If this blog helped you in any way (professionally), please donate a dollar here

Friday, December 6, 2013

Setup gitlab openid authentication with simpleid

Gitlab is a wonderful new tool that allows one to host projects just like we do on github. The basic difference is that github has public projects as it's default setting and gitlab has private!


What I was about to do was to integrate OpenID authentication mechanism so I needed a OpenID server for that. I used a fairly simple OpenID server, SimpleID. The name says it all!

Gitlab version 6.3.0 does not support openID authentication out of the box. Here are the necessary hacks required to get it running. I got it running on a centos 6.3 box.
Gitlab configuration:
0. Add this line to Gemfile
gem 'omniauth-oath'
1. Add these lines to gitlab/config/initializers/devise.rb
config.omniauth :open_id, :name=>'openid', :identifier =>'http://(Your open id server ip)'

if Gitlab.config.ldap.enabled
...

2. Add these lines to app/controllers/omniauth_callbacks_controller.rb
  def openid
    handle_omniauth
  end


  private
  ...
3. In the config file (config/gitlab.yml) ensure this:
  omniauth:
     enabled: true

Now for SimpleID configuration:

  1. Enable .htaccess by 
    • renaming .htaccess.dist
    • Add:
      AllowOverride All
      in apache configuration. Note that the configuration for the "/" folder will override all other configs.
  2. Add an user in identities folder as explained in the sample identity file. The identity parameter should be of the form

    "http://(your openid server ip)/user/root/"
    and the password should be a MD5 hash of whatever the plaintext password is. The other sreg parameters and ax parameters are optional.
Screenies:


And finally:



Thanks to Kevin Mo for helping me out.

References:
List of openID compilant web servers
Gitlab forum post

No comments:

Post a Comment