Adds Omniauth Provider for Group SAML
What
Creates a new Omniauth provider for us to use on GitLab.com for per-group SAML
Users will be directed to this from the SSO page in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/5508
This has been extracted from https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/4076 which currently contains the callback flow that will be followed by the user after using this provider.
Why
It lets us dynamically determine SAML settings from a configured group, instead of using instance wide config. It uses a dynamic callback path to then ensure that the right settings are used when the user returns from the identity provider.
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
API support added -
Tests added for this feature/bug - Review
-
Has been reviewed by Backend
-
-
EE specific content should be in the top level /ee
folder -
Conform by the merge request performance guides -
Internationalization required/considered -
If paid feature, have we considered GitLab.com plan and how it works for groups and is there a design for promoting it to users who aren't on the correct plan -
End-to-end tests pass ( package-qa
manual pipeline job)
What are the relevant issue numbers?
Edited by James Edwards-Jones