Commit e6e4aa04 authored by Robert Speicher's avatar Robert Speicher Committed by Robert Speicher

Merge branch 'facebook-auth' into 'master'

Add Facebook authentication

See merge request !1740
parent 22e02708
...@@ -4,6 +4,8 @@ v 8.1.3 ...@@ -4,6 +4,8 @@ v 8.1.3
- Force update refs/merge-requests/X/head upon a push to the source branch of a merge request (Stan Hu) - Force update refs/merge-requests/X/head upon a push to the source branch of a merge request (Stan Hu)
- Spread out runner contacted_at updates - Spread out runner contacted_at updates
- Use issue editor as cross reference comment author when issue is edited with a new mention - Use issue editor as cross reference comment author when issue is edited with a new mention
- New design for user profile page
- Add Facebook authentication
v 8.1.2 v 8.1.2
- Fix cloning Wiki repositories via HTTP (Stan Hu) - Fix cloning Wiki repositories via HTTP (Stan Hu)
......
...@@ -19,6 +19,7 @@ gem 'devise-async', '~> 0.9.0' ...@@ -19,6 +19,7 @@ gem 'devise-async', '~> 0.9.0'
gem 'doorkeeper', '~> 2.1.3' gem 'doorkeeper', '~> 2.1.3'
gem 'omniauth', '~> 1.2.2' gem 'omniauth', '~> 1.2.2'
gem 'omniauth-bitbucket', '~> 0.0.2' gem 'omniauth-bitbucket', '~> 0.0.2'
gem 'omniauth-facebook', '~> 3.0.0'
gem 'omniauth-github', '~> 1.1.1' gem 'omniauth-github', '~> 1.1.1'
gem 'omniauth-gitlab', '~> 1.0.0' gem 'omniauth-gitlab', '~> 1.0.0'
gem 'omniauth-google-oauth2', '~> 0.2.0' gem 'omniauth-google-oauth2', '~> 0.2.0'
......
...@@ -423,6 +423,8 @@ GEM ...@@ -423,6 +423,8 @@ GEM
multi_json (~> 1.7) multi_json (~> 1.7)
omniauth (~> 1.1) omniauth (~> 1.1)
omniauth-oauth (~> 1.0) omniauth-oauth (~> 1.0)
omniauth-facebook (3.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-github (1.1.2) omniauth-github (1.1.2)
omniauth (~> 1.0) omniauth (~> 1.0)
omniauth-oauth2 (~> 1.1) omniauth-oauth2 (~> 1.1)
...@@ -859,6 +861,7 @@ DEPENDENCIES ...@@ -859,6 +861,7 @@ DEPENDENCIES
octokit (~> 3.7.0) octokit (~> 3.7.0)
omniauth (~> 1.2.2) omniauth (~> 1.2.2)
omniauth-bitbucket (~> 0.0.2) omniauth-bitbucket (~> 0.0.2)
omniauth-facebook (~> 3.0.0)
omniauth-github (~> 1.1.1) omniauth-github (~> 1.1.1)
omniauth-gitlab (~> 1.0.0) omniauth-gitlab (~> 1.0.0)
omniauth-google-oauth2 (~> 0.2.0) omniauth-google-oauth2 (~> 0.2.0)
......
module AuthHelper module AuthHelper
PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2).freeze PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook).freeze
FORM_BASED_PROVIDERS = [/\Aldap/, 'crowd'].freeze FORM_BASED_PROVIDERS = [/\Aldap/, 'crowd'].freeze
def ldap_enabled? def ldap_enabled?
......
...@@ -274,27 +274,28 @@ production: &base ...@@ -274,27 +274,28 @@ production: &base
# arguments, followed by optional 'args' which can be either a hash or an array. # arguments, followed by optional 'args' which can be either a hash or an array.
# Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html # Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html
providers: providers:
# - { name: 'google_oauth2',
# label: 'Google',
# app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET',
# args: { access_type: 'offline', approval_prompt: '' } }
# - { name: 'twitter',
# app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET' }
# - { name: 'github', # - { name: 'github',
# label: 'GitHub',
# app_id: 'YOUR_APP_ID', # app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET', # app_secret: 'YOUR_APP_SECRET',
# args: { scope: 'user:email' } } # args: { scope: 'user:email' } }
# - { name: 'bitbucket',
# app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET' }
# - { name: 'gitlab', # - { name: 'gitlab',
# label: 'GitLab.com',
# app_id: 'YOUR_APP_ID', # app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET', # app_secret: 'YOUR_APP_SECRET',
# args: { scope: 'api' } } # args: { scope: 'api' } }
# - { name: 'bitbucket', # - { name: 'google_oauth2',
# app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET',
# args: { access_type: 'offline', approval_prompt: '' } }
# - { name: 'facebook',
# app_id: 'YOUR_APP_ID', # app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET' } # app_secret: 'YOUR_APP_SECRET' }
# - { name: 'twitter',
# app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET' }
#
# - { name: 'saml', # - { name: 'saml',
# label: 'Our SAML Provider', # label: 'Our SAML Provider',
# args: { # args: {
......
