Did 18.x or omniauth-oauth2-generic change how user_response_structure handles keys (case sensitivity / id_path)? Any known workaround for Omnibus installations?
I recommend to check documentation about what you are using. Version 18.0 deprecated a lot of things a there are some “breaking changes” to check.
I use this tool before running any upgrade to check for changes between versions. This link shows about upgrading from 17.11 to 18.0 I think, but you can refine your versions, and then click on “Deprecations” red button.
Thank you for your suggestion! I’ve gone through the breaking changes page, but I couldn’t identify anything that seems directly related to this issue.
Just to clarify my testing steps:
Installed a fresh 17.11.7 Omnibus instance.
Configured omniauth-oauth2-generic, login worked fine.
Upgraded directly to 18.2.4 following the upgrade path.
Tested login again → failed with 422 Email is blank.
Updated config to use lowercase for email, name, and id_path.
Tested login again → login succeeded, but the user’s unique identifier remains empty (it seems id_path is not being resolved).
I’m wondering if this is a regression in 18.x or if there’s a recommended workaround for handling id_path with Omnibus installations using omniauth-oauth2-generic. Any guidance would be greatly appreciated.
We have noted when the user_info endpoint is called, Gitlab 18+ is now converting camelCase to snake_case after the data is fetched from the userinfo endpoint.
For example, if you previously mapped email → primaryEmail, you need to change that to: email → primary_email.