diff options
author | Valery Sizov <vsv2711@gmail.com> | 2015-08-31 13:59:52 +0300 |
---|---|---|
committer | Valery Sizov <vsv2711@gmail.com> | 2015-09-02 12:42:01 +0300 |
commit | 3700e5a9607ba9980940a29d275e22034538473d (patch) | |
tree | e781dc06aba5c73b979295eb124b1ef68c1f20aa | |
parent | 6f19e8799e4c8233b01068bf6b5406b0ba1d1105 (diff) | |
download | gitlab-ce-3700e5a9607ba9980940a29d275e22034538473d.tar.gz |
Crowd integration
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | Gemfile | 1 | ||||
-rw-r--r-- | Gemfile.lock | 5 | ||||
-rw-r--r-- | app/controllers/sessions_controller.rb | 2 | ||||
-rw-r--r-- | app/helpers/auth_helper.rb | 6 | ||||
-rw-r--r-- | app/views/devise/sessions/_new_crowd.html.haml | 9 | ||||
-rw-r--r-- | app/views/devise/shared/_signin_box.html.haml | 10 | ||||
-rw-r--r-- | config/gitlab.yml.example | 5 | ||||
-rw-r--r-- | config/initializers/devise.rb | 2 | ||||
-rw-r--r-- | doc/integration/crowd.md | 58 | ||||
-rw-r--r-- | doc/integration/omniauth.md | 1 |
11 files changed, 96 insertions, 4 deletions
diff --git a/CHANGELOG b/CHANGELOG index 0c401a99d48..d8733174b03 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -34,6 +34,7 @@ v 8.0.0 (unreleased) - Added Drone CI integration (Kirill Zaitsev) - Refactored service API and added automatically service docs generator (Kirill Zaitsev) - Added web_url key project hook_attrs (Kirill Zaitsev) + - Add support for Crowd v 7.14.1 - Improve abuse reports management from admin area @@ -25,6 +25,7 @@ gem 'omniauth-kerberos', group: :kerberos gem 'omniauth-gitlab' gem 'omniauth-bitbucket' gem 'omniauth-saml', '~> 1.4.0' +gem 'omniauth_crowd' gem 'doorkeeper', '2.1.3' gem "rack-oauth2", "~> 1.0.5" diff --git a/Gemfile.lock b/Gemfile.lock index 2450b95d973..78affaeaa7b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -434,6 +434,10 @@ GEM omniauth-twitter (1.0.1) multi_json (~> 1.3) omniauth-oauth (~> 1.0) + omniauth_crowd (2.2.3) + activesupport + nokogiri (>= 1.4.4) + omniauth (~> 1.0) opennebula (4.12.1) json nokogiri @@ -821,6 +825,7 @@ DEPENDENCIES omniauth-saml (~> 1.4.0) omniauth-shibboleth omniauth-twitter + omniauth_crowd org-ruby (= 0.9.12) pg poltergeist (~> 1.6.0) diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 8389f07a3bd..cfa565cd03e 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -8,6 +8,8 @@ class SessionsController < Devise::SessionsController def new if Gitlab.config.ldap.enabled @ldap_servers = Gitlab::LDAP::Config.servers + else + @ldap_servers = [] end super diff --git a/app/helpers/auth_helper.rb b/app/helpers/auth_helper.rb index 0e7a37b4cc6..d9502181c4f 100644 --- a/app/helpers/auth_helper.rb +++ b/app/helpers/auth_helper.rb @@ -1,6 +1,6 @@ module AuthHelper PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2).freeze - FORM_BASED_PROVIDERS = [/\Aldap/, 'kerberos'].freeze + FORM_BASED_PROVIDERS = [/\Aldap/, 'kerberos', 'crowd'].freeze def ldap_enabled? Gitlab.config.ldap.enabled @@ -26,6 +26,10 @@ module AuthHelper auth_providers.select { |provider| form_based_provider?(provider) } end + def crowd_enabled? + auth_providers.include? :crowd + end + def button_based_providers auth_providers.reject { |provider| form_based_provider?(provider) } end diff --git a/app/views/devise/sessions/_new_crowd.html.haml b/app/views/devise/sessions/_new_crowd.html.haml new file mode 100644 index 00000000000..4974bb7f7fb --- /dev/null +++ b/app/views/devise/sessions/_new_crowd.html.haml @@ -0,0 +1,9 @@ += form_tag(user_omniauth_authorize_path("crowd"), id: 'new_crowd_user' ) do + = text_field_tag :username, nil, {class: "form-control top", placeholder: "Username", autofocus: "autofocus"} + = password_field_tag :password, nil, {class: "form-control bottom", placeholder: "Password"} + - if devise_mapping.rememberable? + .remember-me.checkbox + %label{for: "remember_me"} + = check_box_tag :remember_me, '1', false, id: 'remember_me' + %span Remember me + = button_tag "Sign in", class: "btn-save btn"