# Facebook OAuth2 OmniAuth Provider
To enable the Facebook OmniAuth provider you must register your application with Facebook. Facebook will generate an app ID and secret key for you to use.
1. Sign in to the [Facebook Developer Platform](https://developers.facebook.com/).
1. Choose "My Apps" > "Add a New App"
1. Select the type "Website"
1. Enter a name for your app. This can be anything. Consider something like "<Organization>'s GitLab" or "<Your Name>'s GitLab" or
something else descriptive.
1. Choose "Create New Facebook App ID"
1. Select a Category, for example "Productivity"
1. Choose "Create App ID"
1. Enter the address of your GitLab installation at the bottom of the package
![Facebook Website URL](facebook_website_url.png)
1. Choose "Next"
1. Choose "Skip Quick Start" in the upper right corner
1. Choose "Settings" in the menu on the left
1. Fill in a contact email for your app
![Facebook App Settings](facebook_app_settings.png)
1. Choose "Save Changes"
1. Choose "Status & Review" in the menu on the left
1. Change the switch on the right from No to Yes
1. Choose "Confirm" when prompted to make the app public
1. Choose "Dashboard" in the menu on the left
1. Choose "Show" next to the hidden "App Secret"
1. You should now see an app key and app secret (see screenshot). Keep this page open as you continue configuration.
![Facebook API Keys](facebook_api_keys.png)
1. On your GitLab server, open the configuration file.
For omnibus package:
```sh
sudo editor /etc/gitlab/gitlab.rb
```
For installations from source:
```sh
cd /home/git/gitlab
sudo -u git -H editor config/gitlab.yml
```
1. See [Initial OmniAuth Configuration](omniauth.md#initial-omniauth-configuration) for initial settings.
1. Add the provider configuration:
For omnibus package:
```ruby
gitlab_rails['omniauth_providers'] = [
{
"name" => "facebook",
"app_id" => "YOUR_APP_ID",
"app_secret" => "YOUR_APP_SECRET"
}
]
```
For installations from source:
```
- { name: 'facebook', app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET' }
```
1. Change 'YOUR_APP_ID' to the API key from Facebook page in step 10.
1. Change 'YOUR_APP_SECRET' to the API secret from the Facebook page in step 10.
1. Save the configuration file.
1. Restart GitLab for the changes to take effect.
On the sign in page there should now be a Facebook icon below the regular sign in form. Click the icon to begin the authentication process. Facebook will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
...@@ -73,8 +73,9 @@ Now we can choose one or more of the Supported Providers below to continue confi ...@@ -73,8 +73,9 @@ Now we can choose one or more of the Supported Providers below to continue confi
- [Bitbucket](bitbucket.md) - [Bitbucket](bitbucket.md)
- [GitLab.com](gitlab.md) - [GitLab.com](gitlab.md)
- [Google](google.md) - [Google](google.md)
- [Shibboleth](shibboleth.md) - [Facebook](facebook.md)
- [Twitter](twitter.md) - [Twitter](twitter.md)
- [Shibboleth](shibboleth.md)
- [SAML](saml.md) - [SAML](saml.md)
- [Crowd](crowd.md) - [Crowd](crowd.md)
......
module Gitlab module Gitlab
module OAuth module OAuth
class Provider class Provider
LABELS = {
"github" => "GitHub",
"gitlab" => "GitLab.com",
"google_oauth2" => "Google"
}.freeze
def self.providers def self.providers
Devise.omniauth_providers Devise.omniauth_providers
end end
...@@ -23,8 +29,9 @@ module Gitlab ...@@ -23,8 +29,9 @@ module Gitlab
end end
def self.label_for(name) def self.label_for(name)
name = name.to_s
config = config_for(name) config = config_for(name)
(config && config['label']) || name.to_s.titleize (config && config['label']) || LABELS[name] || name.titleize
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment