100+ results for 'gitlab oauth2 repo:jmaziarz/gitlab-ce'
Not the results you expected?
events_spec.rb (https://gitlab.com/Stretch96/gitlab-ce) Ruby · 167 lines
15 get api('/events')
17 expect(response).to have_gitlab_http_status(401)
18 end
19 end
23 get api('/events?action=closed&target_type=issue&after=2016-12-1&before=2016-12-31', user)
25 expect(response).to have_gitlab_http_status(200)
26 expect(response).to include_pagination_headers
27 expect(json_response).to be_an Array
36 get api('/events?action=closed&target_type=issue&after=2016-12-1&before=2016-12-31', personal_access_token: token)
38 expect(response).to have_gitlab_http_status(200)
39 expect(response).to include_pagination_headers
40 expect(json_response).to be_an Array
Base.php (https://gitlab.com/x33n/kanboard) PHP · 118 lines
19 * @property \Core\Template $template
20 * @property \Core\MemoryCache $memoryCache
21 * @property \Core\OAuth2 $oauth
22 * @property \Core\Router $router
23 * @property \Core\Lexer $lexer
24 * @property \Integration\BitbucketWebhook $bitbucketWebhook
25 * @property \Integration\GithubWebhook $githubWebhook
26 * @property \Integration\GitlabWebhook $gitlabWebhook
27 * @property \Integration\HipchatWebhook $hipchatWebhook
28 * @property \Integration\Jabber $jabber
90_productivity_analytics.rb (https://gitlab.com/klml/gitlab-ee) Ruby · 157 lines
3 require './spec/support/sidekiq_middleware'
5 class Gitlab::Seeder::ProductivityAnalytics
6 def initialize(project)
7 @project = project
136 end
138 Gitlab::Seeder.quiet do
139 flag = 'SEED_PRODUCTIVITY_ANALYTICS'
147 next unless project.repository_exists? && project.repository.commit('master')
149 seeder = Gitlab::Seeder::ProductivityAnalytics.new(project)
150 seeder.seed!
151 puts "Productivity analytics seeded for project #{project.full_path}"
api_guard.rb (https://gitlab.com/innerwhisper/gitlab-ce) Ruby · 144 lines
42 # Helper Methods for Grape Endpoint
43 module HelperMethods
44 include Gitlab::Auth::UserAuthFinders
46 def find_current_user!
98 Gitlab::Auth::InsufficientScopeError]
100 base.__send__(:rescue_from, *error_classes, oauth2_bearer_token_error_handler) # rubocop:disable GitlabSecurity/PublicSend
101 end
105 response =
106 case e
107 when Gitlab::Auth::MissingTokenError
108 Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new
130 when Gitlab::Auth::InsufficientScopeError
131 # FIXME: ForbiddenError (inherited from Bearer::Forbidden of Rack::Oauth2)
132 # does not include WWW-Authenticate header, which breaks the standard.
133 Rack::OAuth2::Server::Resource::Bearer::Forbidden.new(
application_setting.rb (https://gitlab.com/pedrolab/gitlab-ce) Ruby · 136 lines
53 unless value.nil?
54 value.each do |level|
55 unless Gitlab::VisibilityLevel.options.has_value?(level)
56 record.errors.add(attr, "'#{level}' is not a valid visibility level")
57 end
63 unless value.nil?
64 value.each do |source|
65 unless Gitlab::ImportSources.options.has_value?(source)
66 record.errors.add(attr, "'#{source}' is not a import source")
67 end
88 def self.create_from_defaults
89 create(
90 default_projects_limit: Settings.gitlab['default_projects_limit'],
91 default_branch_protection: Settings.gitlab['default_branch_protection'],
92 signup_enabled: Settings.gitlab['signup_enabled'],
93 signin_enabled: Settings.gitlab['signin_enabled'],
oauth_login_spec.rb (https://gitlab.com/wolfgang42/gitlab-ce) Ruby · 128 lines
16 end
18 providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2,
19 :facebook, :cas3, :auth0, :authentiq, :salesforce]
60 it 'when bypass-two-factor is enabled' do
61 allow(Gitlab.config.omniauth).to receive_messages(allow_bypass_two_factor: true)
62 login_via(provider.to_s, user, uid, remember_me: false, additional_info: additional_info)
63 expect(current_path).to eq root_path
66 it 'when bypass-two-factor is disabled' do
67 allow(Gitlab.config.omniauth).to receive_messages(allow_bypass_two_factor: false)
68 login_with_provider(provider, enter_two_factor: true, additional_info: additional_info)
69 expect(current_path).to eq root_path
main.go (https://gitlab.com/rvaz/orgo) Go · 79 lines
7 log "github.com/Sirupsen/logrus"
8 oauth2google "golang.org/x/oauth2/google"
9 calendar "google.golang.org/api/calendar/v3"
10 oauth2api "google.golang.org/api/oauth2/v2"
15 "gitlab.com/rvaz/orgo/dropbox"
16 "gitlab.com/rvaz/orgo/google"
17 "gitlab.com/rvaz/orgo/web"
18 "gitlab.com/rvaz/orgo/work"
19 "golang.org/x/oauth2"
40 Endpoint: oauth2google.Endpoint,
41 Scopes: []string{calendar.CalendarScope, oauth2api.UserinfoEmailScope, oauth2api.UserinfoProfileScope},
42 }
milestones_controller.rb (https://gitlab.com/Stretch96/gitlab-ce) Ruby · 152 lines
google.md (https://gitlab.com/jacobvosmaer-gitlab/gitlab-ce) Markdown · 93 lines
24 1. Fill in the required information
25 - Application type: "Web Application"
26 - Authorized JavaScript origins: This isn't really used by GitLab but go ahead and put 'https://gitlab.example.com' here.
27 - Authorized redirect URI: 'https://gitlab.example.com/users/auth/google_oauth2/callback'
34 ```sh
35 sudo editor /etc/gitlab/gitlab.rb
36 ```
78 installed GitLab via Omnibus or from source respectively.
80 On the sign in page there should now be a Google icon below the regular sign in form. Click the icon to begin the authentication process. Google will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
82 ## Further Configuration
92 [reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
93 [restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
email_receiver_worker.rb (https://gitlab.com/markglenfletcher/gitlab-ce) Ruby · 54 lines
6 def perform(raw)
7 return unless Gitlab::IncomingEmail.enabled?
9 begin
10 Gitlab::Email::Receiver.new(raw).execute
11 rescue => e
12 handle_failure(raw, e)
18 def handle_failure(raw, error)
19 Rails.logger.warn("Email can not be processed: #{error}\n\n#{raw}") # rubocop:disable Gitlab/RailsLogger
21 return unless raw.present?
auth_spec.rb (https://gitlab.com/jdrumtra/gitlab-ce) Ruby · 177 lines
23 build.update(user: create(:user))
25 expect(subject).to eq(Gitlab::Auth::Result.new(build.user, build.project, :build, build_authentication_abilities))
26 end
27 end
60 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: user.username)
61 expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
62 end
74 key = create(:deploy_key)
75 ip = 'ip'
76 token = Gitlab::LfsToken.new(key).token
78 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: "lfs+deploy-key-#{key.id}")
88 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'oauth2')
89 expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, read_authentication_abilities))
90 end
auth_spec.rb (https://gitlab.com/ivlt/gitlab-ce) Ruby · 177 lines
23 build.update(user: create(:user))
25 expect(subject).to eq(Gitlab::Auth::Result.new(build.user, build.project, :build, build_authentication_abilities))
26 end
27 end
60 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: user.username)
61 expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
62 end
74 key = create(:deploy_key)
75 ip = 'ip'
76 token = Gitlab::LfsToken.new(key).generate
78 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: "lfs+deploy-key-#{key.id}")
88 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'oauth2')
89 expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, read_authentication_abilities))
90 end
wiki_pipeline.rb (https://gitlab.com/18dit020/gitlab) Ruby · 55 lines
22 wiki = context.portable.wiki
23 url = data[:url].sub("://", "://oauth2:#{context.configuration.access_token}@")
25 Gitlab::UrlBlocker.validate!(url, allow_local_network: allow_local_requests?, allow_localhost: allow_local_requests?)
34 wiki_path = parent_path + ".wiki.git"
35 root = context.configuration.url
36 Gitlab::Utils.append_path(root, wiki_path)
37 end
39 def allow_local_requests?
40 Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services?
41 end
auth_spec.rb (https://gitlab.com/heijmans/gitlab-ee) Ruby · 108 lines
1 require 'spec_helper'
3 describe Gitlab::Auth, lib: true do
4 let(:gl_auth) { described_class }
14 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'gitlab-ci-token')
15 expect(gl_auth.find_for_git_client('gitlab-ci-token', token, project: project, ip: ip)).to eq(Gitlab::Auth::Result.new(nil, :ci))
16 end
22 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: user.username)
23 expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, :gitlab_or_ldap))
24 end
32 expect(gl_auth).to receive(:rate_limit!).with(ip, success: true, login: 'oauth2')
33 expect(gl_auth.find_for_git_client("oauth2", token.token, project: nil, ip: ip)).to eq(Gitlab::Auth::Result.new(user, :oauth))
34 end
create_note_handler_spec.rb (https://gitlab.com/Munken/gitlab-ce) Ruby · 179 lines
2 require_relative '../email_shared_blocks'
4 describe Gitlab::Email::Handler::CreateNoteHandler, lib: true do
5 include_context :email_shared_context
6 it_behaves_like :email_shared_examples
26 it "raises a UnknownIncomingEmail" do
27 expect { receiver.execute }.to raise_error(Gitlab::Email::UnknownIncomingEmail)
28 end
29 end
34 it "raises a SentNotificationNotFoundError" do
35 expect { receiver.execute }.to raise_error(Gitlab::Email::SentNotificationNotFoundError)
36 end
37 end
help_controller.rb (https://gitlab.com/artofhuman/gitlab-ce) Ruby · 108 lines
vulnerability_type.rb (https://gitlab.com/realsatomic/gitlab) Ruby · 178 lines
109 def confirmed_by
110 ::Gitlab::Graphql::Loaders::BatchModelLoader.new(::User, object.confirmed_by_id).find
111 end
113 def resolved_by
114 ::Gitlab::Graphql::Loaders::BatchModelLoader.new(::User, object.resolved_by_id).find
115 end
117 def dismissed_by
118 ::Gitlab::Graphql::Loaders::BatchModelLoader.new(::User, object.dismissed_by_id).find
119 end
omniauth_callbacks_controller.rb (https://gitlab.com/twang2218/gitlab) Ruby · 186 lines
5 protect_from_forgery except: [:kerberos, :saml, :cas3]
7 Gitlab.config.omniauth.providers.each do |provider|
8 define_method provider['name'] do
9 handle_omniauth
11 end
13 if Gitlab::LDAP::Config.enabled?
14 Gitlab::LDAP::Config.available_servers.each do |server|
32 # if the authentication to LDAP was successful.
33 def ldap
34 ldap_user = Gitlab::LDAP::User.new(oauth)
35 ldap_user.save if ldap_user.changed? # will also save new users
63 end
64 else
65 saml_user = Gitlab::Saml::User.new(oauth)
66 saml_user.save if saml_user.changed?
67 @user = saml_user.gl_user
atlassian.md (https://gitlab.com/klml/gitlab-ee) Markdown · 86 lines
23 1. In the left sidebar under **APIS AND FEATURES**, click **OAuth 2.0 (3LO)**.
25 1. Enter the GitLab callback URL using the format `https://gitlab.example.com/users/auth/atlassian_oauth2/callback` and click **Save changes**.
27 1. Click **+ Add** in the left sidebar under **APIS AND FEATURES**.
42 ```shell
43 sudo editor /etc/gitlab/gitlab.rb
44 ```
80 1. Save the configuration file.
82 1. [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) or [restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect if you installed GitLab via Omnibus or from source respectively.
84 On the sign-in page there should now be an Atlassian icon below the regular sign in form. Click the icon to begin the authentication process.
2021-03-06-tokens-pls.md (https://gitlab.com/jamietanna/jvt.me) Markdown · 52 lines
1 ---
2 title: "Introducing tokens-pls, a Web Application to Test OAuth2 Code Flows"
3 description: "Announcing my new project, tokens-pls, which allows for easier manual testing with the OAuth2 code flow for Public Clients."
4 tags:
5 - indieauth
6 - oauth2
7 - token-pls
8 license_code: Apache-2.0
16 Since I've been working a bit more with Micropub and IndieAuth, I've always had cases where I've wanted to test things locally, which requires retrieving an access token.
18 Fortunately, the OAuth2 Authorization Code grant is pretty straightforward, so doing this locally with i.e. `curl` is an OK process to go through, as well as using a guided tool such as <span class="h-card"><a class="u-url" href="https://seblog.nl">Sebastiaan Andeweg</a></span>'s <a href="http://gimme-a-token.5eb.nl/">gimme-a-token.5eb.nl</a>.
20 However, with [Proof of Key Code Exchange (PKCE)](https://oauth.net/2/pkce/) support now a requirement of IndieAuth, gimme-a-token isn't applicable, and the logic to run this locally with `curl` is a bit more complex, so I looked to script it.
22 I was thinking of creating a small script to go through the OAuth2 flow locally, with me copying-and-pasting the callback URL with granted authorization code, but thought I'd think a bit better about making this as easy as possible.
24 I've created a Sinatra app, [tokens-pls](https://gitlab.com/jamietanna/tokens-pls) for this, which provides an easy tool for going through the Authorization Code flow for a [Public Client](https://tools.ietf.org/html/draft-ietf-oauth-v2-1-01#section-2.1), which is currently hosted on Heroku at [tokens-pls.herokuapp.com](https://tokens-pls.herokuapp.com).
index.md (https://github.com/backstage/backstage.git) Markdown · 118 lines
20 - [Azure](microsoft/provider.md)
21 - [GitHub](github/provider.md)
22 - [GitLab](gitlab/provider.md)
23 - [Google](google/provider.md)
24 - [Okta](okta/provider.md)
109 ## Adding a custom authentication provider
111 There are generic authentication providers for OAuth2 and SAML. These can reduce
112 the amount of code needed to implement a custom authentication provider that
113 adheres to these standards.
2018-05-03-gitlab-10-7-3-released.html.md (https://gitlab.com/syedahmedz1/www-gitlab-com) Markdown · 60 lines
24 - [Fix errors on pushing to an empty repository.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18462)
25 - [Update `doorkeeper` to 4.3.2 to fix GitLab OAuth authentication.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18543)
26 - [Ports `omniauth-jwt` gem onto GitLab OmniAuth Strategies suite.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18580)
29 - [Fix `file_store` for artifacts and lfs when saving.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18624)
30 - [Fix users not seeing labels from private groups when being a member of a child project.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18544)
32 Available in GitLab Starter, Premium, and Ultimate:
35 - [Geo: Admin page will not crash with 500 because of InvalidSignatureTimeError.](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/5495)
36 - [Fix DB LB errors when escaping input.](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/5481)
38 ## Omnibus GitLab
39 - [Add support for the -daemon-inplace-chroot command-line flag to GitLab Pages](https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/2483)
41 ## Upgrade barometer
registry.go (https://github.com/goharbor/harbor.git) Go · 197 lines
pages_spec.rb (https://gitlab.com/rymai/gitlab) Ruby · 257 lines
38 context 'authenticated' do
39 def query_host(host)
40 jwt_token = JWT.encode({ 'iss' => 'gitlab-pages' }, Gitlab::Pages.secret, 'HS256')
41 headers = { Gitlab::Pages::INTERNAL_API_REQUEST_HEADER => jwt_token }
112 query_host(serverless_domain.uri.host)
114 expect(response).to have_gitlab_http_status(:ok)
115 expect(response).to match_response_schema('internal/serverless/virtual_domain')
181 'source' => {
182 'type' => 'file',
183 'path' => 'gitlab-org/gitlab-ce/public/'
184 }
185 }
196 allow(Settings.pages).to receive(:host).and_return('gitlab-pages.io')
197 allow(Gitlab.config.pages).to receive(:url).and_return("http://gitlab-pages.io")
198 end
gitlab_controller.rb (https://gitlab.com/artofhuman/gitlab-ce) Ruby · 76 lines
36 if current_user.can?(:create_projects, target_namespace)
37 project = Gitlab::GitlabImport::ProjectCreator.new(repo, target_namespace, current_user, access_params).execute
39 if project.persisted?
51 def client
52 @client ||= Gitlab::GitlabImport::Client.new(session[:gitlab_access_token])
53 end
73 def access_params
74 { gitlab_access_token: session[:gitlab_access_token] }
75 end
76 end
github.md (https://github.com/akzhan/gitlabhq.git) Markdown · 38 lines
1 # GitHub OAuth2 OmniAuth Provider
3 To enable the GitHub OmniAuth provider you must register your application with GitHub. GitHub will generate a client ID and secret key for you to use.
8 4. Select "Register new application".
9 5. Provide the required details.
10 * Application name: This can be anything. Consider something like "\<Organization\>'s GitLab" or "\<Your Name\>'s GitLab" or something else descriptive.
11 * Homepage URL: The URL to your GitLab installation. 'https://gitlab.company.com'
12 * Application description: Fill this in if you wish.
13 * Authorization callback URL: 'https://gitlab.company.com/users/auth/github/callback'
14 6. Select "Register application".
15 7. You should now see a Client ID and Client Secret near the top right of the page (see screenshot). Keep this page open as you continue configuration. 
36 14. Restart GitLab for the changes to take effect.
38 On the sign in page there should now be a GitHub icon below the regular sign in form. Click the icon to begin the authentication process. GitHub will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
index.md (https://gitlab.com/artofhuman/gitlab-ce) Markdown · 48 lines
12 - [Security Webcast with Yubico](https://about.gitlab.com/2016/08/31/gitlab-and-yubico-security-webcast/)
13 - **Integrations:**
14 - [GitLab as OAuth2 authentication service provider](../../integration/oauth_provider.md#introduction-to-oauth)
15 - [GitLab as OpenID Connect identity provider](../../integration/openid_connect_provider.md)
23 - [How to Configure LDAP with GitLab CE](../../administration/auth/how_to_configure_ldap_gitlab_ce/index.md)
24 - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/)
25 - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/)
32 - [SAML OmniAuth Provider](../../integration/saml.md)
33 - [Okta SSO provider](../../administration/auth/okta.md)
34 - [Kerberos integration (GitLab EE)](https://docs.gitlab.com/ee/integration/kerberos.html)
36 ## API
39 - [Personal access tokens](../../api/README.md#personal-access-tokens)
40 - [Impersonation tokens](../../api/README.md#impersonation-tokens)
41 - [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider)
43 ## Third-party resources
snippets_controller.rb (https://gitlab.com/rymai/gitlab) Ruby · 167 lines
user.go (https://gitlab.com/vafl/vafl) Go · 117 lines
3 import (
4 "gitlab.com/vafl/vafl/utils"
5 "golang.org/x/net/context"
6 "golang.org/x/oauth2"
19 func (u *User) InitializeService() {
20 ctx := context.Background()
21 client := oauth2.NewClient(ctx, oauth2.StaticTokenSource(&oauth2.Token{AccessToken: u.AccessToken}))
23 srv, err := classroom.New(client)
README.md (https://gitlab.com/Munken/gitlab-ce) Markdown · 65 lines
1 # GitLab Integration
3 GitLab integrates with multiple third-party services to allow external issue
4 trackers and external authentication.
9 - [External issue tracker](external-issue-tracker.md) Redmine, JIRA, etc.
10 - [LDAP](ldap.md) Set up sign in via LDAP
11 - [OmniAuth](omniauth.md) Sign in via Twitter, GitHub, GitLab.com, Google, Bitbucket, Facebook, Shibboleth, SAML, Crowd and Azure
12 - [SAML](saml.md) Configure GitLab as a SAML 2.0 Service Provider
13 - [CAS](cas.md) Configure GitLab to sign in using CAS
14 - [OAuth2 provider](oauth_provider.md) OAuth2 application creation
15 - [Gmail actions buttons](gmail_action_buttons_for_gitlab.md) Adds GitLab actions to messages
18 - [Koding](../administration/integration/koding.md) Configure Koding to use IDE integration
20 GitLab Enterprise Edition contains [advanced Jenkins support][jenkins].
22 [jenkins]: http://docs.gitlab.com/ee/integration/jenkins.html
twitter.md (https://gitlab.com/markglenfletcher/gitlab-ee) Markdown · 84 lines
9 1. Fill in the application details.
10 - Name: This can be anything. Consider something like `<Organization>'s GitLab` or `<Your Name>'s GitLab` or
11 something else descriptive.
12 - Description: Create a description.
13 - Website: The URL to your GitLab installation. `https://gitlab.example.com`
14 - Callback URL: `https://gitlab.example.com/users/auth/twitter/callback`
79 installed GitLab via Omnibus or from source respectively.
81 On the sign in page there should now be a Twitter icon below the regular sign in form. Click the icon to begin the authentication process. Twitter will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
83 [reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
84 [restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
auth.rb (https://gitlab.com/tagyangyang/gitlab-ee) Ruby · 124 lines
1 module Gitlab
2 module Auth
3 Result = Struct.new(:user, :type)
25 if Devise.omniauth_providers.include?(:kerberos)
26 kerberos_user = Gitlab::Kerberos::Authentication.login(login, password)
27 return kerberos_user if kerberos_user
28 end
32 if user.nil? || user.ldap_user?
33 # Second chance - try LDAP authentication
34 return nil unless Gitlab::LDAP::Config.enabled?
36 Gitlab::LDAP::Authentication.login(login, password)
42 def rate_limit!(ip, success:, login:)
43 rate_limiter = Gitlab::Auth::IpRateLimiter.new(ip)
44 return unless rate_limiter.enabled?
events_spec.rb (https://gitlab.com/tbeadle/gitlab-ce) Ruby · 200 lines
15 get api('/events')
17 expect(response).to have_gitlab_http_status(401)
18 end
19 end
23 get api('/events?action=closed&target_type=issue&after=2016-12-1&before=2016-12-31', user)
25 expect(response).to have_gitlab_http_status(200)
26 expect(response).to include_pagination_headers
27 expect(json_response).to be_an Array
36 get api("/users/#{user.id}/events", other_user)
38 expect(response).to have_gitlab_http_status(200)
39 expect(json_response).to be_empty
40 end
icons_helper_spec.rb (https://gitlab.com/artofhuman/gitlab-ce) Ruby · 215 lines
index.md (https://gitlab.com/mehlah/gitlab-ce) Markdown · 48 lines
11 - [Security Webcast with Yubico](https://about.gitlab.com/2016/08/31/gitlab-and-yubico-security-webcast/)
12 - **Integrations:**
13 - [GitLab as OAuth2 authentication service provider](../../integration/oauth_provider.md#introduction-to-oauth)
14 - [GitLab as OpenID Connect identity provider](../../integration/openid_connect_provider.md)
22 - [How to Configure LDAP with GitLab CE](../../articles/how_to_configure_ldap_gitlab_ce/index.md)
23 - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/)
24 - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/)
31 - [SAML OmniAuth Provider](../../integration/saml.md)
32 - [Okta SSO provider](../../administration/auth/okta.md)
33 - [Kerberos integration (GitLab EE)](https://docs.gitlab.com/ee/integration/kerberos.html)
35 ## API
38 - [Private Tokens](../../api/README.md#private-tokens)
39 - [Impersonation tokens](../../api/README.md#impersonation-tokens)
40 - [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider)
42 ## Third-party resources
auth_helper.rb (https://gitlab.com/jacobvosmaer-gitlab/gitlab-ce) Ruby · 80 lines
1 module AuthHelper
2 PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook azure_oauth2 authentiq).freeze
3 FORM_BASED_PROVIDERS = [/\Aldap/, 'crowd'].freeze
5 def ldap_enabled?
6 Gitlab::LDAP::Config.enabled?
7 end
9 def omniauth_enabled?
10 Gitlab.config.omniauth.enabled
11 end
17 def auth_providers
18 Gitlab::OAuth::Provider.providers
19 end
overview.rst (https://gitlab.com/superiorthreads/django-allauth) ReStructuredText · 160 lines
README.md (https://gitlab.com/klml/gitlab-ee) Markdown · 52 lines
4 stage: Manage
5 group: Access
6 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
7 ---
9 # GitLab authentication and authorization **(FREE SELF)**
11 GitLab integrates with the following external authentication and authorization
22 - [Facebook](../../integration/facebook.md)
23 - [GitHub](../../integration/github.md)
24 - [GitLab.com](../../integration/gitlab.md)
25 - [Google OAuth](../../integration/google.md)
26 - [JWT](jwt.md)
email_receiver_worker.rb (https://gitlab.com/artofhuman/gitlab-ce) Ruby · 54 lines
6 def perform(raw)
7 return unless Gitlab::IncomingEmail.enabled?
9 begin
10 Gitlab::Email::Receiver.new(raw).execute
11 rescue => e
12 handle_failure(raw, e)
24 reason =
25 case error
26 when Gitlab::Email::UnknownIncomingEmail
27 "We couldn't figure out what the email is for. Please create your issue or comment through the web interface."
28 when Gitlab::Email::SentNotificationNotFoundError
gitlab_test.exs (https://github.com/pow-auth/assent.git) Elixir · 65 lines
1 defmodule Assent.Strategy.GitlabTest do
2 use Assent.Test.OAuth2TestCase
4 alias Assent.Strategy.Gitlab
6 # From https://docs.gitlab.com/ee/api/users.html#list-current-user-for-normal-users
32 %{"provider" => "github", "extern_uid" => "2435223452345"},
33 %{"provider" => "bitbucket", "extern_uid" => "john_smith"},
34 %{"provider" => "google_oauth2", "extern_uid" => "8776128412476123468721346"}
35 ],
36 "can_create_group" => true,
51 test "authorize_url/2", %{config: config} do
52 assert {:ok, %{url: url}} = Gitlab.authorize_url(config)
53 assert url =~ "/oauth/authorize?client_id="
54 end
DefaultProviderSettings.tsx (https://github.com/spotify/backstage.git) TypeScript · 89 lines
17 configApiRef,
18 githubAuthApiRef,
19 gitlabAuthApiRef,
20 googleAuthApiRef,
21 oauth2ApiRef,
57 />
58 )}
59 {providers.includes('gitlab') && (
60 <ProviderSettingsItem
61 title="Gitlab"
62 apiRef={gitlabAuthApiRef}
63 icon={Star}
64 />
78 />
79 )}
80 {providers.includes('oauth2') && (
81 <ProviderSettingsItem
82 title="YourOrg"
oauth_provider.md (https://gitlab.com/lavvy/artifacts-browser-demo) Markdown · 35 lines
1 ## GitLab as OAuth2 authentication service provider
3 This document is about using GitLab as an OAuth authentication service provider to sign into other services.
4 If you want to use other OAuth authentication service providers to sign into GitLab please see the [OAuth2 client documentation](../api/oauth2.md)
6 OAuth2 provides client applications a 'secure delegated access' to server resources on behalf of a resource owner. Or you can allow users to sign in to your application with their GitLab.com account.
7 In fact OAuth allows to issue access token to third-party clients by an authorization server,
8 with the approval of the resource owner, or end-user.
9 Mostly, OAuth2 is using for SSO (Single sign-on). But you can find a lot of different usages for this functionality.
10 For example, our feature 'GitLab Importer' is using OAuth protocol to give an access to repositories without sharing user credentials to GitLab.com account.
11 Also GitLab.com application can be used for authentication to your GitLab instance if needed [GitLab OmniAuth](gitlab.md).
13 GitLab has two ways to add new OAuth2 application to an instance, you can add application as regular user and through admin area. So GitLab actually can have an instance-wide and a user-wide applications. There is no defferences between them except the different permission levels.
services_controller.rb (https://gitlab.com/siemens/gitlab-ce) Ruby · 96 lines
google.md (https://gitlab.com/rymai/gitlab) Markdown · 120 lines
31 ```
32 https://gitlab.example.com/users/auth/google_oauth2/callback
33 https://gitlab.example.com/-/google_api/auth/callback
57 ```shell
58 sudo editor /etc/gitlab/gitlab.rb
59 ```
69 1. Add the provider configuration:
71 For Omnibus GitLab:
73 ```ruby
119 [reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
120 [restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
builder_spec.rb (https://gitlab.com/18dit020/gitlab) Ruby · 76 lines
3 require 'fast_spec_helper'
5 RSpec.describe Gitlab::APIAuthentication::Builder do
6 describe '#build' do
7 shared_examples 'builds the correct result' do |token_type:, sent_through:, builds:|
58 allow.token_types(:pat, :job, :deploy).sent_through(:http_basic, :oauth)
59 allow.token_types(:pat).sent_through(:http_private, :query_private)
60 allow.token_types(:oauth2).sent_through(:http_bearer, :query_access)
61 end
68 query_private: [:pat],
70 http_bearer: [:oauth2],
71 query_access: [:oauth2]
services_controller.rb (https://gitlab.com/AnhHoaHuynh93/gitlab) Ruby · 136 lines
index.md (https://gitlab.com/espadav8/gitlab-ce) Markdown · 48 lines
11 - [Security Webcast with Yubico](https://about.gitlab.com/2016/08/31/gitlab-and-yubico-security-webcast/)
12 - **Integrations:**
13 - [GitLab as OAuth2 authentication service provider](../../integration/oauth_provider.md#introduction-to-oauth)
15 ## GitLab administrators
21 - [How to Configure LDAP with GitLab CE](../../articles/how_to_configure_ldap_gitlab_ce/index.md)
22 - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/)
23 - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/)
37 - [Private Tokens](../../api/README.md#private-tokens)
38 - [Impersonation tokens](../../api/README.md#impersonation-tokens)
39 - [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider)
40 - [GitLab Runner API - Authentication](../../api/ci/runners.md#authentication)
42 ## Third-party resources
44 - [Kanboard Plugin GitLab Authentication](https://kanboard.net/plugin/gitlab-auth)
45 - [Jenkins GitLab OAuth Plugin](https://wiki.jenkins-ci.org/display/JENKINS/GitLab+OAuth+Plugin)
revoke_oauth_controller_spec.rb (https://gitlab.com/523/gitlab-ce) Ruby · 86 lines
6 include SessionHelpers
8 describe 'POST #create', :snowplow, :clean_gitlab_redis_sessions, :aggregate_failures do
9 let_it_be(:project) { create(:project, :public) }
10 let_it_be(:url) { project_google_cloud_revoke_oauth_index_path(project).to_s }
29 end
31 it 'redirects to Google OAuth2 authorize URL' do
32 sign_in(user)
40 context 'when revocation is successful' do
41 before do
42 stub_request(:post, "https://oauth2.googleapis.com/revoke")
43 .to_return(status: 200, body: "", headers: {})
44 end
questions.yml (https://github.com/rancher/charts.git) YAML · 210 lines
73 - variable: server.env.DRONE_GITLAB_CLIENT
74 default: ""
75 description: "GitLab oauth2 client id"
76 type: string
77 required: true
78 label: GitLab OAuth2 Client ID
79 show_if: "server.env.DRONE_PROVIDER=gitlab"
81 - variable: server.env.DRONE_GITLAB_SECRET
82 default: ""
83 description: "GitLab oauth2 client secret"
84 type: string
85 required: true
86 label: GitLab OAuth2 Client Secret
87 show_if: "server.env.DRONE_PROVIDER=gitlab"
auth_helper_spec.rb (https://gitlab.com/fuxu/gitlab-ce) Ruby · 79 lines
branches.rb (https://gitlab.com/solidnerd/gitlab-ce) Ruby · 179 lines
30 end
31 get ':id/repository/branches' do
32 Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42329')
34 repository = user_project.repository
66 # Note: This API will be deprecated in favor of the protected branches API.
67 # Note: The internal data model moved from `developers_can_{merge,push}` to `allowed_to_{merge,push}`
68 # in `gitlab-org/gitlab-ce!5081`. The API interface has not been changed (to maintain compatibility),
69 # but it works with the changed data model to infer `developers_can_merge` and `developers_can_push`.
70 desc 'Protect a single branch' do
ci_cd_controller.rb (https://gitlab.com/habukagumba/gitlab-ce) Ruby · 114 lines
auth_spec.rb (https://gitlab.com/jamedjo/gitlab-ce) Ruby · 243 lines
57 expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: user.username)
58 expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
59 end
143 expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip'))
144 .to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
145 end
154 expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip'))
155 .to eq(Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities))
156 end
157 end
jobs_controller.rb (https://gitlab.com/Ben305/gitlab-ce) Ruby · 147 lines
README.md (https://gitlab.com/leandroico/gitlab-ce) Markdown · 66 lines
1 # GitLab Integration
3 GitLab integrates with multiple third-party services to allow external issue
4 trackers and external authentication.
9 - [External issue tracker](external-issue-tracker.md) Redmine, JIRA, etc.
10 - [LDAP](ldap.md) Set up sign in via LDAP
11 - [OmniAuth](omniauth.md) Sign in via Twitter, GitHub, GitLab.com, Google, Bitbucket, Facebook, Shibboleth, SAML, Crowd, Azure and Authentiq ID
12 - [SAML](saml.md) Configure GitLab as a SAML 2.0 Service Provider
13 - [CAS](cas.md) Configure GitLab to sign in using CAS
14 - [OAuth2 provider](oauth_provider.md) OAuth2 application creation
15 - [Gmail actions buttons](gmail_action_buttons_for_gitlab.md) Adds GitLab actions to messages
19 - [PlantUML](../administration/integration/plantuml.md) Configure PlantUML to use diagrams in AsciiDoc documents.
21 GitLab Enterprise Edition contains [advanced Jenkins support][jenkins].
23 [jenkins]: http://docs.gitlab.com/ee/integration/jenkins.html
create_note_handler_spec.rb (https://gitlab.com/leandroico/gitlab-ce) Ruby · 179 lines
2 require_relative '../email_shared_blocks'
4 describe Gitlab::Email::Handler::CreateNoteHandler, lib: true do
5 include_context :email_shared_context
6 it_behaves_like :reply_processing_shared_examples
26 it "raises a UnknownIncomingEmail" do
27 expect { receiver.execute }.to raise_error(Gitlab::Email::UnknownIncomingEmail)
28 end
29 end
34 it "raises a SentNotificationNotFoundError" do
35 expect { receiver.execute }.to raise_error(Gitlab::Email::SentNotificationNotFoundError)
36 end
37 end
create_note_handler_spec.rb (https://gitlab.com/Ben305/gitlab-ce) Ruby · 177 lines
2 require_relative '../email_shared_blocks'
4 describe Gitlab::Email::Handler::CreateNoteHandler do
5 include_context :email_shared_context
6 it_behaves_like :reply_processing_shared_examples
26 it "raises a UnknownIncomingEmail" do
27 expect { receiver.execute }.to raise_error(Gitlab::Email::UnknownIncomingEmail)
28 end
29 end
34 it "raises a SentNotificationNotFoundError" do
35 expect { receiver.execute }.to raise_error(Gitlab::Email::SentNotificationNotFoundError)
36 end
37 end
index.md (https://gitlab.com/joe.rocklin/gitlab-ce) Markdown · 48 lines
11 - [Security Webcast with Yubico](https://about.gitlab.com/2016/08/31/gitlab-and-yubico-security-webcast/)
12 - **Integrations:**
13 - [GitLab as OAuth2 authentication service provider](../../integration/oauth_provider.md#introduction-to-oauth)
15 ## GitLab administrators
21 - [How to Configure LDAP with GitLab CE](../../articles/how_to_configure_ldap_gitlab_ce/index.md)
22 - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/articles/how_to_configure_ldap_gitlab_ee/)
23 - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/)
37 - [Private Tokens](../../api/README.md#private-tokens)
38 - [Impersonation tokens](../../api/README.md#impersonation-tokens)
39 - [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider)
40 - [GitLab Runner API - Authentication](../../api/ci/runners.md#authentication)
42 ## Third-party resources
44 - [Kanboard Plugin GitLab Authentication](https://kanboard.net/plugin/gitlab-auth)
45 - [Jenkins GitLab OAuth Plugin](https://wiki.jenkins-ci.org/display/JENKINS/GitLab+OAuth+Plugin)
receiver_spec.rb (https://gitlab.com/liushooter/gitlab-ce) Ruby · 164 lines
1 require "spec_helper"
3 describe Gitlab::Email::Receiver, lib: true do
4 before do
5 stub_incoming_email_setting(enabled: true, address: "reply+%{key}@appmail.adventuretime.ooo")
22 it "raises a SentNotificationNotFoundError" do
23 expect { receiver.execute }.to raise_error(Gitlab::Email::Receiver::SentNotificationNotFoundError)
24 end
25 end
30 it "raises a SentNotificationNotFoundError" do
31 expect { receiver.execute }.to raise_error(Gitlab::Email::Receiver::SentNotificationNotFoundError)
32 end
33 end
LoginServiceModelMapping.swift (https://github.com/RocketChat/Rocket.Chat.iOS.git) Swift · 164 lines
44 case .google: mapGoogle()
45 case .facebook: mapFacebook()
46 case .gitlab: mapGitLab()
47 case .github: mapGitHub()
48 case .linkedin: mapLinkedIn()
64 serverUrl = "https://accounts.google.com"
65 tokenPath = "/login/oauth/access_token"
66 authorizePath = "/o/oauth2/v2/auth"
67 buttonLabelText = "google"
68 buttonLabelColor = "#ffffff"
84 }
86 func mapGitLab() {
87 service = "gitlab"
88 scope = "read_user"
90 serverUrl = "https://gitlab.com"
91 tokenPath = "/oauth/token"
92 authorizePath = "/oauth/authorize"
labels_controller.rb (https://gitlab.com/Stretch96/gitlab-ce) Ruby · 181 lines
google.md (git://github.com/gitlabhq/gitlabhq.git) Markdown · 117 lines
31 ```plaintext
32 https://gitlab.example.com/users/auth/google_oauth2/callback
33 https://gitlab.example.com/-/google_api/auth/callback
57 ```shell
58 sudo editor /etc/gitlab/gitlab.rb
59 ```
69 1. Add the provider configuration:
71 For Omnibus GitLab:
73 ```ruby
110 1. Save the configuration file.
111 1. [Reconfigure](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) or [restart GitLab](../administration/restart_gitlab.md#installations-from-source) for the changes to take effect if you
112 installed GitLab via Omnibus or from source respectively.
operations_controller.rb (https://gitlab.com/gitlab-r2devops/gitlab-foss) Ruby · 163 lines
57 def track_events(result)
58 if result[:status] == :success
59 ::Gitlab::Tracking::IncidentManagement.track_from_params(
60 update_params[:incident_management_setting_attributes]
61 )
70 return unless external_url_previous_change[0].blank? && external_url_previous_change[1].present?
