Commit 3700e5a9 authored by Valery Sizov's avatar Valery Sizov

Crowd integration

parent 6f19e879
...@@ -34,6 +34,7 @@ v 8.0.0 (unreleased) ...@@ -34,6 +34,7 @@ v 8.0.0 (unreleased)
- Added Drone CI integration (Kirill Zaitsev) - Added Drone CI integration (Kirill Zaitsev)
- Refactored service API and added automatically service docs generator (Kirill Zaitsev) - Refactored service API and added automatically service docs generator (Kirill Zaitsev)
- Added web_url key project hook_attrs (Kirill Zaitsev) - Added web_url key project hook_attrs (Kirill Zaitsev)
- Add support for Crowd
v 7.14.1 v 7.14.1
- Improve abuse reports management from admin area - Improve abuse reports management from admin area
......
...@@ -25,6 +25,7 @@ gem 'omniauth-kerberos', group: :kerberos ...@@ -25,6 +25,7 @@ gem 'omniauth-kerberos', group: :kerberos
gem 'omniauth-gitlab' gem 'omniauth-gitlab'
gem 'omniauth-bitbucket' gem 'omniauth-bitbucket'
gem 'omniauth-saml', '~> 1.4.0' gem 'omniauth-saml', '~> 1.4.0'
gem 'omniauth_crowd'
gem 'doorkeeper', '2.1.3' gem 'doorkeeper', '2.1.3'
gem "rack-oauth2", "~> 1.0.5" gem "rack-oauth2", "~> 1.0.5"
......
...@@ -434,6 +434,10 @@ GEM ...@@ -434,6 +434,10 @@ GEM
omniauth-twitter (1.0.1) omniauth-twitter (1.0.1)
multi_json (~> 1.3) multi_json (~> 1.3)
omniauth-oauth (~> 1.0) omniauth-oauth (~> 1.0)
omniauth_crowd (2.2.3)
activesupport
nokogiri (>= 1.4.4)
omniauth (~> 1.0)
opennebula (4.12.1) opennebula (4.12.1)
json json
nokogiri nokogiri
...@@ -821,6 +825,7 @@ DEPENDENCIES ...@@ -821,6 +825,7 @@ DEPENDENCIES
omniauth-saml (~> 1.4.0) omniauth-saml (~> 1.4.0)
omniauth-shibboleth omniauth-shibboleth
omniauth-twitter omniauth-twitter
omniauth_crowd
org-ruby (= 0.9.12) org-ruby (= 0.9.12)
pg pg
poltergeist (~> 1.6.0) poltergeist (~> 1.6.0)
......
...@@ -8,6 +8,8 @@ class SessionsController < Devise::SessionsController ...@@ -8,6 +8,8 @@ class SessionsController < Devise::SessionsController
def new def new
if Gitlab.config.ldap.enabled if Gitlab.config.ldap.enabled
@ldap_servers = Gitlab::LDAP::Config.servers @ldap_servers = Gitlab::LDAP::Config.servers
else
@ldap_servers = []
end end
super super
......
module AuthHelper module AuthHelper
PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2).freeze PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2).freeze
FORM_BASED_PROVIDERS = [/\Aldap/, 'kerberos'].freeze FORM_BASED_PROVIDERS = [/\Aldap/, 'kerberos', 'crowd'].freeze
def ldap_enabled? def ldap_enabled?
Gitlab.config.ldap.enabled Gitlab.config.ldap.enabled
...@@ -26,6 +26,10 @@ module AuthHelper ...@@ -26,6 +26,10 @@ module AuthHelper
auth_providers.select { |provider| form_based_provider?(provider) } auth_providers.select { |provider| form_based_provider?(provider) }
end end
def crowd_enabled?
auth_providers.include? :crowd
end
def button_based_providers def button_based_providers
auth_providers.reject { |provider| form_based_provider?(provider) } auth_providers.reject { |provider| form_based_provider?(provider) }
end end
......
= form_tag(user_omniauth_authorize_path("crowd"), id: 'new_crowd_user' ) do
= text_field_tag :username, nil, {class: "form-control top", placeholder: "Username", autofocus: "autofocus"}
= password_field_tag :password, nil, {class: "form-control bottom", placeholder: "Password"}
- if devise_mapping.rememberable?
.remember-me.checkbox
%label{for: "remember_me"}
= check_box_tag :remember_me, '1', false, id: 'remember_me'
%span Remember me
= button_tag "Sign in", class: "btn-save btn"
\ No newline at end of file
...@@ -8,15 +8,21 @@ ...@@ -8,15 +8,21 @@
.login-body .login-body
- if form_based_providers.any? - if form_based_providers.any?
%ul.nav.nav-tabs %ul.nav.nav-tabs
- if crowd_enabled?
%li.active
= link_to "Crowd", "#tab-crowd", 'data-toggle' => 'tab'
- @ldap_servers.each_with_index do |server, i| - @ldap_servers.each_with_index do |server, i|
%li{class: (:active if i.zero?)} %li{class: (:active if i.zero? && !crowd_enabled?)}
= link_to server['label'], "#tab-#{server['provider_name']}", 'data-toggle' => 'tab' = link_to server['label'], "#tab-#{server['provider_name']}", 'data-toggle' => 'tab'
- if signin_enabled? - if signin_enabled?
%li %li
= link_to 'Standard', '#tab-signin', 'data-toggle' => 'tab' = link_to 'Standard', '#tab-signin', 'data-toggle' => 'tab'
.tab-content .tab-content
- if crowd_enabled?
%div.tab-pane.active{id: "tab-crowd"}
= render 'devise/sessions/new_crowd'
- @ldap_servers.each_with_index do |server, i| - @ldap_servers.each_with_index do |server, i|
%div.tab-pane{id: "tab-#{server['provider_name']}", class: (:active if i.zero?)} %div.tab-pane{id: "tab-#{server['provider_name']}", class: (:active if i.zero? && !crowd_enabled?)}
= render 'devise/sessions/new_ldap', server: server = render 'devise/sessions/new_ldap', server: server
- if signin_enabled? - if signin_enabled?
%div#tab-signin.tab-pane %div#tab-signin.tab-pane
......
...@@ -246,6 +246,11 @@ production: &base ...@@ -246,6 +246,11 @@ production: &base
# issuer: 'https://gitlab.example.com', # issuer: 'https://gitlab.example.com',
# name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient' # name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
# } } # } }
# - { name: 'crowd',
# args: {
# crowd_server_url: 'CROWD SERVER URL',
# application_name: 'YOUR_APP_NAME',
# application_password: 'YOUR_APP_PASSWORD' } }
......
...@@ -238,7 +238,7 @@ Devise.setup do |config| ...@@ -238,7 +238,7 @@ Devise.setup do |config|
provider_arguments.concat provider['args'] provider_arguments.concat provider['args']
when Hash when Hash
# A Hash from the configuration will be passed as is. # A Hash from the configuration will be passed as is.
provider_arguments << provider['args'] provider_arguments << provider['args'].symbolize_keys
end end
config.omniauth provider['name'].to_sym, *provider_arguments config.omniauth provider['name'].to_sym, *provider_arguments
......
# Crowd OmniAuth Provider
To enable the Crowd OmniAuth provider you must register your application with Crowd. To configure Crowd integration you need an application name and password.
1. On your GitLab server, open the configuration file.
For omnibus package:
```sh
sudo editor /etc/gitlab/gitlab.rb
```
For instalations from source:
```sh
cd /home/git/gitlab
sudo -u git -H editor config/gitlab.yml
```
1. See [Initial OmniAuth Configuration](omniauth.md#initial-omniauth-configuration) for initial settings.
1. Add the provider configuration:
For omnibus package:
```ruby
gitlab_rails['omniauth_providers'] = [
{
"name" => "crowd",
"args" => {
"crowd_server_url" => "CROWD",
"application_name" => "YOUR_APP_NAME",
"application_password" => "YOUR_APP_PASSWORD"
}
}
]
```
For installations from source:
```
- { name: 'crowd',
args: {
crowd_server_url: 'CROWD SERVER URL',
application_name: 'YOUR_APP_NAME',
application_password: 'YOUR_APP_PASSWORD' } }
```
1. Change 'YOUR_APP_NAME' to the application name from Crowd applications page.
1. Change 'YOUR_APP_PASSWORD' to the application password you've set.
1. Save the configuration file.
1. Restart GitLab for the changes to take effect.
On the sign in page there should now be a Crowd tab in the sign in form.
\ No newline at end of file
...@@ -76,6 +76,7 @@ Now we can choose one or more of the Supported Providers below to continue confi ...@@ -76,6 +76,7 @@ Now we can choose one or more of the Supported Providers below to continue confi
- [Shibboleth](shibboleth.md) - [Shibboleth](shibboleth.md)
- [Twitter](twitter.md) - [Twitter](twitter.md)
- [SAML](saml.md) - [SAML](saml.md)
- [Crowd](crowd.md)
## Enable OmniAuth for an Existing User ## Enable OmniAuth for an Existing User
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment