Skip to content

Show SAML message when reauthorization needed

What does this MR do and why?

(This part of a multi-MR solution for #391765 (closed) - the other one is here: Prevent showing repos in the merge request drop... (!122972 - merged))

Users that have a Group SAML setup with GitLab can often get stuck in a situation where they have not recently authorized with their SAML provider but are still logged into GitLab (since you can login to GitLab with your own username and password without the SAML provider).

Some repos protected by that SAML authorization will then be unavailable to use, but could still show up. This can be a problem when making a new MR because the app will silently move you to a branch you can merge to (which is not ideal).

This MR lets users know there are 1 or more repos that require them to reauthenticate with SAML and provides them a link (similar to how it works with TODOs on GitLab.com):

Screenshot_2023-06-07_at_17.44.57

The subsequent (linked) MR will hide the offending groups so users don't accidentally choose one and get silently redirected.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After
Screenshot_2023-06-07_at_16.17.30 Screenshot_2023-06-07_at_16.17.04

How to set up and validate

  1. Setup the GDK to use Group SAML
  2. Create a private fork (B) of a SAML protected project (A) in your personal space
  3. Log out of GitLab (clears SAML token)
  4. Login to GitLab with a username/password (without SAML)
  5. Create a new MR from your fork (B) to the protected repo (A)
  6. Confirm the new message is there

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #391765 (closed)

Edited by Gary Holtz

Merge request reports

Loading