Hi there, I tried to use oauth for my local gitlab authentication, the configuration of gitlab.rb is:
gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['oauth2_generic']
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_providers'] = [
{
'name' => 'oauth2_generic',
'label' => 'SSO',
'app_id' => 'xxxx',
'app_secret' => 'xxxxxxxxxxxxx',
args: {
client_options: {
site: 'https:/xxxx.com',
authorize_url: '/authserver/oauth2.0/authorize',
token_url: '/authserver/oauth2.0/accessToken',
user_info_url: '/authserver/oauthApi/user/profile'
},
user_response_structure: {
root_path: [],
id_path: ['id'],
attributes: {
name: ['attributes', 'cn'],
email: ['attributes', 'securityEmail']
}
},
authorize_params: {
scope: 'all'
},
strategy_class: 'OmniAuth::Strategies::OAuth2Generic'
}
}
]
I was able to get the user profile with the api authserver/oauthApi/user/profile just as below screenshot,and it turn outs the auth server returned user data. abviously the token is valid.
however, when I clicked SSO button, the redirect to login page only showed "can not validate your identity, reason ’ ’ " , yes , it showed no reason, I checked the logs, nothing but only “invalid credentials”, I cannot get why the failure, any help would be appreciated.
I got the code from dev tools, and used it to get access token, then I can get the user profile data in postman:
