diff options
author | Alex Lossent <alexandre.lossent@cern.ch> | 2015-05-27 17:40:21 +0200 |
---|---|---|
committer | Alex Lossent <alexandre.lossent@cern.ch> | 2015-05-29 18:15:03 +0200 |
commit | 5491f6fbdeeff35589ef5b6f0aa3264a77e9aa36 (patch) | |
tree | 83003424350eb8b72a95bd68be1e8aee2ddd9fc8 /config/initializers | |
parent | a3b60982e59b7a3be052a62b5d89393d12c64562 (diff) | |
download | gitlab-ce-5491f6fbdeeff35589ef5b6f0aa3264a77e9aa36.tar.gz |
Add an option to automatically sign-in with an Omniauth provider without showing the GitLab sign-in page
This is useful when integrating with existing SSO environments and we want to use a single Omniauth provider for
all user authentication.
Diffstat (limited to 'config/initializers')
-rw-r--r-- | config/initializers/1_settings.rb | 2 | ||||
-rw-r--r-- | config/initializers/7_omniauth.rb | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 2351ef7b0ce..c234bd69e9a 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -87,6 +87,8 @@ end Settings['omniauth'] ||= Settingslogic.new({}) Settings.omniauth['enabled'] = false if Settings.omniauth['enabled'].nil? +Settings.omniauth['auto_sign_in_with_provider'] = false if Settings.omniauth['auto_sign_in_with_provider'].nil? + Settings.omniauth['providers'] ||= [] Settings['issues_tracker'] ||= {} diff --git a/config/initializers/7_omniauth.rb b/config/initializers/7_omniauth.rb index 103aa06ca32..6f1f267bf97 100644 --- a/config/initializers/7_omniauth.rb +++ b/config/initializers/7_omniauth.rb @@ -12,6 +12,8 @@ if Gitlab::LDAP::Config.enabled? end OmniAuth.config.allowed_request_methods = [:post] +#In case of auto sign-in, the GET method is used (users don't get to click on a button) +OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present? OmniAuth.config.before_request_phase do |env| OmniAuth::RequestForgeryProtection.new(env).call end |