[7.13.2 Community Edition] Crowd authentication failing

I have always integrated Gitlab with the Crowd omniauth gem.
At the moment I add the following to the Gemfile: “omniauth_crowd”, “>=2.2.3”
In order to make this work I applied a patch to “config/initializers/devise.rb” and changed a line to: provider_arguments << provider[‘args’].symbolize_keys (under “when Hash”)

  Gitlab.config.omniauth.providers.each do |provider|
    provider_arguments = []

    %w[app_id app_secret].each do |argument|
      provider_arguments << provider[argument] if provider[argument]

    case provider['args']
    when Array
      # An Array from the configuration will be expanded.
      provider_arguments.concat provider['args']
    when Hash
      # A Hash from the configuration will be passed as is.
      provider_arguments << provider['args'].symbolize_keys

    config.omniauth provider['name'].to_sym, *provider_arguments

This used to work nicely but since my latest upgrade to the latest version of Gitlab I am no longer able to login using Crowd. I am redirected to a 422 error page (The change you requested was rejected.) and the production.log shows:

Started POST “/users/auth/crowd” for 212.x.x.x at 2015-07-30 08:24:34 +0200
Can’t verify CSRF token authenticity

ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
lib/omni_auth/request_forgery_protection.rb:58:in handle_unverified_request' lib/omni_auth/request_forgery_protection.rb:33:in verify_authenticity_token’
lib/omni_auth/request_forgery_protection.rb:27:in call' config/initializers/7_omniauth.rb:18:in block in <top (required)>’

I am hoping someone has an idea how to fix this issue.

I solved it this way

  1. edit the following file at line 18

    sudo nano +18 /opt/gitlab/embedded/service/gitlab-rails/config/initializers/7_omniauth.rb

  2. Comment the line 18 by inserting a ‘#’ at the line’s beginning

    OmniAuth.config.before_request_phase do |env|



  3. Save the file and restart gitlab

My environment:

  • gitlab 7.13.2
  • omniauth_crowd version 2.2.3
1 Like

Thanks for sharing the workaround rlagoue!