Skip to content

Overhaul OAuth authorization page

Austin Regnery requested to merge aregnery/polish-oauth-page into master

What does this MR do and why?

This change updates the page where users grant OAuth applications access to their accounts.

  • It uses the minimal layout to keep the focus on the singular task. There's no need for navigation nor the search page bar that does nothing.
  • Adds extra information about the application to help users make an educated decision
  • Changes the button variant to confirm
  • Rewords terminology to more likely be accurate and less misleading

Relates to #462655 (closed)

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Before After
image.png image.png
image.png image.png

How to set up and validate locally

Instance OAuth App

  1. Login to GitLab as an Admin and navigate to /admin/applications/new
  2. Fill out the form with the following:
    • Name - Foo bar
    • Redirect URI - http://foo.bar
    • Check api and read_api under Scopes
  3. Navigate to /oauth/authorize?access_type=online&client_id=<Application ID>&redirect_uri=http%3A%2F%2Ffoo.bar&response_type=code&scope=api%20read_user.
    • Make sure you update <Application ID> to the Application ID provided in the previous step

CleanShot_2024-05-24_at_12.03.19

Group OAuth App

  1. Navigate to a group and go to /-/settings/applications
  2. Add an app and fill out the form with the following:
    • Name - Foo bar
    • Redirect URI - http://localhost:4567
    • Check api under Scopes
  3. Navigate to /oauth/authorize?client_id=<Application ID>&redirect_uri=http://localhost:4567&response_type=code
    • Make sure you update <Application ID> to the Application ID provided in the previous step

CleanShot_2024-05-24_at_12.03.14

User OAuth App

  1. Navigate to /oauth/applications
  2. Add an app and fill out the form with the following:
    • Name - Foo bar
    • Redirect URI - http://localhost:4567
    • Check api under Scopes
  3. Navigate to /oauth/authorize?client_id=<Application ID>&redirect_uri=http://localhost:4567&response_type=code
    • Make sure you update <Application ID> to the Application ID provided in the previous step

CleanShot_2024-05-24_at_12.03.01

Edited by Adil Farrukh

Merge request reports