GitLab-CE接入OAuth 2.0 ID Provider实现统一认证
6

编辑文件/etc/gitlab/gitlab.rb

gitlab_rails['omniauth_providers'] = [
  {
    'name' => 'openid_connect',
    'label' => 'Login with OpenID',
    'args' => {
      'name' => 'openid_connect',
      'scope' => ['openid', 'profile', 'email'],
      'response_type' => 'code',
      'issuer' => 'https://oauth.yourdomain.com', # .well_known所在路径
      'discovery' => true,
      'uid_field' => 'sub',
      'client_options' => {
        'identifier' => 'YOUR_APP_ID',
        'secret' => 'YOUR_APP_KEY',
        'redirect_uri' => 'https://git.yourdomain.com/users/auth/openid_connect/callback'
      }
    }
  }
]

gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['openid_connect']
gitlab_rails['omniauth_sync_email_from_provider'] = 'openid_connect'
gitlab_rails['omniauth_sync_profile_from_provider'] = ['openid_connect']
gitlab_rails['omniauth_sync_profile_attributes'] = ['name', 'email']
gitlab_rails['omniauth_auto_sign_in_with_provider'] = nil
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_auto_link_user'] = ['openid_connect']

GitLab-CE接入OAuth 2.0 ID Provider实现统一认证
https://imoe.ac.cn/archives/gitlab-cejie-ru-oauth-2.0-id-provider
作者
Administrator
发布于
更新于
许可