fh1ch / passport-gitlab2 Goto Github PK
View Code? Open in Web Editor NEWGitLab authentication strategy for Passport
License: MIT License
passport-gitlab2's People
Stargazers
Watchers
Forkers
sigalrm-io gitterhq meshhq roymilder zergar ufo22940268 awdsawdsawds andyrichardson grant0550passport-gitlab2's Issues
Authentication by group
Is it possible to allow a user not by specifying all users, but to allow login by group?
Why not make 'api' scope default?
In what cases would one use only 'read_user' scope?
After the authentication, the profile is retrieved using the api/v3/user URL - using only 'read_user' scope will result in 403 error:
{"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token.","scope":"api"}
InternalOAuthError: Failed to fetch user profile
After I authorize the project to have Gitlab access I got this error:
Implementation:
middleware
passport.use(new gitlab.Strategy({
clientID: config.GITLAB.APPLICATION_ID,
clientSecret: config.GITLAB.SECRET,
callbackURL: "http://localhost:3000/auth/gitlab/callback"
}, (accessToken, refreshToken, profile, cb) => {
console.log(accesstoken)
return cb(null, profile)
}
))
auth route
passport.authenticate('gitlab', {
state: userId,
scope: ['api']
})
callback
router.get('/auth/gitlab/callback',
passport.authenticate('gitlab', {
failureRedirect: '/login'
}), gitlabCallback )
I have to mention that authentication was working until a couple of weeks ago, when I worked last time on the project and now this error occurred. Moreover, the code and the necessary tokens were not changed since implementation. It might be a change in Gitlab's api or am I am missing something?
https://gitlab.com/users/sign_in 503
Hey guys. I'm unsure if the library is still maintained, but I hope so.
After a simple setup, I keep being redirected to https://gitlab.com/users/sign_in with a 503 error.
- My client hits http://localhost:3000/auth/gitlab
- I get a 302 response https://gitlab.com/oauth/authorize?response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3008%2Fauth%2Fgitlab%2Fcallback&scope=read_user&client_id=myClientId
- The previous request calls https://gitlab.com/users/sign_in and I get 503.
If I copy/paste the second step directly into the browser, it actually works. I'm not entirely sure why number 2 tries to call the sign_in URL, but it does.
Any help is highly appreciated.
Authenticate stuck in loop
Hey,
i'm using sailsjs (latest 1.2.3)
When the gitlab action is called i get an infinite loop.
Action in my controller
gitlab: function (req, res, next) {
sails.log.info("Gitlab");
passport.authenticate('gitlab');
},
Strategy config
passport.use(new GitLabStrategy({
clientID: "CLIENT_ID",
clientSecret: "SECRET",
callbackURL: 'http://localhost:1337/auth/gitlab/callback',
baseURL: "https://gitlab.example.org/",
usernameField: 'username'
},
function (accessToken, refreshToken, profile, cb) {
sails.log.info(profile);
User.findOrCreate({gitlabId: profile.id}, function (err, user) {
return cb(err, user);
});
}
));
Can't get any debug information, only in the log output of sails.log.info shows up on each loop.
Any idea idea what is going wrong here?
Authorize request each time?
Hi,
Each time I am redirected to oauth/authorize it shows up the authorization form, even if I previously approved the authorization.
passport.use(new GitLabStrategy({
baseURL: xxx,
clientID: xxx,
clientSecret: xxx,
callbackURL: xxx
}, afterGitLabLoginHandler));
router.get(yyy, passport.authenticate('gitlab', { scope: ['api'] }));
I'm missing something ?
Thank you.
read_user scope undocumented
From a discussion we know, that GitLab also does support a read_user scope. The documentation in README.md#how-do-i-change-permissions--scope-when-obtaining-a-user-profile does not reflect this, yet.
User avatar is given in "avatarUrl" instead of "photos"
Unlike several other passport strategies (including passport-facebook, passport-github, and passport-twitter) that provide the user avatar in the profile object photos field, passport-gitlab2 uses avatarUrl instead.
Is there any reason for that? Would you accept a PR that change it?
Problem after login
Hello,
I'm trying to integrate gitlab login in my application. I read the documentation, filled all the required credentials and added the callback endpoint but I think I'm missing something related with scopes because I get 401 although I set username: "ericzon" with permissions: ["*"]
Here is my basic setup:
const app = express();
console.log('Starting application...');
app.use('/',express.static('public'));
app.use(session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true
}))
const server = http.createServer(app);
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser((user, done) => {
done(null, user)
});
passport.deserializeUser(async (user, done) => {
console.log('deserialize > incoming user: ', user);
done(null, user);
});
const settings = {
httpAdminRoot:'/red',
httpNodeRoot: '/api',
userDir: path.join(__dirname, path.sep, 'userDir'),
functionGlobalContext: { }, // enables global context
adminAuth: require('./userDir/node_modules/node-red-auth-gitlab')({
clientID: "<MY_CLIENT_ID>",
clientSecret: "<MY_SECRET>",
baseURL: "http://localhost:3000",
gitlabURL: "https://gitlab.com/",
users: [
{ username: "ericzon", permissions: ["*"]}
]
})
};
RED.init(server, settings);
app.use(settings.httpAdminRoot, RED.httpAdmin);
app.use(settings.httpNodeRoot, RED.httpNode);
app.get('/auth/strategy/callback',
passport.authenticate('gitlab', {
failureRedirect: '/red-auth-failure'
}),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/red');
});
const PORT = process.env.PORT || 3000;
server.listen(PORT), () => {
console.log('Listening port ' + PORT);
};
I go through all the process of login against Gitlab, all seems ok but when I return to backoffice, settings request returns 401 and login appears:
I'm using node-red version: v1.0.6 in MACOS Mojave
P.S: just to give more details, if I add a log in deserializeUser I get:
{
username: 'ericzon',
permissions: [ '*' ],
tokens: {
accessToken: ... // a-valid-access-token,
expires_in: 604800
}
}
adding another log in @node-red/editor-api/lib/auth/index.js inside needsPermission method I can see that 401 is returned after failing settings.read
Thank you
Function after passport.use not working
I am unable to get the
function(accessToken, refreshToken, profile, cb) {
console.log(profile);
}
to fire when authenticating
passport.use(new gitlabAuth({
clientID: info.gitlabID,
clientSecret: info.gitlabSecret,
callbackURL: "http://bertie.io:"+opts.port+"/auth/gitlab/callback",
baseURL: "http://git.bertie.io"
},function(accessToken, refreshToken, profile, cb) {
console.log(profile);
}
));
Full code
var passport = require("passport");
var gitlabAuth = require("passport-gitlab2");
var info = require("./info.js");
var express = require("express");
var morgan = require('morgan');
var opts = {};
opts.port = 3000;
var app = express();
app.use(morgan('common'));
var admin = express.Router();
app.use(require('serve-static')(__dirname + '/../../public'));
app.use(require('express-session')({
secret: 'keyboard cat',
resave: true,
saveUninitialized: true
}));
app.use(passport.initialize());
app.use(passport.session());
console.log("Server running on port: " + opts.port);
passport.use(new gitlabAuth({
clientID: info.gitlabID,
clientSecret: info.gitlabSecret,
callbackURL: "http://bertie.io:"+opts.port+"/auth/gitlab/callback",
baseURL: "http://git.bertie.io"
},function(accessToken, refreshToken, profile, cb) {
console.log(profile);
}
));
app.get('/', function(req, res) {
res.send('Hello World')
})
app.get('/auth/gitlab', passport.authenticate('gitlab', {scope: ['api']}));
function gitLabTest(res) {
var gitlab = require('gitlab')({
url: 'http://git.bertie.io',
token: info.pvTest
});
// Listing users
gitlab.issues.all(function(issues) {
for(var i = 0; i < issues.length; i++){
if (issues[i].author.id = 2) {
console.log("#" + issues[i].id + ": " + issues[i].project_id + ", " + issues[i].author.name);
}
}
// for (var i = 0; i < users.length; i++) {
// console.log("#" + users[i].id + ": " + users[i].email + ", " + users[i].name + ", " + users[i].created_at);
// }
// });
//
// // Listing projects
// gitlab.projects.all(function(projects) {
// for (var i = 0; i < projects.length; i++) {
// console.log("#" + projects[i].id + ": " + projects[i].name + ", path: " + projects[i].path + ", default_branch: " + projects[i].default_branch + ", private: " + projects[i]["private"] + ", owner: " + projects[i].owner.name + " (" + projects[i].owner.email + "), date: " + projects[i].created_at);
// }
});
}
app.get('/auth/gitlab/callback', function(req, res) {
gitLabTest(res);
});
app.listen(3000)
//Connection
call back is not invalid? why is localhost??
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.