Use configured protocol in OpenID URLs

Max Woolfrequested to merge
mw/fix-doorkeeper-openid-protocols into master

What does this MR do and why?

  • Uses the configured URL protocol when requesting OAuth endpoints using well-known path.
  • Currently, doorkeeper uses http by default in all Rails environments, except production.
    • Many (most?) GitLab engineers run GDK with SSL enabled behind nginx.

How to set up and validate locally

  • Ensure GDK is running with SSL.
  • Visit https://gdk.test:3443/.well-known/oauth-authorization-server.
    • Note that many of the _endpoint values are http, even when GDK is running in https mode.
  • Pull this branch, restart GDK.
  • Reload the page, note that the values are now https.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Relates to #557263 (closed)

Edited by Max Woolf

Merge request reports