| commit | b27cf3ea820eec2ddd22d217fc839261692ccdb0 | [log] [tgz] |
|---|---|---|
| author | Tobias Urdin <tobias.urdin@gmail.com> | Fri Sep 29 08:40:08 2023 +0200 |
| committer | David Ostrovsky <david@ostrovsky.org> | Fri Sep 29 14:46:03 2023 +0200 |
| tree | 80704fcc0368c0f125bffef04fe810af14b4cf85 | |
| parent | 1b3cc407cb2571d08601ab852e6e01f82d27160f [diff] |
Add Authentik OAuth provider This adds a OAuth provider for Authentik [1]. This adds a configuration option named link-to-existing-gerrit-accounts that can be set to true to migrate to this provider from existing LDAP accounts by linking them with externalIDs instead of trying to create new accounts. [1] https://goauthentik.io Change-Id: Ic5c46320267fc6cc5416370382c7387666ce8466
With this plugin Gerrit can use OAuth2 protocol for authentication. Supported OAuth providers:
See the Wiki what it can do for you.
Prebuilt binary artifacts are available on release page. Make sure to pick the right JAR for your Gerrit version.
To build the plugin with Bazel, install Bazel and run the following:
git clone https://gerrit.googlesource.com/plugins/oauth cd oauth && bazel build oauth
Copy the bazel-bin/oauth.jar to $gerrit_site/plugins and re-run init to configure it:
java -jar gerrit.war init -d <site>
[...]
*** OAuth Authentication Provider
***
Use Bitbucket OAuth provider for Gerrit login ? [Y/n]? n
Use Google OAuth provider for Gerrit login ? [Y/n]?
Application client id : <client-id>
Application client secret :
confirm password :
Link to OpenID accounts? [true]:
Use GitHub OAuth provider for Gerrit login ? [Y/n]? n
Make sure to read the FAQ before reporting issues.
Apache License 2.0