Add auto_link_user Omniauth configuration setting
What does this MR do?
Adds an auto_link_user
setting to the OmniAuth integrations, allowing current GitLab users to be automatically linked to their corresponding OmniAuth identities, as long as the email matches.
Set to false
by default, and will apply the auto_link_saml_user
behavior to all OmniAuth integrations.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Closes #24327 (closed)
Merge request reports
Activity
assigned to @blunceford
added documentation label
1 Message This merge request adds or changes files that require a review from the Technical Writing team. Documentation review
The following files require a review from a technical writer:
doc/integration/omniauth.md
The review does not need to block merging this merge request. See the:
- Technical Writers assignments for the appropriate technical writer for this review.
- Documentation workflows for information on when to assign a merge request for review.
Reviewer roulette
Changes that require review have been detected! A merge request is normally reviewed by both a reviewer and a maintainer in its primary category (e.g. frontend or backend), and by a maintainer in all other categories.
To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited, or the chosen person is unavailable.
To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.
Once you've decided who will review this merge request, mention them as you normally would! Danger does not automatically notify them for you.
Category Reviewer Maintainer backend Lucas Charles ( @theoretick
)Stan Hu ( @stanhu
)If needed, you can retry the
danger-review
job that generated this comment.Generated by
DangerEdited by 🤖 GitLab Bot 🤖- Resolved by Blair Lunceford
@dblessing would you be available to review this change?
885 885 # (default: false) 886 886 auto_link_saml_user: false 887 887 888 # Allow users with existing accounts to login and auto link their account via OmniAuth 889 # login, without having to do a manual login first and manually add OmniAuth. Links on email. 890 # (default: false) 891 auto_link_user: false I believe that each configuration at this level are their own configuration key in
gitlab.rb
for Omnibus. If that's the case we will need a parallel effort inomnibus-gitlab
to add support for this option.Edited by Drew BlessingI opened an MR to add the configuration to Omnibus: omnibus-gitlab!4415 (merged)
Good idea! I opened an issue: #243787 (closed)
I'll work on it this week, it shouldn't be much of a change from this addition.
I also opened another issue to deprecate the
auto_link_saml_user
setting, given that this setting applies to all providers, including SAML: #243789Thanks!
- Resolved by Blair Lunceford
- Resolved by Blair Lunceford
- Resolved by Blair Lunceford
mentioned in merge request omnibus-gitlab!4415 (merged)
assigned to @dblessing
added 4540 commits
-
6d98786c...19368f19 - 4537 commits from branch
master
- 2162b619 - Add setting for auto_link_user
- 2bfefafa - Update spec and add changelog
- ea2b8cfd - Merge branch '24327-add-overarching-auto_link_user-omniauth-configuration' of...
Toggle commit list-
6d98786c...19368f19 - 4537 commits from branch
- Resolved by Blair Lunceford
@dblessing do you have any more comments or suggestions before I send this to Maintainer review?
Thanks!
- Resolved by Blair Lunceford
added 1167 commits
-
ea2b8cfd...29518bb0 - 1163 commits from branch
master
- 8585afe2 - Add setting for auto_link_user
- e4abf1cd - Update spec and add changelog
- 508de501 - Merge branch '24327-add-overarching-auto_link_user-omniauth-configuration' of...
- 59d1aadd - Applied suggestion
Toggle commit list-
ea2b8cfd...29518bb0 - 1163 commits from branch
mentioned in commit 26374d2f
added 7 commits
- ec74d212 - Adds job token auth to nuget
- 8d8046af - Fix EachBatch call in license management migration
- baf8a271 - Add docs about naming project bot users, and not using seat
- 0a1df73e - Documentation changes for Expired PAT email
- 3482dead - Add a section for target branches in GitLab Security
- 26374d2f - Add auto_link_user OmniAuth setting
- 66f03589 - Merge branch '24327-add-overarching-auto_link_user-omniauth-configuration' of...
Toggle commit listmentioned in commit ca7d9129
mentioned in commit 0ef8d8e3
- Resolved by James Fargher
@mjang for Docs review @proglottis for backend maintainer review
assigned to @mjang1 and @proglottis
- Resolved by James Fargher
- Resolved by James Fargher
- Resolved by James Fargher
- Resolved by James Fargher
unassigned @proglottis
mentioned in commit 6918999f
assigned to @proglottis
- Resolved by Blair Lunceford
unassigned @mjang1
unassigned @proglottis
mentioned in issue #238626
assigned to @proglottis