Add allowlist test for packaged runtime JARs Track the set of third-party runtime dependencies that are bundled into the oauth plugin by generating a deterministic manifest for :oauth__plugin and diffing it against an allowlist in CI. This prevents accidental changes to the packaged dependency set and ensures that libraries already provided by Gerrit are not bundled into the plugin. Exclude org.slf4j:slf4j-api from the Maven dependencies since Gerrit ships it, avoiding duplicate classes and potential version skew in the plugin classloader. Change-Id: I625bd7f0d4a29ff68996b295562b5349ef4b7c55
With this plugin Gerrit can use OAuth2 protocol for authentication. Supported OAuth providers:
See the Wiki what it can do for you.
Prebuilt binary artifacts are available on release page. Make sure to pick the right JAR for your Gerrit version.
To build the plugin with Bazel, install Bazel and run the following:
git clone https://gerrit.googlesource.com/plugins/oauth cd oauth && bazel build oauth
Copy the bazel-bin/oauth.jar to $gerrit_site/plugins and re-run init to configure it:
java -jar gerrit.war init -d <site>
[...]
*** OAuth Authentication Provider
***
Use Bitbucket OAuth provider for Gerrit login ? [Y/n]? n
Use Google OAuth provider for Gerrit login ? [Y/n]?
Application client id : <client-id>
Application client secret :
confirm password :
Link to OpenID accounts? [true]:
Use GitHub OAuth provider for Gerrit login ? [Y/n]? n
Make sure to read the FAQ before reporting issues.
Apache License 2.0