Merge branch 'vfazio-update-rack-oauth2' into 'master'

Update rack-oauth2 to v1.16.0

See merge request gitlab-org/gitlab!47839

Gemfile

@@ -48,7 +48,7 @@ gem 'omniauth-authentiq', '~> 0.3.3'
 gem 'omniauth_openid_connect', '~> 0.3.5'
 gem 'omniauth-salesforce', '~> 1.0.5'
 gem 'omniauth-atlassian-oauth2', '~> 0.2.0'
-gem 'rack-oauth2', '~> 1.9.3'
+gem 'rack-oauth2', '~> 1.16.0'
 gem 'jwt', '~> 2.1.0'
 
 # Kerberos authentication. EE-only

Gemfile.lock

@@ -70,7 +70,7 @@ GEM
       memoizable (~> 0.4.0)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
-    aes_key_wrap (1.0.1)
+    aes_key_wrap (1.1.0)
     akismet (3.0.0)
     android_key_attestation (0.3.0)
     apollo_upload_server (2.0.2)
@@ -132,7 +132,7 @@ GEM
       coderay (>= 1.0.0)
       erubi (>= 1.0.0)
       rack (>= 0.9.0)
-    bindata (2.4.3)
+    bindata (2.4.8)
     binding_ninja (0.2.3)
     bootsnap (1.4.6)
       msgpack (~> 1.0)
@@ -613,7 +613,7 @@ GEM
       regexp_parser (~> 1.5)
       regexp_property_values (~> 0.3)
     json (2.3.0)
-    json-jwt (1.11.0)
+    json-jwt (1.13.0)
       activesupport (>= 4.2)
       aes_key_wrap
       bindata
@@ -874,12 +874,12 @@ GEM
       rack (>= 1.0, < 3)
     rack-cors (1.0.6)
       rack (>= 1.6.0)
-    rack-oauth2 (1.9.3)
+    rack-oauth2 (1.16.0)
       activesupport
       attr_required
       httpclient
-      json-jwt (>= 1.9.0)
-      rack
+      json-jwt (>= 1.11.0)
+      rack (>= 2.1.0)
     rack-protection (2.0.5)
       rack
     rack-proxy (0.6.0)
@@ -1449,7 +1449,7 @@ DEPENDENCIES
   rack (~> 2.2.3)
   rack-attack (~> 6.3.0)
   rack-cors (~> 1.0.6)
-  rack-oauth2 (~> 1.9.3)
+  rack-oauth2 (~> 1.16.0)
   rack-proxy (~> 0.6.0)
   rack-timeout (~> 0.5.1)
   rails (~> 6.0.3.1)

changelogs/unreleased/vfazio-update-rack-oauth2.yml

+---
+title: Update rack-oauth2 to v1.16.0
+merge_request: 47839
+author: Vincent Fazio @vfazio
+type: changed

lib/gitlab/omniauth_initializer.rb

@@ -96,16 +96,6 @@ module Gitlab
         args[:strategy_class] = args[:strategy_class].constantize
       end
 
-      # Providers that are known to depend on rack-oauth2, like those using
-      # Omniauth::Strategies::OpenIDConnect, need to be quirked so the
-      # client_auth_method argument value is passed as a symbol.
-      if (args[:strategy_class] == OmniAuth::Strategies::OpenIDConnect ||
-        args[:name] == 'openid_connect') &&
-        args[:client_auth_method].is_a?(String)
-
-        args[:client_auth_method] = args[:client_auth_method].to_sym
-      end
-
       args
     end
 

spec/lib/gitlab/omniauth_initializer_spec.rb

@@ -101,33 +101,5 @@ RSpec.describe Gitlab::OmniauthInitializer do
 
       subject.execute([google_config])
     end
-
-    it 'converts client_auth_method to a Symbol for openid_connect' do
-      openid_connect_config = {
-        'name' => 'openid_connect',
-        'args' => { name: 'openid_connect', client_auth_method: 'basic' }
-      }
-
-      expect(devise_config).to receive(:omniauth).with(
-        :openid_connect,
-        { name: 'openid_connect', client_auth_method: :basic }
-      )
-
-      subject.execute([openid_connect_config])
-    end
-
-    it 'converts client_auth_method to a Symbol for strategy_class OpenIDConnect' do
-      openid_connect_config = {
-        'name' => 'openid_connect',
-        'args' => { strategy_class: OmniAuth::Strategies::OpenIDConnect, client_auth_method: 'jwt_bearer' }
-      }
-
-      expect(devise_config).to receive(:omniauth).with(
-        :openid_connect,
-        { strategy_class: OmniAuth::Strategies::OpenIDConnect, client_auth_method: :jwt_bearer }
-      )
-
-      subject.execute([openid_connect_config])
-    end
   end
 end