\ No newline at end of file diff --git a/app/views/devise/shared/_signin_box.html.haml b/app/views/devise/shared/_signin_box.html.haml index bb5e479697d..41ad2c231d4 100644 --- a/app/views/devise/shared/_signin_box.html.haml +++ b/app/views/devise/shared/_signin_box.html.haml @@ -8,15 +8,21 @@ .login-body - if form_based_providers.any? %ul.nav.nav-tabs + - if crowd_enabled? + %li.active + = link_to "Crowd", "#tab-crowd", 'data-toggle' => 'tab' - @ldap_servers.each_with_index do |server, i| - %li{class: (:active if i.zero?)} + %li{class: (:active if i.zero? && !crowd_enabled?)} = link_to server['label'], "#tab-#{server['provider_name']}", 'data-toggle' => 'tab' - if signin_enabled? %li = link_to 'Standard', '#tab-signin', 'data-toggle' => 'tab' .tab-content + - if crowd_enabled? + %div.tab-pane.active{id: "tab-crowd"} + = render 'devise/sessions/new_crowd' - @ldap_servers.each_with_index do |server, i| - %div.tab-pane{id: "tab-#{server['provider_name']}", class: (:active if i.zero?)} + %div.tab-pane{id: "tab-#{server['provider_name']}", class: (:active if i.zero? && !crowd_enabled?)} = render 'devise/sessions/new_ldap', server: server - if signin_enabled? %div#tab-signin.tab-pane diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index c7b60a1d4b1..9eb99dae456 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -246,6 +246,11 @@ production: &base # issuer: 'https://gitlab.example.com', # name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient' # } } + # - { name: 'crowd', + # args: { + # crowd_server_url: 'CROWD SERVER URL', + # application_name: 'YOUR_APP_NAME', + # application_password: 'YOUR_APP_PASSWORD' } } diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 091548348b1..2ce24592f8b 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -238,7 +238,7 @@ Devise.setup do |config| provider_arguments.concat provider['args'] when Hash # A Hash from the configuration will be passed as is. - provider_arguments << provider['args'] + provider_arguments << provider['args'].symbolize_keys end config.omniauth provider['name'].to_sym, *provider_arguments diff --git a/doc/integration/crowd.md b/doc/integration/crowd.md new file mode 100644 index 00000000000..2ecc8795ac1 --- /dev/null +++ b/doc/integration/crowd.md @@ -0,0 +1,58 @@ +# Crowd OmniAuth Provider + +To enable the Crowd OmniAuth provider you must register your application with Crowd. To configure Crowd integration you need an application name and password. + +1. On your GitLab server, open the configuration file. + + For omnibus package: + + ```sh + sudo editor /etc/gitlab/gitlab.rb + ``` + + For instalations from source: + + ```sh + cd /home/git/gitlab + + sudo -u git -H editor config/gitlab.yml + ``` + +1. See [Initial OmniAuth Configuration](omniauth.md#initial-omniauth-configuration) for initial settings. + +1. Add the provider configuration: + + For omnibus package: + + ```ruby + gitlab_rails['omniauth_providers'] = [ + { + "name" => "crowd", + "args" => { + "crowd_server_url" => "CROWD", + "application_name" => "YOUR_APP_NAME", + "application_password" => "YOUR_APP_PASSWORD" + } + } + ] + ``` + + For installations from source: + + ``` + - { name: 'crowd', + args: { + crowd_server_url: 'CROWD SERVER URL', + application_name: 'YOUR_APP_NAME', + application_password: 'YOUR_APP_PASSWORD' } } + ``` + +1. Change 'YOUR_APP_NAME' to the application name from Crowd applications page. + +1. Change 'YOUR_APP_PASSWORD' to the application password you've set. + +1. Save the configuration file. + +1. Restart GitLab for the changes to take effect. + +On the sign in page there should now be a Crowd tab in the sign in form.
\ No newline at end of file diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md index 2010cb9b8a1..c5cecbc2f2d 100644 --- a/doc/integration/omniauth.md +++ b/doc/integration/omniauth.md @@ -76,6 +76,7 @@ Now we can choose one or more of the Supported Providers below to continue confi - [Shibboleth](shibboleth.md) - [Twitter](twitter.md) - [SAML](saml.md) +- [Crowd](crowd.md) ## Enable OmniAuth for an Existing User |