72 ::Gitlab::Tracking.event('project:operations:tracing', 'external_url_populated', user: current_user, project: project, namespace: project.namespace)
73 end
135 def permitted_project_params
136 project_params = {
137 incident_management_setting_attributes: ::Gitlab::Tracking::IncidentManagement.tracking_keys.keys,
139 metrics_setting_attributes: [:external_dashboard_url, :dashboard_timezone],
api_guard.rb (https://gitlab.com/beverett/gitlab-ce) Ruby · 126 lines
40 # Helper Methods for Grape Endpoint
41 module HelperMethods
42 include Gitlab::Auth::UserAuthFinders
44 def find_current_user!
46 return unless user
48 forbidden!('User is blocked') unless Gitlab::UserAccess.new(user).allowed? && user.can?(:access_api)
50 user
85 Gitlab::Auth::InsufficientScopeError]
87 base.__send__(:rescue_from, *error_classes, oauth2_bearer_token_error_handler) # rubocop:disable GitlabSecurity/PublicSend
88 end
92 response =
93 case e
94 when Gitlab::Auth::MissingTokenError
95 Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new
client_spec.rb (https://gitlab.com/gitlab-r2devops/gitlab-foss) Ruby · 120 lines
3 require 'spec_helper'
5 RSpec.describe Gitlab::LegacyGithubImport::Client do
6 let(:token) { '123456' }
7 let(:github_provider) { Settingslogic.new('app_id' => 'asd123', 'app_secret' => 'asd123', 'name' => 'github', 'args' => { 'client_options' => {} }) }
12 before do
13 allow(Gitlab.config.omniauth).to receive(:providers).and_return([github_provider])
14 end
16 it 'convert OAuth2 client options to symbols' do
17 expect(client.client.options.keys).to all(be_kind_of(Symbol))
18 end
google.md (https://gitlab.com/wolfgang42/gitlab-ce) Markdown · 120 lines
31 ```
32 https://gitlab.example.com/users/auth/google_oauth2/callback
33 https://gitlab.example.com/-/google_api/auth/callback
57 ```sh
58 sudo editor /etc/gitlab/gitlab.rb
59 ```
69 1. Add the provider configuration:
71 For Omnibus GitLab:
73 ```ruby
119 [reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
120 [restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
servicenow.md (https://gitlab.com/klml/gitlab-ee) Markdown · 41 lines
12 ## GitLab spoke
14 With the GitLab spoke in ServiceNow, you can automate actions for GitLab
15 projects, groups, users, issues, merge requests, branches, and repositories.
18 [GitLab spoke documentation](https://docs.servicenow.com/bundle/orlando-servicenow-platform/page/administer/integrationhub-store-spokes/concept/gitlab-spoke.html).
20 You must [configure GitLab as an OAuth2 authentication service provider](../../../integration/oauth_provider.md),
21 which involves creating an application and then providing the Application ID
22 and Secret in ServiceNow.
24 ## GitLab SCM and Continuous Integration for DevOps
26 In ServiceNow DevOps, you can integrate with GitLab repositories and GitLab CI/CD
27 to centralize your view of GitLab activity and your change management processes.
40 - [GitLab SCM and Continuous Integration for DevOps](https://store.servicenow.com/sn_appstore_store.do#!/store/application/54dc4eacdbc2dcd02805320b7c96191e/)
41 - [Model a GitLab CI pipeline in DevOps](https://docs.servicenow.com/bundle/paris-devops/page/product/enterprise-dev-ops/task/model-gitlab-pipeline-dev-ops.html).
application_controller_spec.rb (https://gitlab.com/certik/gitlab-ce) Ruby · 422 lines
issuable_actions.rb (https://gitlab.com/mehlah/gitlab-ce) Ruby · 167 lines
38 def realtime_changes
39 Gitlab::PollingInterval.set_header(response, interval: 3_000)
41 response = {
59 issuable.destroy
60 destroy_method = "destroy_#{issuable.class.name.underscore}".to_sym
61 TodoService.new.public_send(destroy_method, issuable, current_user) # rubocop:disable GitlabSecurity/PublicSend
63 name = issuable.human_class_name
omniauth_callbacks_controller.rb (https://gitlab.com/habukagumba/gitlab-ce) Ruby · 192 lines
9 def handle_omniauth
10 omniauth_flow(Gitlab::Auth::OAuth)
11 end
40 def saml
41 omniauth_flow(Gitlab::Auth::Saml)
42 end
109 def handle_service_ticket(provider, ticket)
110 Gitlab::Auth::OAuth::Session.create provider, ticket
111 session[:service_tickets] ||= {}
112 session[:service_tickets][provider] = ticket
routes.rb (https://gitlab.com/hutusi/gitlab-ci.git) Ruby · 87 lines
connection.rb (https://gitlab.com/alexkeramidas/gitlab-ce) Ruby · 67 lines
41 def client
42 @client ||= OAuth2::Client.new(provider.app_id, provider.app_secret, options)
43 end
45 def connection
46 @connection ||= OAuth2::AccessToken.new(client, @token, refresh_token: @refresh_token, expires_at: @expires_at, expires_in: @expires_in)
47 end
59 def provider
60 Gitlab::Auth::OAuth::Provider.config_for('bitbucket')
61 end
auth_helper.rb (https://gitlab.com/sbeleidy/gitlab-ee) Ruby · 74 lines
1 module AuthHelper
2 PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook azure_oauth2).freeze
3 FORM_BASED_PROVIDERS = [/\Aldap/, 'kerberos', 'crowd'].freeze
5 def ldap_enabled?
6 Gitlab.config.ldap.enabled
7 end
13 def omniauth_enabled?
14 Gitlab.config.omniauth.enabled
15 end
21 def auth_providers
22 Gitlab::OAuth::Provider.providers
23 end
service_accounts_controller_spec.rb (https://github.com/gitlabhq/gitlabhq.git) Ruby · 248 lines
60 )
62 expect(response).to have_gitlab_http_status(:not_found)
63 end
64 end
78 )
80 expect(response).to have_gitlab_http_status(:not_found)
81 end
82 end
209 end
211 context 'but gitlab instance is not configured for google oauth2' do
212 before do
213 unconfigured_google_oauth2 = Struct.new(:app_id, :app_secret)
omniauth_callbacks_controller.rb (https://gitlab.com/webx32/gitlab) Ruby · 96 lines
4 protect_from_forgery except: [:kerberos, :saml]
6 Gitlab.config.omniauth.providers.each do |provider|
7 define_method provider['name'] do
8 handle_omniauth
23 # if the authentication to LDAP was successful.
24 def ldap
25 @user = Gitlab::LDAP::User.new(oauth)
26 @user.save if @user.changed? # will also save new users
27 gl_user = @user.gl_user
53 redirect_to profile_account_path, notice: '认证方法已更新'
54 else
55 @user = Gitlab::OAuth::User.new(oauth)
56 @user.save
twitter.md (https://gitlab.com/atanasmihaylov/gitlab-ce) Markdown · 79 lines
9 1. Fill in the application details.
10 - Name: This can be anything. Consider something like "\<Organization\>'s GitLab" or "\<Your Name\>'s GitLab" or
11 something else descriptive.
12 - Description: Create a description.
13 - Website: The URL to your GitLab installation. 'https://gitlab.example.com'
14 - Callback URL: 'https://gitlab.example.com/users/auth/twitter/callback'
36 ```sh
37 sudo editor /etc/gitlab/gitlab.rb
38 ```
77 1. Restart GitLab for the changes to take effect.
