Vendor omniauth-salesforce gem
What does this MR do and why?
- Our ultimate goal is to upgrade
omniauth
to v2.0. See the related issue - In order to upgrade
omniauth
to v2.0, we need to upgradeomniauth-salesforce
because the latter has a dependency on the former. - There is an open issue asking the maintainer to make
omniauth-salesforce
compatible withomniauth
v2.0 but that hasn't happened yet: https://github.com/realdoug/omniauth-salesforce/issues/31 - We are actively emailing with the gem owner about transferring or adding additional contributors to the gem but in the meantime this will unblock the upgrade.
- This MR vendors the gem and updates its
.gemspec
file so that it is compatible withomniauth
v2.0
Screenshots or screen recordings
Screen_Recording_2022-08-24_at_2.23.14_PM
How to set up and validate locally
Instructions on setting up Salesforce SSO: https://docs.gitlab.com/ee/integration/salesforce.html
- Create a Salesforce developer account at https://developer.salesforce.com/
- Create a new Connected App within Salesforce
- Check box for "Enable OAuth Settings"
- Add "http://localhost:3000/users/auth/salesforce/callback" as Callback URL (if you have SSL set up for gdk.test that will also work; only callback URLs that are localhost are allowed to be non-HTTPS)
- Add the Selected OAuth scopes: "Access the identity URL service" and "Access unique user identifiers"
- Save the connected app
- Click "Manage Consumer Details" button on the Connected App's page to view the app key and secret
- In your local config/gitlab.yml:
- Add Salesforce as an OAuth provider
- Change SALESFORCE_CLIENT_ID to the Consumer Key from the Salesforce connected application page.
- Change SALESFORCE_CLIENT_SECRET to the Consumer Secret from the Salesforce connected application page.
- Optional: Add
allow_single_sign_on: 'salesforce'
(more info) - Optional: Add
block_auto_created_users: false
(more info)
- In your local
config/initializers/omniauth.rb
, changeOmniAuth.config.full_host = "http://localhost:3000"
. Otherwise, it resolves to127.0.0.1
, which will not match thecallback_url
in the Salesforce connected app. - Restart GDK
- Visit http://localhost:3000, and log in with Salesforce
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Jessie Young