From 6d747cfd3a41d6e2f396855ef7f29f400ea3f4a8 Mon Sep 17 00:00:00 2001 From: Patricio Cano Date: Thu, 18 Dec 2014 09:50:20 -0500 Subject: Added link to the configuration sample for OmniAuth providers when using Omnibus. --- doc/integration/omniauth.md | 1 + 1 file changed, 1 insertion(+) (limited to 'doc/integration/omniauth.md') diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md index 00adae58dfa..15b4fb622af 100644 --- a/doc/integration/omniauth.md +++ b/doc/integration/omniauth.md @@ -7,6 +7,7 @@ OmniAuth does not prevent standard GitLab authentication or LDAP (if configured) - [Initial OmniAuth Configuration](#initial-omniauth-configuration) - [Supported Providers](#supported-providers) - [Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user) +- [OmniAuth configuration sample when using Omnibus GitLab](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master#omniauth-google-twitter-github-login) ## Initial OmniAuth Configuration -- cgit v1.2.1 From 78124d97836ebdfbb45c5567b9f2775889fd9718 Mon Sep 17 00:00:00 2001 From: Valery Sizov Date: Fri, 13 Feb 2015 20:13:47 +0200 Subject: GitLab.com importer: documentation --- doc/integration/omniauth.md | 1 + 1 file changed, 1 insertion(+) (limited to 'doc/integration/omniauth.md') diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md index 15b4fb622af..7911cd3e84d 100644 --- a/doc/integration/omniauth.md +++ b/doc/integration/omniauth.md @@ -76,6 +76,7 @@ Before configuring individual OmniAuth providers there are a few global settings ## Supported Providers - [GitHub](github.md) +- [GitLab](gitlab.md) - [Google](google.md) - [Shibboleth](shibboleth.md) - [Twitter](twitter.md) -- cgit v1.2.1 From d76c5824bc05640d276be96f7853f2d266fd6750 Mon Sep 17 00:00:00 2001 From: Marin Jankovski Date: Fri, 13 Feb 2015 14:49:19 -0800 Subject: Update oauth documenatation with examples for omnibus package and installations from source. --- doc/integration/omniauth.md | 78 +++++++++++++++++++++------------------------ 1 file changed, 36 insertions(+), 42 deletions(-) (limited to 'doc/integration/omniauth.md') diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md index 7911cd3e84d..7433de33909 100644 --- a/doc/integration/omniauth.md +++ b/doc/integration/omniauth.md @@ -1,8 +1,8 @@ # OmniAuth -GitLab leverages OmniAuth to allow users to sign in using Twitter, GitHub, and other popular services. Configuring +GitLab leverages OmniAuth to allow users to sign in using Twitter, GitHub, and other popular services. -OmniAuth does not prevent standard GitLab authentication or LDAP (if configured) from continuing to work. Users can choose to sign in using any of the configured mechanisms. +Configuring OmniAuth does not prevent standard GitLab authentication or LDAP (if configured) from continuing to work. Users can choose to sign in using any of the configured mechanisms. - [Initial OmniAuth Configuration](#initial-omniauth-configuration) - [Supported Providers](#supported-providers) @@ -11,9 +11,37 @@ OmniAuth does not prevent standard GitLab authentication or LDAP (if configured) ## Initial OmniAuth Configuration -Before configuring individual OmniAuth providers there are a few global settings that need to be verified. +Before configuring individual OmniAuth providers there are a few global settings that are in common for all providers that we need to consider. -1. Open the configuration file. +- Omniauth needs to be enabled, see details below for example. +- `allow_single_sign_on` defaults to `false`. If `false` users must be created manually or they will not be able to +sign in via OmniAuth. +- `block_auto_created_users` defaults to `true`. If `true` auto created users will be blocked by default and will +have to be unblocked by an administrator before they are able to sign in. +- **Note:** If you set `allow_single_sign_on` to `true` and `block_auto_created_users` to `false` please be aware +that any user on the Internet will be able to successfully sign in to your GitLab without administrative approval. + +If you want to change these settings: + +* **For omnibus package** + + Open the configuration file: + + ```sh + sudo editor /etc/gitlab/gitlab.rb + ``` + + and change + + ``` + gitlab_rails['omniauth_enabled'] = true + gitlab_rails['omniauth_allow_single_sign_on'] = false + gitlab_rails['block_auto_created_users'] = true + ``` + +* **For installations from source** + + Open the configuration file: ```sh cd /home/git/gitlab @@ -21,13 +49,13 @@ Before configuring individual OmniAuth providers there are a few global settings sudo -u git -H editor config/gitlab.yml ``` -1. Find the section dealing with OmniAuth. The section will look similar to the following. + and change the following section ``` - ## OmniAuth settings + ## OmniAuth settings omniauth: # Allow login via Twitter, Google, etc. using OmniAuth providers - enabled: false + enabled: true # CAUTION! # This allows users to login without having a user account first (default: false). @@ -35,43 +63,9 @@ Before configuring individual OmniAuth providers there are a few global settings allow_single_sign_on: false # Locks down those users until they have been cleared by the admin (default: true). block_auto_created_users: true - - ## Auth providers - # Uncomment the following lines and fill in the data of the auth provider you want to use - # If your favorite auth provider is not listed you can use others: - # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations - # The 'app_id' and 'app_secret' parameters are always passed as the first two - # arguments, followed by optional 'args' which can be either a hash or an array. - providers: - # - { name: 'google_oauth2', app_id: 'YOUR APP ID', - # app_secret: 'YOUR APP SECRET', - # args: { access_type: 'offline', approval_prompt: '' } } - # - { name: 'twitter', app_id: 'YOUR APP ID', - # app_secret: 'YOUR APP SECRET'} - # - { name: 'github', app_id: 'YOUR APP ID', - # app_secret: 'YOUR APP SECRET', - # args: { scope: 'user:email' } } - # - {"name": 'shibboleth', - # args: { shib_session_id_field: "HTTP_SHIB_SESSION_ID", - # shib_application_id_field: "HTTP_SHIB_APPLICATION_ID", - # uid_field: "HTTP_EPPN", - # name_field: "HTTP_CN", - # info_fields: {"email": "HTTP_MAIL" } } } - ``` -1. Change `enabled` to `true`. - -1. Consider the next two configuration options: `allow_single_sign_on` and `block_auto_created_users`. - - - `allow_single_sign_on` defaults to `false`. If `false` users must be created manually or they will not be able to - sign in via OmniAuth. - - `block_auto_created_users` defaults to `true`. If `true` auto created users will be blocked by default and will - have to be unblocked by an administrator before they are able to sign in. - - **Note:** If you set `allow_single_sign_on` to `true` and `block_auto_created_users` to `false` please be aware - that any user on the Internet will be able to successfully sign in to your GitLab without administrative approval. - -1. Choose one or more of the Supported Providers below to continue configuration. +Now we can choose one or more of the Supported Providers below to continue configuration. ## Supported Providers -- cgit v1.2.1 From a3d039259e56cd7cb6551c21551f010ea12e6acc Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Wed, 18 Feb 2015 22:07:09 -0800 Subject: Fix broken links in documentation --- doc/integration/omniauth.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'doc/integration/omniauth.md') diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md index 7433de33909..c92fa3ee4b7 100644 --- a/doc/integration/omniauth.md +++ b/doc/integration/omniauth.md @@ -70,7 +70,7 @@ Now we can choose one or more of the Supported Providers below to continue confi ## Supported Providers - [GitHub](github.md) -- [GitLab](gitlab.md) +- [GitLab.com](gitlab.md) - [Google](google.md) - [Shibboleth](shibboleth.md) - [Twitter](twitter.md) -- cgit v1.2.1 From 20691df230332022cb4d5008d84c7ee6e6c8dbfd Mon Sep 17 00:00:00 2001 From: Douwe Maan Date: Wed, 18 Feb 2015 22:42:52 +0100 Subject: Add Bitbucket integration docs. --- doc/integration/omniauth.md | 1 + 1 file changed, 1 insertion(+) (limited to 'doc/integration/omniauth.md') diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md index c92fa3ee4b7..24f7b4bb4b4 100644 --- a/doc/integration/omniauth.md +++ b/doc/integration/omniauth.md @@ -70,6 +70,7 @@ Now we can choose one or more of the Supported Providers below to continue confi ## Supported Providers - [GitHub](github.md) +- [Bitbucket](bitbucket.md) - [GitLab.com](gitlab.md) - [Google](google.md) - [Shibboleth](shibboleth.md) -- cgit v1.2.1