Commit 0579a89f authored by Rémy Coutable's avatar Rémy Coutable

Merge branch 'authentiq-updates' into 'master'

Added authentiq provider to tests and updated documentation, gem and config file.

See merge request !12952
parents 312ed3f9 6bd94f20
...@@ -37,7 +37,7 @@ gem 'omniauth-saml', '~> 1.7.0' ...@@ -37,7 +37,7 @@ gem 'omniauth-saml', '~> 1.7.0'
gem 'omniauth-shibboleth', '~> 1.2.0' gem 'omniauth-shibboleth', '~> 1.2.0'
gem 'omniauth-twitter', '~> 1.2.0' gem 'omniauth-twitter', '~> 1.2.0'
gem 'omniauth_crowd', '~> 2.2.0' gem 'omniauth_crowd', '~> 2.2.0'
gem 'omniauth-authentiq', '~> 0.3.0' gem 'omniauth-authentiq', '~> 0.3.1'
gem 'rack-oauth2', '~> 1.2.1' gem 'rack-oauth2', '~> 1.2.1'
gem 'jwt', '~> 1.5.6' gem 'jwt', '~> 1.5.6'
......
...@@ -488,7 +488,7 @@ GEM ...@@ -488,7 +488,7 @@ GEM
rack (>= 1.0, < 3) rack (>= 1.0, < 3)
omniauth-auth0 (1.4.1) omniauth-auth0 (1.4.1)
omniauth-oauth2 (~> 1.1) omniauth-oauth2 (~> 1.1)
omniauth-authentiq (0.3.0) omniauth-authentiq (0.3.1)
omniauth-oauth2 (~> 1.3, >= 1.3.1) omniauth-oauth2 (~> 1.3, >= 1.3.1)
omniauth-azure-oauth2 (0.0.6) omniauth-azure-oauth2 (0.0.6)
jwt (~> 1.0) jwt (~> 1.0)
...@@ -1015,7 +1015,7 @@ DEPENDENCIES ...@@ -1015,7 +1015,7 @@ DEPENDENCIES
oj (~> 2.17.4) oj (~> 2.17.4)
omniauth (~> 1.4.2) omniauth (~> 1.4.2)
omniauth-auth0 (~> 1.4.1) omniauth-auth0 (~> 1.4.1)
omniauth-authentiq (~> 0.3.0) omniauth-authentiq (~> 0.3.1)
omniauth-azure-oauth2 (~> 0.0.6) omniauth-azure-oauth2 (~> 0.0.6)
omniauth-cas3 (~> 1.1.2) omniauth-cas3 (~> 1.1.2)
omniauth-facebook (~> 4.0.0) omniauth-facebook (~> 4.0.0)
......
...@@ -383,13 +383,13 @@ production: &base ...@@ -383,13 +383,13 @@ production: &base
# service_validate_url: '/cas/p3/serviceValidate', # service_validate_url: '/cas/p3/serviceValidate',
# logout_url: '/cas/logout'} } # logout_url: '/cas/logout'} }
# - { name: 'authentiq', # - { name: 'authentiq',
# # for client credentials (client ID and secret), go to https://www.authentiq.com/ # # for client credentials (client ID and secret), go to https://www.authentiq.com/developers
# app_id: 'YOUR_CLIENT_ID', # app_id: 'YOUR_CLIENT_ID',
# app_secret: 'YOUR_CLIENT_SECRET', # app_secret: 'YOUR_CLIENT_SECRET',
# args: { # args: {
# scope: 'aq:name email~rs address aq:push' # scope: 'aq:name email~rs address aq:push'
# # redirect_uri parameter is optional except when 'gitlab.host' in this file is set to 'localhost' # # callback_url parameter is optional except when 'gitlab.host' in this file is set to 'localhost'
# # redirect_uri: 'YOUR_REDIRECT_URI' # # callback_url: 'YOUR_CALLBACK_URL'
# } # }
# } # }
# - { name: 'github', # - { name: 'github',
......
...@@ -32,7 +32,7 @@ Authentiq will generate a Client ID and the accompanying Client Secret for you t ...@@ -32,7 +32,7 @@ Authentiq will generate a Client ID and the accompanying Client Secret for you t
"app_id" => "YOUR_CLIENT_ID", "app_id" => "YOUR_CLIENT_ID",
"app_secret" => "YOUR_CLIENT_SECRET", "app_secret" => "YOUR_CLIENT_SECRET",
"args" => { "args" => {
scope: 'aq:name email~rs aq:push' "scope": 'aq:name email~rs address aq:push'
} }
} }
] ]
...@@ -45,21 +45,20 @@ Authentiq will generate a Client ID and the accompanying Client Secret for you t ...@@ -45,21 +45,20 @@ Authentiq will generate a Client ID and the accompanying Client Secret for you t
app_id: 'YOUR_CLIENT_ID', app_id: 'YOUR_CLIENT_ID',
app_secret: 'YOUR_CLIENT_SECRET', app_secret: 'YOUR_CLIENT_SECRET',
args: { args: {
scope: 'aq:name email~rs aq:push' scope: 'aq:name email~rs address aq:push'
} }
} }
``` ```
5. The `scope` is set to request the user's name, email (required and signed), and permission to send push notifications to sign in on subsequent visits. 5. The `scope` is set to request the user's name, email (required and signed), and permission to send push notifications to sign in on subsequent visits.
See [OmniAuth Authentiq strategy](https://github.com/AuthentiqID/omniauth-authentiq#scopes-and-redirect-uri-configuration) for more information on scopes and modifiers. See [OmniAuth Authentiq strategy](https://github.com/AuthentiqID/omniauth-authentiq/wiki/Scopes,-callback-url-configuration-and-responses) for more information on scopes and modifiers.
6. Change `YOUR_CLIENT_ID` and `YOUR_CLIENT_SECRET` to the Client credentials you received in step 1. 6. Change `YOUR_CLIENT_ID` and `YOUR_CLIENT_SECRET` to the Client credentials you received in step 1.
7. Save the configuration file. 7. Save the configuration file.
8. [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) or [restart GitLab](../restart_gitlab.md#installations-from-source) 8. [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) or [restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect if you installed GitLab via Omnibus or from source respectively.
for the changes to take effect if you installed GitLab via Omnibus or from source respectively.
On the sign in page there should now be an Authentiq icon below the regular sign in form. Click the icon to begin the authentication process. On the sign in page there should now be an Authentiq icon below the regular sign in form. Click the icon to begin the authentication process.
......
...@@ -29,7 +29,7 @@ describe Profiles::AccountsController do ...@@ -29,7 +29,7 @@ describe Profiles::AccountsController do
end end
end end
[:twitter, :facebook, :google_oauth2, :gitlab, :github, :bitbucket, :crowd, :auth0].each do |provider| [:twitter, :facebook, :google_oauth2, :gitlab, :github, :bitbucket, :crowd, :auth0, :authentiq].each do |provider|
describe "#{provider} provider" do describe "#{provider} provider" do
let(:user) { create(:omniauth_user, provider: provider.to_s) } let(:user) { create(:omniauth_user, provider: provider.to_s) }
......
...@@ -70,7 +70,7 @@ describe AuthHelper do ...@@ -70,7 +70,7 @@ describe AuthHelper do
end end
end end
[:twitter, :facebook, :google_oauth2, :gitlab, :github, :bitbucket, :crowd, :auth0].each do |provider| [:twitter, :facebook, :google_oauth2, :gitlab, :github, :bitbucket, :crowd, :auth0, :authentiq].each do |provider|
it "returns false if the provider is #{provider}" do it "returns false if the provider is #{provider}" do
expect(helper.unlink_allowed?(provider)).to be true expect(helper.unlink_allowed?(provider)).to be true
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment