Jira Connect App: Support OAuth w/ PKCE flow with GitLab (!81126) · Merge requests · GitLab.org / GitLab

Tom Quirk requested to merge 284211_backend-jira-connect-oauth into master Feb 21, 2022

What does this MR do and why?

This full-stack MR gives users the ability to authenticate with GitLab via the OAuth PKCE Flow.

⚠ it is behind a feature flag (introduced in this MR): jira_connect_oauth

Context:

feature issue: #284211 (closed)
previous MR that was partially reviewed: !67895 (closed)
discussion of the frontend's role in PKCE #284211 (comment 847499499)

🏁 START HERE: !81126 (comment 859575472) 🏁

The main frontend files of concern are:

app/assets/javascripts/jira_connect/subscriptions/pkce.js
app/assets/javascripts/jira_connect/subscriptions/components/sign_in_oauth_button.vue

When the feature flag is enabled, we will render the new sign_in_oauth_button.vue component. The OAuth flow is initiated when a user clicks this button.

Screenshots or screen recordings

jira-connect

How to set up and validate locally

Set up a Jira instance using the steps here: https://docs.gitlab.com/ee/development/integrations/jira_connect.html

Then, follow the guide (added in this MR) for testing this MR: doc/development/integrations/jira_connect.md !81126 (diffs)

You should see the Jira app auth when you visit /-/profile/applications.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Mar 10, 2022 by Luke Duncalfe

Jira Connect App: Support OAuth w/ PKCE flow with GitLab

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports