Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable and disable oauth2 providers with environment variables #1177

Merged
merged 1 commit into from
Sep 6, 2021
Merged

Enable and disable oauth2 providers with environment variables #1177

merged 1 commit into from
Sep 6, 2021

Conversation

oyarzun
Copy link
Contributor

@oyarzun oyarzun commented Sep 5, 2021

This PR adds environment variables to control whether an oauth2 provider is enabled. See #958 (comment)

@zackgalbreath zackgalbreath merged commit ad5a401 into Kitware:master Sep 6, 2021
@zackgalbreath
Copy link
Contributor

Thanks for the contribution!

@oyarzun oyarzun deleted the oauth-docker branch September 16, 2021 13:31
@estan
Copy link

estan commented Jan 9, 2022

@oyarzun @zackgalbreath Sorry to hijack this merged MR, but just have to ask: How would I enable OAuth2 via GitLab if running using docker-compose?

I'm attempting to put

services:
  cdash:
    environment:
      OAUTH2_PROVIDERS: |
          [
              'GitLab' => [
                  'clientId' => '<redacted>',
                  'clientSecret' => '<redacted>',
                  'redirectUri' => 'https://cdash.<ourdomain>/auth/GitLab.php',
                  'domain' => 'https://git.<ourdomain>'
              ]
          ]

in our docker-compose.yml, but it doesn't seem to be working. There's no "log in via GitLab" or similar on the login page.

@estan
Copy link

estan commented Jan 9, 2022

Bah nevermind. That's precisely what this PR is about. I just had to add GITLAB_ENABLE=1 as well.

@estan
Copy link

estan commented Jan 9, 2022

However, with

services:
  cdash:
    environment:
      GITLAB_ENABLE: 1
      OAUTH2_PROVIDERS: |
          [
              'GitLab' => [
                  'clientId' => '<redacted>',
                  'clientSecret' => '<redacted>',
                  'redirectUri' => 'https://cdash.<ourdomain>/auth/GitLab.php',
                  'domain' => 'https://git.<ourdomain>'
              ]
          ]

I'm getting this backtrace:

cdash    | [2022-01-09 22:14:12] development.ALERT: OAuth2 gitlab configuration setting, clientId, must have a value  
cdash    | [2022-01-09 22:14:12] development.ERROR: OAuth2 gitlab configuration setting, clientId, must have a value {"exception":"[object] (Exception(code: 0): OAuth2 gitlab configuration setting, clientId, must have a value at /home/kitware/cdash/app/Providers/OAuthServiceProvider.php:46)
cdash    | [stacktrace]
cdash    | #0 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(36): App\\Providers\\OAuthServiceProvider->boot()
cdash    | #1 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Container/Util.php(37): Illuminate\\Container\\BoundMethod::Illuminate\\Container\\{closure}()
cdash    | #2 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(93): Illuminate\\Container\\Util::unwrapIfClosure(Object(Closure))
cdash    | #3 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(37): Illuminate\\Container\\BoundMethod::callBoundMethod(Object(Illuminate\\Foundation\\Application), Array, Object(Closure))
cdash    | #4 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Container/Container.php(590): Illuminate\\Container\\BoundMethod::call(Object(Illuminate\\Foundation\\Application), Array, Array, NULL)
cdash    | #5 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(856): Illuminate\\Container\\Container->call(Array)
cdash    | #6 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(839): Illuminate\\Foundation\\Application->bootProvider(Object(App\\Providers\\OAuthServiceProvider))
cdash    | #7 [internal function]: Illuminate\\Foundation\\Application->Illuminate\\Foundation\\{closure}(Object(App\\Providers\\OAuthServiceProvider), 22)
cdash    | #8 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(840): array_walk(Array, Object(Closure))
cdash    | #9 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/BootProviders.php(17): Illuminate\\Foundation\\Application->boot()
cdash    | #10 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(219): Illuminate\\Foundation\\Bootstrap\\BootProviders->bootstrap(Object(Illuminate\\Foundation\\Application))
cdash    | #11 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(156): Illuminate\\Foundation\\Application->bootstrapWith(Array)
cdash    | #12 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(140): Illuminate\\Foundation\\Http\\Kernel->bootstrap()
cdash    | #13 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(110): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(Illuminate\\Http\\Request))
cdash    | #14 /home/kitware/cdash/public/index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle(Object(Illuminate\\Http\\Request))
cdash    | #15 {main}

Is it not possible to inject the OAUTH2_PROVIDERS variable in this way?

@estan
Copy link

estan commented Jan 9, 2022
edited
Loading

Ah removing OAUTH2_PROVIDERS altogether and instead using

      GITLAB_ENABLE: 1
      GITLAB_CLIENT_ID: <redacted>
      GITLAB_CLIENT_SECRET: <redacted>
      GITLAB_DOMAIN: https://git.<ourdomain>

got me somewhere. However, when CDash makes the request to GitLab, it seems to use a HTTP URL as the redirect_uri GET parameter, which doesn't work for us since we use HTTPS. It makes the request to:

https://git./oauth/authorize?scope=read_user&state=&response_type=code&approval_prompt=auto&redirect_uri=http%3A%2F%2Fcdash.%2Foauth%2Fcallback%2Fgitlab&client_id=

Note the http in the redirect_uri parameter. It needs to be https.

@estan
Copy link

estan commented Jan 9, 2022

And hm, even trying that redirect_url manually, but changing to https, I get a 500:

cdash    | [2022-01-09 22:41:44] development.ERROR: Trying to access array offset on value of type null {"exception":"[object] (ErrorException(code: 0): Trying to access array offset on value of type null at /home/kitware/cdash/app/Providers/OAuthServiceProvider.php:71)
cdash    | [stacktrace]
cdash    | #0 /home/kitware/cdash/app/Providers/OAuthServiceProvider.php(71): Illuminate\\Foundation\\Bootstrap\\HandleExceptions->handleError(8, 'Trying to acces...', '/home/kitware/c...', 71, Array)
cdash    | #1 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(616): App\\Providers\\OAuthServiceProvider->register()
cdash    | #2 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/ProviderRepository.php(75): Illuminate\\Foundation\\Application->register(Object(App\\Providers\\OAuthServiceProvider))
cdash    | #3 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(593): Illuminate\\Foundation\\ProviderRepository->load(Array)
cdash    | #4 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/RegisterProviders.php(17): Illuminate\\Foundation\\Application->registerConfiguredProviders()
cdash    | #5 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(219): Illuminate\\Foundation\\Bootstrap\\RegisterProviders->bootstrap(Object(Illuminate\\Foundation\\Application))
cdash    | #6 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(156): Illuminate\\Foundation\\Application->bootstrapWith(Array)
cdash    | #7 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(140): Illuminate\\Foundation\\Http\\Kernel->bootstrap()
cdash    | #8 /home/kitware/cdash/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(110): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(Illuminate\\Http\\Request))
cdash    | #9 /home/kitware/cdash/public/index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle(Object(Illuminate\\Http\\Request))
cdash    | #10 {main}

@oyarzun
Copy link
Contributor Author

oyarzun commented Jan 10, 2022
edited
Loading

@estan I recall running into the same issue. It has been a little while, but I believe I needed to apply #1176 to get it to work.

@estan
Copy link

estan commented Jan 10, 2022

Thanks @oyarzun, I'll have a go.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@oyarzun @zackgalbreath @estan