I want users to sign in through the omniauth provider
oauth2_generic against a custom OAuth 2 server.
I was able to configure Gitlab so that it redirects to the authentication page using its app ID and secret. Using this authorization code, Gitlab then fetches an access token. When calling the url provided in
user_info_url however, Gitlab does not provide the access token for authentication. So the user info page responds with the HTTP code 401 unauthorized and header
www-authenticate: bearer realm="Service". As far as I understand OAuth, Gitlab should try again using the access token. Instead Gitlab presents the error message
Could not authenticate you from XYZ because "".. So far, I did most of the debugging on the OAuth server… Is there any documentation on how Gitlab expects the user info page to behave? I.e. does it expect a specific realm for the www-authenticate header? What body does it expect to recieve in order to try again using the access token?
 is the body provided along the HTTP code 401. Can I check if Gitlab recieved the access token (so far, I only know that the OAuth server provided one)?