summaryrefslogtreecommitdiff
path: root/config/initializers
diff options
context:
space:
mode:
authorAlex Lossent <alexandre.lossent@cern.ch>2015-05-27 17:40:21 +0200
committerAlex Lossent <alexandre.lossent@cern.ch>2015-05-29 18:15:03 +0200
commit5491f6fbdeeff35589ef5b6f0aa3264a77e9aa36 (patch)
tree83003424350eb8b72a95bd68be1e8aee2ddd9fc8 /config/initializers
parenta3b60982e59b7a3be052a62b5d89393d12c64562 (diff)
downloadgitlab-ce-5491f6fbdeeff35589ef5b6f0aa3264a77e9aa36.tar.gz
Add an option to automatically sign-in with an Omniauth provider without showing the GitLab sign-in page
This is useful when integrating with existing SSO environments and we want to use a single Omniauth provider for all user authentication.
Diffstat (limited to 'config/initializers')
-rw-r--r--config/initializers/1_settings.rb2
-rw-r--r--config/initializers/7_omniauth.rb2
2 files changed, 4 insertions, 0 deletions
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 2351ef7b0ce..c234bd69e9a 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -87,6 +87,8 @@ end
Settings['omniauth'] ||= Settingslogic.new({})
Settings.omniauth['enabled'] = false if Settings.omniauth['enabled'].nil?
+Settings.omniauth['auto_sign_in_with_provider'] = false if Settings.omniauth['auto_sign_in_with_provider'].nil?
+
Settings.omniauth['providers'] ||= []
Settings['issues_tracker'] ||= {}
diff --git a/config/initializers/7_omniauth.rb b/config/initializers/7_omniauth.rb
index 103aa06ca32..6f1f267bf97 100644
--- a/config/initializers/7_omniauth.rb
+++ b/config/initializers/7_omniauth.rb
@@ -12,6 +12,8 @@ if Gitlab::LDAP::Config.enabled?
end
OmniAuth.config.allowed_request_methods = [:post]
+#In case of auto sign-in, the GET method is used (users don't get to click on a button)
+OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present?
OmniAuth.config.before_request_phase do |env|
OmniAuth::RequestForgeryProtection.new(env).call
end