summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorTiago Botelho <tiagonbotelho@hotmail.com>2018-03-15 15:19:55 +0000
committerTiago Botelho <tiagonbotelho@hotmail.com>2018-03-20 13:03:15 +0000
commitfe82ef0c013a266f59b84d924f6269d8ea6ed792 (patch)
treeaf39db95cc4c4cf9bf9e73a9863c23687a9a9bac /doc
parent216ead607cb3549e9d4ac36b2c1c84507fe97200 (diff)
downloadgitlab-ce-fe82ef0c013a266f59b84d924f6269d8ea6ed792.tar.gz
Adds JWT omnianuth integration
Diffstat (limited to 'doc')
-rw-r--r--doc/integration/jwt.md74
-rw-r--r--doc/integration/omniauth.md1
2 files changed, 75 insertions, 0 deletions
diff --git a/doc/integration/jwt.md b/doc/integration/jwt.md
new file mode 100644
index 00000000000..765b7098b81
--- /dev/null
+++ b/doc/integration/jwt.md
@@ -0,0 +1,74 @@
+# Integrate your server with JWT
+
+To enable the JWT OmniAuth provider you must register your application with JWT.
+JWT will provide you with a secret key for you to use.
+
+1. On your GitLab server, open the configuration file.
+
+ For omnibus package:
+
+ ```sh
+ sudo editor /etc/gitlab/gitlab.rb
+ ```
+
+ For installations from source:
+
+ ```sh
+ cd /home/git/gitlab
+
+ sudo -u git -H editor config/gitlab.yml
+ ```
+
+1. See [Initial OmniAuth Configuration](omniauth.md#initial-omniauth-configuration) for initial settings.
+
+1. Add the provider configuration:
+
+ For omnibus package:
+
+ ```ruby
+ gitlab_rails['omniauth_providers'] = [
+ { name: 'jwt',
+ app_secret: 'YOUR_APP_SECRET',
+ args: {
+ algorithm: 'HS256',
+ uid_claim: 'email',
+ required_claims: ["name", "email"],
+ info_maps: { name: "name", email: "email" },
+ auth_url: 'https://example.com/',
+ valid_within: nil,
+ }
+ }
+ ]
+ ```
+
+ For installation from source:
+
+ ```
+ - { name: 'jwt',
+ app_secret: 'YOUR_APP_SECRET',
+ args: {
+ algorithm: 'HS256',
+ uid_claim: 'email',
+ required_claims: ["name", "email"],
+ info_map: { name: "name", email: "email" },
+ auth_url: 'https://example.com/',
+ valid_within: nil,
+ }
+ }
+ ```
+
+ __For more information on each configuration option refer to the [OmniAuth JWT usage documentation](https://github.com/mbleigh/omniauth-jwt#usage).__
+
+1. Change 'YOUR_APP_SECRET' to the client secret.
+
+1. Save the configuration file.
+
+1. [Reconfigure GitLab][] or [restart GitLab][] for the changes to take effect if you
+ installed GitLab via Omnibus or from source respectively.
+
+On the sign in page there should now be a JWT icon below the regular sign in form.
+Click the icon to begin the authentication process. JWT will ask the user to sign in and authorize the GitLab application.
+If everything goes well the user will be returned to GitLab and will be signed in.
+
+[reconfigure GitLab]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
+[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md
index 20087a981f9..c6cc023d7bf 100644
--- a/doc/integration/omniauth.md
+++ b/doc/integration/omniauth.md
@@ -32,6 +32,7 @@ contains some settings that are common for all providers.
- [Auth0](auth0.md)
- [Authentiq](../administration/auth/authentiq.md)
- [OAuth2Generic](oauth2_generic.md)
+- [JWT](jwt.md)
## Initial OmniAuth Configuration