Support v2.0 for Azure OAuth2 authentication strategy
Problem to solve
The current GitLab Azure OAuth2 integration uses the v1.0 Azure OAuth2 authentication strategy. This has been phased out by the v2.0 authentication strategy. This issue proposes supporting the v2.0 strategy.
Large Premium customer requesting this --> https://gitlab.zendesk.com/agent/tickets/154258 (internal use only)
Intended users
Users managing and auditing the authentication to the GitLab instance.
Further details
The Azure OAuth2 integration uses the omniauth-azure-oauth2 gem in the implementation, and that is where changes will need to be made to support the v2.0 endpoints. There is an open issue in the gem to support these endpoints. However, the upstream project is not active.
Per the comment in a related issue:
Yes, v1 is what the gem we use supports. We will have to decide how to handle this since it looks like the upstream project is not active. We will have to consider forking the gem, rewriting for v2, and publishing.
Proposal
Update the gem to support the v2.0 Azure OAuth2 authentication endpoints.
Permissions and Security
Documentation
Azure OAuth2 integration docs: https://docs.gitlab.com/ee/integration/azure.html
Availability & Testing
What does success look like, and how can we measure that?
Customers can leverage the v2.0 endpoint in the Azure OAuth2 integration
What is the type of buyer?
This integration is available across all tiers.
Is this a cross-stage feature?
No