summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
authordodocat <jingqq5210@gmail.com>2019-08-27 03:46:32 +0000
committerMichael Kozono <mkozono@gmail.com>2019-08-27 03:46:32 +0000
commit6e2032f24e0428189f8c9fe9e296a9630277155e (patch)
tree79ed8e273c4ee80512a11ca1029cd20426625457 /config
parent5e59c919d780441a5605d76e76ce63a69166464d (diff)
downloadgitlab-ce-6e2032f24e0428189f8c9fe9e296a9630277155e.tar.gz
Update docs and comments about saml with allow_bypass_two_factor
allow_bypass_two_factor configration dose not work with saml provider
Diffstat (limited to 'config')
-rw-r--r--config/gitlab.yml.example8
-rw-r--r--config/initializers/1_settings.rb1
2 files changed, 9 insertions, 0 deletions
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 973c2747838..20b1020e025 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -780,6 +780,14 @@ production: &base
# (default: [])
external_providers: []
+ # CAUTION!
+ # This allows users to login with the specified providers without two factor. Define the allowed providers
+ # using an array, e.g. ["twitter", 'google_oauth2'], or as true/false to allow all providers or none.
+ # This option should only be configured for providers which already have two factor.
+ # This configration dose not apply to SAML.
+ # (default: false)
+ allow_bypass_two_factor: ["twitter", 'google_oauth2']
+
## Auth providers
# Uncomment the following lines and fill in the data of the auth provider you want to use
# If your favorite auth provider is not listed you can use others:
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index fdc6b0a05ab..81433b620bc 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -84,6 +84,7 @@ Settings['omniauth'] ||= Settingslogic.new({})
Settings.omniauth['enabled'] = true if Settings.omniauth['enabled'].nil?
Settings.omniauth['auto_sign_in_with_provider'] = false if Settings.omniauth['auto_sign_in_with_provider'].nil?
Settings.omniauth['allow_single_sign_on'] = false if Settings.omniauth['allow_single_sign_on'].nil?
+Settings.omniauth['allow_bypass_two_factor'] = false if Settings.omniauth['allow_bypass_two_factor'].nil?
Settings.omniauth['external_providers'] = [] if Settings.omniauth['external_providers'].nil?
Settings.omniauth['block_auto_created_users'] = true if Settings.omniauth['block_auto_created_users'].nil?
Settings.omniauth['auto_link_ldap_user'] = false if Settings.omniauth['auto_link_ldap_user'].nil?