79 On the sign in page there should now be a Twitter icon below the regular sign in form. Click the icon to begin the authentication process. Twitter will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
omniauth_callbacks_controller.rb (https://gitlab.com/YarNayar/gitlab-ce) Ruby · 158 lines
5 protect_from_forgery except: [:kerberos, :saml, :cas3]
7 Gitlab.config.omniauth.providers.each do |provider|
8 define_method provider['name'] do
9 handle_omniauth
24 # if the authentication to LDAP was successful.
25 def ldap
26 ldap_user = Gitlab::LDAP::User.new(oauth)
27 ldap_user.save if ldap_user.changed? # will also save new users
56 end
57 else
58 saml_user = Gitlab::Saml::User.new(oauth)
59 saml_user.save if saml_user.changed?
60 @user = saml_user.gl_user
README.md (https://gitlab.com/sbeleidy/gitlab-ee) Markdown · 63 lines
1 # GitLab Integration
3 GitLab integrates with multiple third-party services to allow external issue
12 - [OmniAuth](omniauth.md) Sign in via Twitter, GitHub, GitLab.com, Google, Bitbucket, Facebook, Shibboleth, SAML, Crowd and Azure
13 - [SAML](saml.md) Configure GitLab as a SAML 2.0 Service Provider
14 - [CAS](cas.md) Configure GitLab to sign in using CAS
15 - [Slack](slack.md) Integrate with the Slack chat service
16 - [Kerberos](kerberos.md) Integrate with Kerberos
17 - [OAuth2 provider](oauth_provider.md) OAuth2 application creation
18 - [Gmail actions buttons](gmail_action_buttons_for_gitlab.md) Adds GitLab actions to messages
19 - [reCAPTCHA](recaptcha.md) Configure GitLab to use Google reCAPTCHA for new users
20 - [Akismet](akismet.md) Configure Akismet to stop spam
22 GitLab Enterprise Edition contains [advanced Jenkins support][jenkins].
24 [jenkins]: http://doc.gitlab.com/ee/integration/jenkins.html
bitbucket_controller_spec.rb (https://gitlab.com/joe.rocklin/gitlab-ce) Ruby · 271 lines
32 expires_in: expires_in,
33 refresh_token: refresh_token)
34 allow_any_instance_of(OAuth2::Client).
35 to receive(:get_token).and_return(access_token)
36 stub_omniauth_provider('bitbucket')
93 context "when the repository owner is the Bitbucket user" do
94 context "when the Bitbucket user and GitLab user's usernames match" do
95 it "takes the current user's namespace" do
96 expect(Gitlab::BitbucketImport::ProjectCreator).
102 end
104 context "when the Bitbucket user and GitLab user's usernames don't match" do
105 let(:bitbucket_username) { "someone_else" }
twitter.md (https://gitlab.com/sacuiu.andy/gitlab-ce) Markdown · 79 lines
9 1. Fill in the application details.
10 - Name: This can be anything. Consider something like `<Organization>'s GitLab` or `<Your Name>'s GitLab` or
11 something else descriptive.
12 - Description: Create a description.
13 - Website: The URL to your GitLab installation. 'https://gitlab.example.com'
14 - Callback URL: 'https://gitlab.example.com/users/auth/twitter/callback'
36 ```sh
37 sudo editor /etc/gitlab/gitlab.rb
38 ```
77 1. Restart GitLab for the changes to take effect.
79 On the sign in page there should now be a Twitter icon below the regular sign in form. Click the icon to begin the authentication process. Twitter will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
README.md (https://gitlab.com/svansteenis/gitlab-ee) Markdown · 63 lines
1 # GitLab Integration
3 GitLab integrates with multiple third-party services to allow external issue
12 - [OmniAuth](omniauth.md) Sign in via Twitter, GitHub, GitLab.com, Google, Bitbucket, Facebook, Shibboleth, SAML, Crowd and Azure
13 - [SAML](saml.md) Configure GitLab as a SAML 2.0 Service Provider
14 - [CAS](cas.md) Configure GitLab to sign in using CAS
15 - [Slack](slack.md) Integrate with the Slack chat service
16 - [Kerberos](kerberos.md) Integrate with Kerberos
17 - [OAuth2 provider](oauth_provider.md) OAuth2 application creation
18 - [Gmail actions buttons](gmail_action_buttons_for_gitlab.md) Adds GitLab actions to messages
19 - [reCAPTCHA](recaptcha.md) Configure GitLab to use Google reCAPTCHA for new users
20 - [Akismet](akismet.md) Configure Akismet to stop spam
22 GitLab Enterprise Edition contains [advanced Jenkins support][jenkins].
24 [jenkins]: http://docs.gitlab.com/ee/integration/jenkins.html
oauth_provider.md (https://gitlab.com/artofhuman/gitlab-ce) Markdown · 89 lines
1 # GitLab as OAuth2 authentication service provider
3 This document is about using GitLab as an OAuth authentication service provider
8 - Other OAuth authentication service providers to sign in to
9 GitLab, see the [OAuth2 client documentation](omniauth.md).
10 - The related API, see [Applications API](../api/applications.md).
19 OAuth is mostly used as a Single Sign-On service (SSO), but you can find a
20 lot of different uses for this functionality. For example, you can allow users
21 to sign in to your application with their GitLab.com account, or GitLab.com
22 can be used for authentication to your GitLab instance
33 applications. There is no difference between them except for the different
34 permission levels they are set (user/admin). The default callback URL is
35 `http://your-gitlab.example.com/users/auth/gitlab/callback`
37 ## Adding an application through the profile
project_creator.rb (https://gitlab.com/demisxbar/gitlab-ce) Ruby · 30 lines
provider.rb (https://gitlab.com/liushooter/gitlab-ce) Ruby · 38 lines
1 module Gitlab
2 module OAuth
3 class Provider
4 LABELS = {
5 "github" => "GitHub",
6 "gitlab" => "GitLab.com",
7 "google_oauth2" => "Google"
23 name = name.to_s
24 if ldap_provider?(name)
25 Gitlab::LDAP::Config.new(name).options
26 else
27 Gitlab.config.omniauth.providers.find { |provider| provider.name == name }
client.rb (https://gitlab.com/liushooter/gitlab-ce) Ruby · 82 lines
gitlab_controller.rb (https://gitlab.com/SaiAshirwadInformatia/gitlab-ce) Ruby · 66 lines
32 if current_user.can?(:create_projects, @target_namespace)
33 @project = Gitlab::GitlabImport::ProjectCreator.new(repo, @target_namespace, current_user, access_params).execute
34 else
35 render 'unauthorized'
41 def client
42 @client ||= Gitlab::GitlabImport::Client.new(session[:gitlab_access_token])
43 end
63 def access_params
64 { gitlab_access_token: session[:gitlab_access_token] }
65 end
66 end
accounts_controller_spec.rb (https://github.com/gitlabhq/gitlabhq.git) Ruby · 62 lines
14 delete :unlink, params: { provider: 'github' }
16 expect(response).to have_gitlab_http_status(:not_found)
17 end
26 delete :unlink, params: { provider: provider.to_s }
28 expect(response).to have_gitlab_http_status(:found)
29 expect(user.reload.identities).to include(identity)
30 end
32 end
34 [:twitter, :facebook, :google_oauth2, :gitlab, :github, :bitbucket, :crowd, :auth0, :authentiq, :dingtalk, :alicloud].each do |provider|
35 describe "#{provider} provider" do
36 let(:user) { create(:omniauth_user, provider: provider.to_s) }
snippets_controller.rb (https://gitlab.com/markglenfletcher/gitlab-ee) Ruby · 126 lines
client.rb (https://gitlab.com/SaiAshirwadInformatia/gitlab-ce) Ruby · 82 lines
server.go (https://github.com/vx3r/wg-gen-web.git) Go · 94 lines
4 "github.com/gin-gonic/gin"
5 log "github.com/sirupsen/logrus"
6 "gitlab.127-0-0-1.fr/vx3r/wg-gen-web/auth"
7 "gitlab.127-0-0-1.fr/vx3r/wg-gen-web/core"
49 // get update user from token and add to server infos
50 oauth2Token := c.MustGet("oauth2Token").(*oauth2.Token)
51 oauth2Client := c.MustGet("oauth2Client").(auth.Auth)
52 user, err := oauth2Client.UserInfo(oauth2Token)
53 if err != nil {
54 log.WithFields(log.Fields{
55 "oauth2Token": oauth2Token,
56 "err": err,
57 }).Error("failed to get user with oauth token")
2019-02-07-gitlab-11-7-5-released.html.md.erb (https://gitlab.com/syedahmedz1/www-gitlab-com) Ruby HTML · 46 lines
16 ## GitLab Community Edition and Enterprise Edition
18 - [Fix import handling errors in Bitbucket Server importer.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24499)
19 - [Adjusts suggestions unable to be applied.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24603)
20 - [Fix 500 errors with legacy appearance logos.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24615)
21 - [Fix form functionality for edit tag page.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24645)
22 - Update Workhorse to v8.0.2.
