Commit 954dd7ce authored by Valery Sizov's avatar Valery Sizov

Merge branch 'crowd' into 'master'

Crowd integration

https://dev.gitlab.org/gitlab/gitlabhq/issues/2217

See merge request !1228
parents 0fbd6244 9836017c
...@@ -39,6 +39,7 @@ v 8.0.0 (unreleased) ...@@ -39,6 +39,7 @@ v 8.0.0 (unreleased)
- Added web_url key project hook_attrs (Kirill Zaitsev) - Added web_url key project hook_attrs (Kirill Zaitsev)
- Add ability to get user information by ID of an SSH key via the API - Add ability to get user information by ID of an SSH key via the API
- Fix bug which IE cannot show image at markdown when the image is raw file of gitlab - Fix bug which IE cannot show image at markdown when the image is raw file of gitlab
- Add support for Crowd
v 7.14.1 v 7.14.1
- Improve abuse reports management from admin area - Improve abuse reports management from admin area
......
...@@ -25,6 +25,7 @@ gem 'omniauth-kerberos', group: :kerberos ...@@ -25,6 +25,7 @@ gem 'omniauth-kerberos', group: :kerberos
gem 'omniauth-gitlab' gem 'omniauth-gitlab'
gem 'omniauth-bitbucket' gem 'omniauth-bitbucket'
gem 'omniauth-saml', '~> 1.4.0' gem 'omniauth-saml', '~> 1.4.0'
gem 'omniauth_crowd'
gem 'doorkeeper', '2.1.3' gem 'doorkeeper', '2.1.3'
gem "rack-oauth2", "~> 1.0.5" gem "rack-oauth2", "~> 1.0.5"
......
...@@ -434,6 +434,10 @@ GEM ...@@ -434,6 +434,10 @@ GEM
omniauth-twitter (1.0.1) omniauth-twitter (1.0.1)
multi_json (~> 1.3) multi_json (~> 1.3)
omniauth-oauth (~> 1.0) omniauth-oauth (~> 1.0)
omniauth_crowd (2.2.3)
activesupport
nokogiri (>= 1.4.4)
omniauth (~> 1.0)
opennebula (4.12.1) opennebula (4.12.1)
json json
nokogiri nokogiri
...@@ -821,6 +825,7 @@ DEPENDENCIES ...@@ -821,6 +825,7 @@ DEPENDENCIES
omniauth-saml (~> 1.4.0) omniauth-saml (~> 1.4.0)
omniauth-shibboleth omniauth-shibboleth
omniauth-twitter omniauth-twitter
omniauth_crowd
org-ruby (= 0.9.12) org-ruby (= 0.9.12)
pg pg
poltergeist (~> 1.6.0) poltergeist (~> 1.6.0)
......
...@@ -8,6 +8,8 @@ class SessionsController < Devise::SessionsController ...@@ -8,6 +8,8 @@ class SessionsController < Devise::SessionsController
def new def new
if Gitlab.config.ldap.enabled if Gitlab.config.ldap.enabled
@ldap_servers = Gitlab::LDAP::Config.servers @ldap_servers = Gitlab::LDAP::Config.servers
else
@ldap_servers = []
end end
super super
......
module AuthHelper module AuthHelper
PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2).freeze PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2).freeze
FORM_BASED_PROVIDERS = [/\Aldap/, 'kerberos'].freeze FORM_BASED_PROVIDERS = [/\Aldap/, 'kerberos', 'crowd'].freeze
def ldap_enabled? def ldap_enabled?
Gitlab.config.ldap.enabled Gitlab.config.ldap.enabled
...@@ -26,6 +26,10 @@ module AuthHelper ...@@ -26,6 +26,10 @@ module AuthHelper
auth_providers.select { |provider| form_based_provider?(provider) } auth_providers.select { |provider| form_based_provider?(provider) }
end end
def crowd_enabled?
auth_providers.include? :crowd
end
def button_based_providers def button_based_providers
auth_providers.reject { |provider| form_based_provider?(provider) } auth_providers.reject { |provider| form_based_provider?(provider) }
end end
......
= form_tag(user_omniauth_authorize_path("crowd"), id: 'new_crowd_user' ) do
= text_field_tag :username, nil, {class: "form-control top", placeholder: "Username", autofocus: "autofocus"}
= password_field_tag :password, nil, {class: "form-control bottom", placeholder: "Password"}
- if devise_mapping.rememberable?
.remember-me.checkbox
%label{for: "remember_me"}
= check_box_tag :remember_me, '1', false, id: 'remember_me'
%span Remember me
= button_tag "Sign in", class: "btn-save btn"
\ No newline at end of file
...@@ -8,15 +8,21 @@ ...@@ -8,15 +8,21 @@
.login-body .login-body
- if form_based_providers.any? - if form_based_providers.any?
%ul.nav.nav-tabs %ul.nav.nav-tabs
- if crowd_enabled?
%li.active
= link_to "Crowd", "#tab-crowd", 'data-toggle' => 'tab'
- @ldap_servers.each_with_index do |server, i| - @ldap_servers.each_with_index do |server, i|
%li{class: (:active if i.zero?)} %li{class: (:active if i.zero? && !crowd_enabled?)}
= link_to server['label'], "#tab-#{server['provider_name']}", 'data-toggle' => 'tab' = link_to server['label'], "#tab-#{server['provider_name']}", 'data-toggle' => 'tab'
- if signin_enabled? - if signin_enabled?
%li %li
= link_to 'Standard', '#tab-signin', 'data-toggle' => 'tab' = link_to 'Standard', '#tab-signin', 'data-toggle' => 'tab'
.tab-content .tab-content
- if crowd_enabled?
%div.tab-pane.active{id: "tab-crowd"}
= render 'devise/sessions/new_crowd'
- @ldap_servers.each_with_index do |server, i| - @ldap_servers.each_with_index do |server, i|
%div.tab-pane{id: "tab-#{server['provider_name']}", class: (:active if i.zero?)} %div.tab-pane{id: "tab-#{server['provider_name']}", class: (:active if i.zero? && !crowd_enabled?)}
= render 'devise/sessions/new_ldap', server: server = render 'devise/sessions/new_ldap', server: server
- if signin_enabled? - if signin_enabled?
%div#tab-signin.tab-pane %div#tab-signin.tab-pane
......
...@@ -246,6 +246,11 @@ production: &base ...@@ -246,6 +246,11 @@ production: &base
# issuer: 'https://gitlab.example.com', # issuer: 'https://gitlab.example.com',
# name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient' # name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
# } } # } }
# - { name: 'crowd',
# args: {
# crowd_server_url: 'CROWD SERVER URL',
# application_name: 'YOUR_APP_NAME',
# application_password: 'YOUR_APP_PASSWORD' } }
......
...@@ -238,7 +238,7 @@ Devise.setup do |config| ...@@ -238,7 +238,7 @@ Devise.setup do |config|
provider_arguments.concat provider['args'] provider_arguments.concat provider['args']
when Hash when Hash
# A Hash from the configuration will be passed as is. # A Hash from the configuration will be passed as is.
provider_arguments << provider['args'] provider_arguments << provider['args'].symbolize_keys
end end
config.omniauth provider['name'].to_sym, *provider_arguments config.omniauth provider['name'].to_sym, *provider_arguments
......
# Crowd OmniAuth Provider
To enable the Crowd OmniAuth provider you must register your application with Crowd. To configure Crowd integration you need an application name and password.
1. On your GitLab server, open the configuration file.
For omnibus package:
```sh
sudo editor /etc/gitlab/gitlab.rb
```
For instalations from source:
```sh
cd /home/git/gitlab
sudo -u git -H editor config/gitlab.yml
```
1. See [Initial OmniAuth Configuration](omniauth.md#initial-omniauth-configuration) for initial settings.
1. Add the provider configuration:
For omnibus package:
```ruby
gitlab_rails['omniauth_providers'] = [
{
"name" => "crowd",
"args" => {
"crowd_server_url" => "CROWD",
"application_name" => "YOUR_APP_NAME",
"application_password" => "YOUR_APP_PASSWORD"
}
}
]
```
For installations from source:
```
- { name: 'crowd',
args: {
crowd_server_url: 'CROWD SERVER URL',
application_name: 'YOUR_APP_NAME',
application_password: 'YOUR_APP_PASSWORD' } }
```
1. Change 'YOUR_APP_NAME' to the application name from Crowd applications page.
1. Change 'YOUR_APP_PASSWORD' to the application password you've set.
1. Save the configuration file.
1. Restart GitLab for the changes to take effect.
On the sign in page there should now be a Crowd tab in the sign in form.
\ No newline at end of file
...@@ -76,6 +76,7 @@ Now we can choose one or more of the Supported Providers below to continue confi ...@@ -76,6 +76,7 @@ Now we can choose one or more of the Supported Providers below to continue confi
- [Shibboleth](shibboleth.md) - [Shibboleth](shibboleth.md)
- [Twitter](twitter.md) - [Twitter](twitter.md)
- [SAML](saml.md) - [SAML](saml.md)
- [Crowd](crowd.md)
## Enable OmniAuth for an Existing User ## Enable OmniAuth for an Existing User
......
Feature: Login form
Scenario: I see crowd form
Given Crowd integration enabled
When I visit sign in page
Then I should see Crowd login form
\ No newline at end of file
class Spinach::Features::LoginForm < Spinach::FeatureSteps
include SharedAuthentication
include SharedPaths
include SharedSnippet
include SharedUser
include SharedSearch
step 'Crowd integration enabled' do
@providers_orig = Gitlab::OAuth::Provider.providers
@omniauth_conf_orig = Gitlab.config.omniauth.enabled
expect(Gitlab::OAuth::Provider).to receive(:providers).and_return([:crowd])
allow_any_instance_of(ApplicationHelper).to receive(:user_omniauth_authorize_path).and_return(root_path)
expect(Gitlab.config.omniauth).to receive(:enabled).and_return(true)
end
step 'I should see Crowd login form' do
expect(page).to have_selector '#tab-crowd form'
Gitlab::OAuth::Provider.stub(:providers).and_return(@providers_orig)
Gitlab.config.omniauth.stub(:enabled).and_return(@omniauth_conf_orig)
end
step 'I visit sign in page' do
visit new_user_session_path
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment