Commit 72733256 authored by Markus Koller's avatar Markus Koller

Use correct scope when authorizing with Jira GitHub DVCS connector

When using the GitHub Enterprise connector in Jira we receive the
"repo" scope, this doesn't exist in GitLab but we can map it to our
"api" scope.

Changelog: fixed
parent eea0e99d
......@@ -16,7 +16,7 @@ class Oauth::Jira::AuthorizationsController < ApplicationController
redirect_to oauth_authorization_path(client_id: params['client_id'],
response_type: 'code',
scope: params['scope'],
scope: normalize_scope(params['scope']),
redirect_uri: oauth_jira_callback_url)
end
......@@ -48,4 +48,12 @@ class Oauth::Jira::AuthorizationsController < ApplicationController
rescue Doorkeeper::Errors::DoorkeeperError => e
render status: :unauthorized, body: e.type
end
private
# When using the GitHub Enterprise connector in Jira we receive the "repo" scope,
# this doesn't exist in GitLab but we can map it to our "api" scope.
def normalize_scope(scope)
scope == 'repo' ? 'api' : scope
end
end
---
title: Use correct scope when authorizing with Jira GitHub DVCS connector
merge_request: 61496
author:
type: fixed
......@@ -72,7 +72,7 @@ for the groups you specify, into Jira. This import takes a few minutes and, afte
it completes, refreshes every 60 minutes:
1. Ensure you have completed the [GitLab configuration](#configure-a-gitlab-application-for-dvcs).
1. Go to your DVCS account:
1. Go to your DVCS accounts:
- *For Jira Server,* go to **Settings (gear) > Applications > DVCS accounts**.
- *For Jira Cloud,* go to **Settings (gear) > Products > DVCS accounts**.
1. To create a new integration, select the appropriate value for **Host**:
......@@ -94,7 +94,10 @@ it completes, refreshes every 60 minutes:
1. For **Client ID**, use the **Application ID** value from the previous section.
1. For **Client Secret**, use the **Secret** value from the previous section.
1. Ensure that the rest of the checkboxes are checked.
1. Select **Add** to complete and create the integration.
1. Select **Add** and then **Continue** to create the DVCS account.
1. Jira redirects to GitLab where you have to confirm the authorization,
and then GitLab redirects back to Jira where you should see the synced
projects show up inside the new account.
To connect additional GitLab projects from other GitLab top-level groups, or
personal namespaces, repeat the previous steps with additional Jira DVCS accounts.
......
......@@ -5,10 +5,20 @@ require 'spec_helper'
RSpec.describe Oauth::Jira::AuthorizationsController do
describe 'GET new' do
it 'redirects to OAuth authorization with correct params' do
get :new, params: { client_id: 'client-123', redirect_uri: 'http://example.com/' }
get :new, params: { client_id: 'client-123', scope: 'foo', redirect_uri: 'http://example.com/' }
expect(response).to redirect_to(oauth_authorization_url(client_id: 'client-123',
response_type: 'code',
scope: 'foo',
redirect_uri: oauth_jira_callback_url))
end
it 'replaces the GitHub "repo" scope with "api"' do
get :new, params: { client_id: 'client-123', scope: 'repo', redirect_uri: 'http://example.com/' }
expect(response).to redirect_to(oauth_authorization_url(client_id: 'client-123',
response_type: 'code',
scope: 'api',
redirect_uri: oauth_jira_callback_url))
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment