Update Doorkeeper to version 5.8.0
What does this MR do and why?
- This requires us to vendor doorkeeper-openid_connect until https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/213 is merged
- The only difference between the vendored version and the gem version we were on before is the gemspec dependency. I also added one small note in the vendored gem README about why it was vendored
- We are updating Doorkeeper in order to use the dynamic scopes feature https://github.com/doorkeeper-gem/doorkeeper/pull/1739
- https://my.diffend.io/gems/doorkeeper/5.7.1/5.8.0
Changelog: changed
References
Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
OIDC still works locally with these changes (this is an auth code from my GDK, not a publicly accessible GitLab instance):
How to set up and validate locally
To test that OIDC is still working with these changes:
- Log into gitlab as an administrator
- Create an oauth application with the
openidscope at GDK_ROOT/admin/applications - Visit https://oidcdebugger.com/ and enter the following:
- Authorize_url:
GDK_ROOT/oauth/authorize - Redirect URI:
https://oidcdebugger.com/debug - Client id: client id from created oauth app
- Scope:
openid - Response type: select
code
- Authorize_url:
- Select "send request" button to test OIDC flow
Edited by Jessie Young