Google Git
Sign in
gerrit / plugins / cfoauth / 8af457d3634e67e6e06ada4772c2f6fc40578692
commit8af457d3634e67e6e06ada4772c2f6fc40578692[log] [tgz]
authorThomas Draebing <thomas.draebing@sap.com>Wed Feb 06 17:39:21 2019 +0100
committerThomas Dräbing <thomas.draebing@sap.com>Mon Feb 11 15:22:40 2019 +0000
treed0402fd3e7655b709428db219350d56e03e7e9b8
parent0405ec0719d25ab6cfc02a825b6f0a8704b6578c [diff]
Fix conversion from AccessToken to OAuthToken

The login via UAA failed with "Server Error", when using the cfoauth
plugin with Gerrit stable-2.16, because OAuthToken-constructor provided
by the oauth extension of Gerrit does now require the 'secret'- and the
'raw'-parameter not to be null.

This change adds the raw response of the UAA server to the AccessToken
object, which is then handed to the OAuth extension point of Gerrit
instead of null.

Since UAA uses OAuth 2.0, no token secret is used. Since the Gerrit
OAuth extension point expects a token secret to be sent, an empty string
will be used instead. This follows the approach used by the scribe-java
library, which is used in the OAuth implementation of Gerrit and this
plugin.

Change-Id: I4e36b2a651951aff1cf08932b2902fa86905976e
5 files changed
tree: d0402fd3e7655b709428db219350d56e03e7e9b8
  1. lib/
  2. src/
  3. .buckconfig
  4. .gitignore
  5. BUCK
  6. BUILD
  7. external_plugin_deps.bzl
  8. LICENSE
  9. LICENSE-scribe
  10. README.md
  11. VERSION
README.md

Cloud Foundry UAA OAuth 2.0 Authentication Provider

With this plugin Gerrit can use OAuth2 protocol to authenticate users accessing Gerrit's Web UI with a CloudFoundry User Account and Authentication (UAA) server. The Sign In link will redirect the user to the UAA login screen.

For Git-over-HTTP communication users still need to generate and use an HTTP password.

License

Apache License 2.0