlab-shell.git" 21default['gitlab']['shell_revision'] = "v1.8.0" 28default['gitlab']['redis_port'] = "6379" 29default['gitlab']['namespace'] = "resque:gitlab" 30default['gitlab']['self_signed_cert'] = false 32# GitLab 33default['gitlab']['repository'] = "https://github.com/gitlabhq/gitlabhq.git" 34default['gitlab']['deploy_key'] = "" # Optional. Private key used to connect to private GitLab repository. 61default['gitlab']['oauth_allow_single_sign_on'] = false 62default['gitlab']['oauth_providers'] = [] # Example: default['gitlab']['oauth_providers'] = [ { "name": "google_oauth2", "app_id": "YOUR APP ID", "app_secret": "YOUR APP SECRET", "args": "access_type: 'offline', approval_prompt: ''" }, { "name": "twitter", "app_id": "YOUR APP ID", "app_secret": "YOUR APP SECRET" }, { "name":"github", "app_id": "YOUR APP ID", "app_secret": "YOUR APP SECRET" }] 63 153# GitLab hq 154default['gitlab']['path'] = "/home/git/gitlab" # Do not change this attribute in production since some code from the GitLab repo such as init.d assume this path. 155default['gitlab']['satellites_path'] = "/home/git/gitlab-satellites"google.md https://gitlab.com/SaiAshirwadInformatia/gitlab-ce | Markdown | 108 lines
25 - Application type: "Web Application" 26 - Authorized JavaScript origins: This isn't really used by GitLab but go ahead and put 'https://gitlab.example.com' here. 27 - Authorized redirect URI: 'https://gitlab.example.com/users/auth/google_oauth2/callback' 34 ```sh 35 sudo editor /etc/gitlab/gitlab.rb 36 ``` 52 ```ruby 53 gitlab_rails['omniauth_providers'] = [ 54 { 94 95On the sign in page there should now be a Google icon below the regular sign in form. Click the icon to begin the authentication process. Google will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in. 96 107[reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure 108[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source 109bitbucket_controller_spec.rb https://gitlab.com/realsatomic/gitlab | Ruby | 367 lines
131 132 expect(response).to have_gitlab_http_status(:ok) 133 end 205 206 context "when the namespace is not owned by the GitLab user" do 207 it "doesn't create a project" do 218 it "creates the namespace" do 219 expect(Gitlab::BitbucketImport::ProjectCreator) 220 .to receive(:new).and_return(double(execute: project)) 225 it "takes the new namespace" do 226 expect(Gitlab::BitbucketImport::ProjectCreator) 227 .to receive(:new).with(bitbucket_repo, bitbucket_repo.name, an_instance_of(Group), user, access_params) 267 let(:fake_response) { double('Faraday::Response', headers: {}, body: '', status: 403) } 268 let(:error) { OAuth2::Error.new(OAuth2::Response.new(fake_response)) } 269