Merge branch 'sh-improve-openid-docs' into 'master'

Fix OpenID Connect documentation See merge request gitlab-org/gitlab-ce!29314 (cherry picked from commit 5997cc89) 6dcbf1f5 Fix OpenID Connect documentation

Merge branch 'sh-improve-openid-docs' into 'master'
Fix OpenID Connect documentation See merge request gitlab-org/gitlab-ce!29314 (cherry picked from commit 5997cc89) 6dcbf1f5 Fix OpenID Connect documentation
a1ada784 · Evan Read · GitLab Release Tools Bot · 2e1e1f4e · a1ada784
Commit a1ada784 authored Jun 07, 2019 by Evan Read Committed by GitLab Release Tools Bot Jun 10, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 35 additions and 0 deletions

doc/administration/auth/oidc.md doc/administration/auth/oidc.md +35 -0

No files found.
--- a/doc/administration/auth/oidc.md
+++ b/doc/administration/auth/oidc.md
@@ -31,6 +31,7 @@ The OpenID Connect will provide you with a client details and secret for you to
      { 'name' => 'openid_connect',
        'label' => '<your_oidc_label>',
        'args' => {
+          "name' => 'openid_connect',
          'scope' => ['openid','profile'],
          'response_type' => 'code',
          'issuer' => '<your_oidc_url>',
@@ -53,6 +54,7 @@ The OpenID Connect will provide you with a client details and secret for you to
      - { name: 'openid_connect',
          label: '<your_oidc_label>',
          args: {
+            name: 'openid_connect',
            scope: ['openid','profile'],
            response_type: 'code',
            issuer: '<your_oidc_url>',
@@ -103,3 +105,36 @@ On the sign in page, there should now be an OpenID Connect icon below the regula
 Click the icon to begin the authentication process. The OpenID Connect provider will ask the user to
 sign in and authorize the GitLab application (if confirmation required by the client). If everything goes well, the user
 will be redirected to GitLab and will be signed in.
+
+## Example configurations
+
+The following configurations illustrate how to set up OpenID with
+different providers with Omnibus GitLab.
+
+### Google
+
+See the [Google
+documentation](https://developers.google.com/identity/protocols/OpenIDConnect)
+for more details:
+
+```ruby
+ gitlab_rails['omniauth_providers'] = [
+ {
+   'name' => 'openid_connect',
+   'label' => 'Google OpenID',
+   'args' => {
+     'name' => 'openid_connect',
+     'scope' => ['openid', 'profile', 'email'],
+     'response_type' => 'code',
+     'issuer' => 'https://accounts.google.com',
+     'client_auth_method' => 'query',
+     'discovery' => true,
+     'uid_field' => 'preferred_username',
+     'client_options' => {
+       'identifier' => '<YOUR PROJECT CLIENT ID>',
+       'secret' => '<YOUR PROJECT CLIENT SECRET>',
+       'redirect_uri' => 'https://example.com/users/auth/openid_connect/callback',
+     }
+   }
+ }
+```