diff options
| author | Alex Lossent <alexandre.lossent@cern.ch> | 2015-05-27 17:40:21 +0200 |
|---|---|---|
| committer | Alex Lossent <alexandre.lossent@cern.ch> | 2015-05-29 18:15:03 +0200 |
| commit | 5491f6fbdeeff35589ef5b6f0aa3264a77e9aa36 (patch) | |
| tree | 83003424350eb8b72a95bd68be1e8aee2ddd9fc8 /config | |
| parent | a3b60982e59b7a3be052a62b5d89393d12c64562 (diff) | |
| download | gitlab-ce-5491f6fbdeeff35589ef5b6f0aa3264a77e9aa36.tar.gz | |
Add an option to automatically sign-in with an Omniauth provider without showing the GitLab sign-in page
This is useful when integrating with existing SSO environments and we want to use a single Omniauth provider for
all user authentication.
Diffstat (limited to 'config')
| -rw-r--r-- | config/gitlab.yml.example | 4 | ||||
| -rw-r--r-- | config/initializers/1_settings.rb | 2 | ||||
| -rw-r--r-- | config/initializers/7_omniauth.rb | 2 |
3 files changed, 8 insertions, 0 deletions
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index 5acfe548502..c7f22b9388b 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -182,6 +182,10 @@ production: &base # Allow login via Twitter, Google, etc. using OmniAuth providers enabled: false + # Uncomment this to automatically sign in with a specific omniauth provider's without + # showing GitLab's sign-in page (default: show the GitLab sign-in page) + # auto_sign_in_with_provider: saml + # CAUTION! # This allows users to login without having a user account first (default: false). # User accounts will be created automatically when authentication was successful. diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 2351ef7b0ce..c234bd69e9a 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -87,6 +87,8 @@ end Settings['omniauth'] ||= Settingslogic.new({}) Settings.omniauth['enabled'] = false if Settings.omniauth['enabled'].nil? +Settings.omniauth['auto_sign_in_with_provider'] = false if Settings.omniauth['auto_sign_in_with_provider'].nil? + Settings.omniauth['providers'] ||= [] Settings['issues_tracker'] ||= {} diff --git a/config/initializers/7_omniauth.rb b/config/initializers/7_omniauth.rb index 103aa06ca32..6f1f267bf97 100644 --- a/config/initializers/7_omniauth.rb +++ b/config/initializers/7_omniauth.rb @@ -12,6 +12,8 @@ if Gitlab::LDAP::Config.enabled? end OmniAuth.config.allowed_request_methods = [:post] +#In case of auto sign-in, the GET method is used (users don't get to click on a button) +OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present? OmniAuth.config.before_request_phase do |env| OmniAuth::RequestForgeryProtection.new(env).call end |