23 - [Downcase aliased OAuth2 callback providers.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24877)
24 - [Fix Detect Host Keys not working.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24884)
25 - [Changed external wiki query method to prevent attribute caching.](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24907)
27 ## Upgrade barometer
index.md (https://gitlab.com/haynes/gitlab-ee.git) Markdown · 49 lines
11 - [Support for Universal 2nd Factor Authentication - YubiKeys](https://about.gitlab.com/2016/06/22/gitlab-adds-support-for-u2f/)
12 - [Security Webcast with Yubico](https://about.gitlab.com/2016/08/31/gitlab-and-yubico-security-webcast/)
13 - **Integrations:**
14 - [GitLab as OAuth2 authentication service provider](../../integration/oauth_provider.md#introduction-to-oauth)
21 - [Enforce Two-factor Authentication (2FA)](../../security/two_factor_authentication.md#enforce-two-factor-authentication-2fa)
22 - **Articles:**
23 - [How to Configure LDAP with GitLab CE](../../administration/auth/how_to_configure_ldap_gitlab_ce/index.md)
24 - [How to Configure LDAP with GitLab EE](../../administration/auth/how_to_configure_ldap_gitlab_ee/index.md)
32 - [SAML OmniAuth Provider](../../integration/saml.md)
33 - [Okta SSO provider](../../administration/auth/okta.md)
34 - [Kerberos integration (GitLab EE)](https://docs.gitlab.com/ee/integration/kerberos.html)
36 ## API
39 - [Private Tokens](../../api/README.md#private-tokens)
40 - [Impersonation tokens](../../api/README.md#impersonation-tokens)
41 - [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider)
43 ## Third-party resources
twitter.md (https://gitlab.com/artofhuman/gitlab-ce) Markdown · 83 lines
9 1. Fill in the application details.
10 - Name: This can be anything. Consider something like `<Organization>'s GitLab` or `<Your Name>'s GitLab` or
11 something else descriptive.
12 - Description: Create a description.
13 - Website: The URL to your GitLab installation. 'https://gitlab.example.com'
14 - Callback URL: 'https://gitlab.example.com/users/auth/twitter/callback'
78 installed GitLab via Omnibus or from source respectively.
80 On the sign in page there should now be a Twitter icon below the regular sign in form. Click the icon to begin the authentication process. Twitter will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
82 [reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
83 [restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
gitlab_controller.rb (https://gitlab.com/effigies/gitlab-ce) Ruby · 67 lines
35 namespace = get_or_create_namespace || (render and return)
37 @project = Gitlab::GitlabImport::ProjectCreator.new(repo, namespace, current_user, access_params).execute
38 end
42 def client
43 @client ||= Gitlab::GitlabImport::Client.new(session[:gitlab_access_token])
44 end
64 def access_params
65 { gitlab_access_token: session[:gitlab_access_token] }
66 end
67 end
facebook.md (https://gitlab.com/atanasmihaylov/gitlab-ce) Markdown · 97 lines
1 # Facebook OAuth2 OmniAuth Provider
3 To enable the Facebook OmniAuth provider you must register your application with Facebook. Facebook will generate an app ID and secret key for you to use.
9 1. Select the type "Website"
11 1. Enter a name for your app. This can be anything. Consider something like "<Organization>'s GitLab" or "<Your Name>'s GitLab" or
12 something else descriptive.
54 ```sh
55 sudo editor /etc/gitlab/gitlab.rb
56 ```
95 1. Restart GitLab for the changes to take effect.
97 On the sign in page there should now be a Facebook icon below the regular sign in form. Click the icon to begin the authentication process. Facebook will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
azure.md (https://gitlab.com/atanasmihaylov/gitlab-ce) Markdown · 83 lines
17 1. On the "App properties" page enter the needed URI's and click the "Complete" button.
18 - SIGN-IN URL: Enter the URL of your GitLab installation (e.g 'https://gitlab.mycompany.com/')
19 - APP ID URI: Enter the endpoint URL for Microsoft to use, just has to be unique (e.g 'https://mycompany.onmicrosoft.com/gitlab')
21 1. Select "Configure" in the top menu.
23 1. Add a "Reply URL" pointing to the Azure OAuth callback of your GitLab installation (e.g. https://gitlab.mycompany.com/users/auth/azure_oauth2/callback).
25 1. Create a "Client secret" by selecting a duration, the secret will be generated as soon as you click the "Save" button in the bottom menu..
37 ```sh
38 sudo editor /etc/gitlab/gitlab.rb
39 ```
81 1. Restart GitLab for the changes to take effect.
83 On the sign in page there should now be a Microsoft icon below the regular sign in form. Click the icon to begin the authentication process. Microsoft will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
Gitlab.php (https://gitlab.com/x33n/kanboard) PHP · 122 lines
31 *
32 * @access public
33 * @param string $gitlab_id Gitlab user id
34 * @return boolean
35 */
36 public function authenticate($gitlab_id)
37 {
38 $user = $this->user->getByGitlabId($gitlab_id);
40 if (! empty($user)) {
58 return $this->user->update(array(
59 'id' => $user_id,
60 'gitlab_id' => '',
61 ));
62 }
facebook.md (https://gitlab.com/artofhuman/gitlab-ce) Markdown · 101 lines
9 1. Select the type "Website"
11 1. Enter a name for your app. This can be anything. Consider something like "<Organization>'s GitLab" or "<Your Name>'s GitLab" or
12 something else descriptive.
54 ```sh
55 sudo editor /etc/gitlab/gitlab.rb
56 ```
96 installed GitLab via Omnibus or from source respectively.
98 On the sign in page there should now be a Facebook icon below the regular sign in form. Click the icon to begin the authentication process. Facebook will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
100 [reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
101 [restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
README.md (https://gitlab.com/iOrange/gitlab-ee) Markdown · 63 lines
1 # GitLab Integration
3 GitLab integrates with multiple third-party services to allow external issue
12 - [OmniAuth](omniauth.md) Sign in via Twitter, GitHub, GitLab.com, Google, Bitbucket, Facebook, Shibboleth, SAML, Crowd and Azure
13 - [SAML](saml.md) Configure GitLab as a SAML 2.0 Service Provider
14 - [CAS](cas.md) Configure GitLab to sign in using CAS
15 - [Kerberos](kerberos.md) Integrate with Kerberos
16 - [OAuth2 provider](oauth_provider.md) OAuth2 application creation
17 - [Gmail actions buttons](gmail_action_buttons_for_gitlab.md) Adds GitLab actions to messages
18 - [reCAPTCHA](recaptcha.md) Configure GitLab to use Google reCAPTCHA for new users
19 - [Akismet](akismet.md) Configure Akismet to stop spam
20 - [Koding](koding.md) Configure Koding to use IDE integration
22 GitLab Enterprise Edition contains [advanced Jenkins support][jenkins].
24 [jenkins]: http://docs.gitlab.com/ee/integration/jenkins.html