diff options
| author | Nick Thomas <nick@gitlab.com> | 2018-09-12 11:29:50 +0100 |
|---|---|---|
| committer | Nick Thomas <nick@gitlab.com> | 2018-09-13 13:44:04 +0100 |
| commit | b4dc492123a88860a944d50bbe30ac9966b5e4b6 (patch) | |
| tree | fd52cfebd17c3f4d5e148827bb2e89c287825fba | |
| parent | f87809f78de9da04f38134ba5ce0cf9ddebf2f63 (diff) | |
| download | gitlab-ce-b4dc492123a88860a944d50bbe30ac9966b5e4b6.tar.gz | |
Enable omniauth by default
| -rw-r--r-- | changelogs/unreleased/49990-enable-omniauth-by-default.yml | 5 | ||||
| -rw-r--r-- | config/gitlab.yml.example | 4 | ||||
| -rw-r--r-- | config/initializers/1_settings.rb | 2 | ||||
| -rw-r--r-- | doc/integration/omniauth.md | 32 | ||||
| -rw-r--r-- | spec/config/settings_spec.rb | 9 |
5 files changed, 46 insertions, 6 deletions
diff --git a/changelogs/unreleased/49990-enable-omniauth-by-default.yml b/changelogs/unreleased/49990-enable-omniauth-by-default.yml new file mode 100644 index 00000000000..0c08bdf6ece --- /dev/null +++ b/changelogs/unreleased/49990-enable-omniauth-by-default.yml @@ -0,0 +1,5 @@ +--- +title: Enable omniauth by default +merge_request: 21700 +author: +type: changed diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index e9129e20a61..fdaf6a6472d 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -447,7 +447,7 @@ production: &base ## OmniAuth settings omniauth: # Allow login via Twitter, Google, etc. using OmniAuth providers - enabled: false + # enabled: true # Uncomment this to automatically sign in with a specific omniauth provider's without # showing GitLab's sign-in page (default: show the GitLab sign-in page) @@ -795,7 +795,7 @@ test: project_key: PROJECT omniauth: - enabled: true + # enabled: true allow_single_sign_on: true external_providers: [] diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 67f0f2b4169..0caa4962128 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -45,7 +45,7 @@ if Settings.ldap['enabled'] || Rails.env.test? end Settings['omniauth'] ||= Settingslogic.new({}) -Settings.omniauth['enabled'] = false if Settings.omniauth['enabled'].nil? +Settings.omniauth['enabled'] = true if Settings.omniauth['enabled'].nil? Settings.omniauth['auto_sign_in_with_provider'] = false if Settings.omniauth['auto_sign_in_with_provider'].nil? Settings.omniauth['allow_single_sign_on'] = false if Settings.omniauth['allow_single_sign_on'].nil? Settings.omniauth['external_providers'] = [] if Settings.omniauth['external_providers'].nil? diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md index 361769c4e25..4e1d5ba9b35 100644 --- a/doc/integration/omniauth.md +++ b/doc/integration/omniauth.md @@ -39,7 +39,10 @@ contains some settings that are common for all providers. Before configuring individual OmniAuth providers there are a few global settings that are in common for all providers that we need to consider. -- Omniauth needs to be enabled, see details below for example. +> **NOTE:** +> Starting from GitLab 11.4, Omniauth is enabled by default. If you're using an +> earlier version, you'll need to explicitly enable it. + - `allow_single_sign_on` allows you to specify the providers you want to allow to automatically create an account. It defaults to `false`. If `false` users must be created manually or they will not be able to sign in via OmniAuth. @@ -74,7 +77,8 @@ To change these settings: and change: ```ruby - gitlab_rails['omniauth_enabled'] = true + # Versions prior to 11.4 require this to be set to true + # gitlab_rails['omniauth_enabled'] = nil # CAUTION! # This allows users to login without having a user account first. Define the allowed providers @@ -101,7 +105,8 @@ To change these settings: ## OmniAuth settings omniauth: # Allow login via Twitter, Google, etc. using OmniAuth providers - enabled: true + # Versions prior to 11.4 require this to be set to true + # enabled: true # CAUTION! # This allows users to login without having a user account first. Define the allowed providers @@ -227,6 +232,27 @@ In order to enable/disable an OmniAuth provider, go to Admin Area -> Settings ->  +## Disabling Omniauth + +Starting from version 11.4 of GitLab, Omniauth is enabled by default. This only +has an effect if providers are configured and [enabled](#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources). + +If omniauth providers are causing problems even when individually disabled, you +can disable the entire omniauth subsystem by modifying the configuration file: + +**For Omnibus installations** + +```ruby +gitlab_rails['omniauth_enabled'] = false +``` + +**For installations from source** + +```yaml + omniauth: + enabled: false +``` + ## Keep OmniAuth user profiles up to date You can enable profile syncing from selected OmniAuth providers and for all or for specific user information. diff --git a/spec/config/settings_spec.rb b/spec/config/settings_spec.rb new file mode 100644 index 00000000000..83b2de47741 --- /dev/null +++ b/spec/config/settings_spec.rb @@ -0,0 +1,9 @@ +require 'spec_helper' + +describe Settings do + describe 'omniauth' do + it 'defaults to enabled' do + expect(described_class.omniauth.enabled).to be true + end + end +end |