I have always integrated Gitlab with the Crowd omniauth gem.
At the moment I add the following to the Gemfile: “omniauth_crowd”, “>=2.2.3”
In order to make this work I applied a patch to “config/initializers/devise.rb” and changed a line to: provider_arguments << provider[‘args’].symbolize_keys (under “when Hash”)
Snippit:
Gitlab.config.omniauth.providers.each do |provider|
provider_arguments = []
%w[app_id app_secret].each do |argument|
provider_arguments << provider[argument] if provider[argument]
end
case provider['args']
when Array
# An Array from the configuration will be expanded.
provider_arguments.concat provider['args']
when Hash
# A Hash from the configuration will be passed as is.
provider_arguments << provider['args'].symbolize_keys
end
config.omniauth provider['name'].to_sym, *provider_arguments
end
end
This used to work nicely but since my latest upgrade to the latest version of Gitlab I am no longer able to login using Crowd. I am redirected to a 422 error page (The change you requested was rejected.) and the production.log shows:
Started POST “/users/auth/crowd” for 212.x.x.x at 2015-07-30 08:24:34 +0200
Can’t verify CSRF token authenticity
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
lib/omni_auth/request_forgery_protection.rb:58:inhandle_unverified_request' lib/omni_auth/request_forgery_protection.rb:33:in
verify_authenticity_token’
lib/omni_auth/request_forgery_protection.rb:27:incall' config/initializers/7_omniauth.rb:18:in
block in <top (required)>’
I am hoping someone has an idea how to fix this issue.