| commit | ead0207533523d1765de330d524164f7ff92d5fe | [log] [tgz] |
|---|---|---|
| author | Addie Morrison <0xADD1E@gmail.com> | Sun Dec 13 21:06:35 2020 -0600 |
| committer | David Ostrovsky <david@ostrovsky.org> | Fri Jan 08 18:29:27 2021 +0100 |
| tree | 30780a80d7d0c6580afa580857e97a847ebecbd0 | |
| parent | 204a1494301b27cb77edb6c8dd68452a22fd7719 [diff] |
Decode Keycloak JWTs as UTF-8 Prior to this, JWTs from Keycloak was decoded using the platform default encoding. At least in the Docker container, this is set to a non UTF-8 encoding, which messes with names and potentially more. RFC 7519 specifies in 7.1 section that the message is "the UTF-8 representation of the JWT Claims Set", so it seems rather silly to not treat it as such. Change-Id: I2dceaa48360024eef42b5467e2cec7e57c094267
With this plugin Gerrit can use OAuth2 protocol for authentication. Supported OAuth providers:
See the Wiki what it can do for you.
Prebuilt binary artifacts are available on release page. Make sure to pick the right JAR for your Gerrit version.
To build the plugin with Bazel, install Bazel and run the following:
git clone https://gerrit.googlesource.com/plugins/oauth cd oauth && bazel build oauth
Copy the bazel-bin/oauth.jar to $gerrit_site/plugins and re-run init to configure it:
java -jar gerrit.war init -d <site>
[...]
*** OAuth Authentication Provider
***
Use Bitbucket OAuth provider for Gerrit login ? [Y/n]? n
Use Google OAuth provider for Gerrit login ? [Y/n]?
Application client id : <client-id>
Application client secret :
confirm password :
Link to OpenID accounts? [true]:
Use GitHub OAuth provider for Gerrit login ? [Y/n]? n
Make sure to read the FAQ before reporting issues.
Apache License 2.0