New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Gitlab (self-hosted) SSO #94
Comments
I believe django uses https://github.com/python-social-auth/social-app-django for that part and it looks like they have an initial part for gitlab https://python-social-auth.readthedocs.io/en/latest/backends/gitlab.html |
I'm interested on it too. |
This is correct - we'd need to work with that. |
This would also have a UI component for the SSO link and any relevant update to the tower api config endpoint. |
if someone is interested in working on a pr for this, feel free to @ me on the UI side of things, I did the initial implementation of the third-party auth work. |
Unfortunately we're going to be blocked on this one until we upgrade our python-social-auth core version. Good news is that we are planning on doing that with the next set of features/mass upgrades. |
This is really useful. We use a corporate hosted GitLab (7.14.0) that I would much prefer just to have people login to Ansible Tower with than to create individual users for each person. |
The core social auth system was updated week before last, so if it's something you need then please submit a PR. |
Any traction on this one? Is there a way to increase the timeout of a logged-in session? |
@matburt is there a starting point you could push me toward? I'm invested in seeing something like this working, but would need a little help getting into this code base. |
Genericizing it would be a reasonable amount of work. Copy-pasta-ing the existing code for a new backend would, in theory, not be that complicated. |
We use python social auth, and it does include a gitlab backend: https://python-social-auth-docs.readthedocs.io/en/latest/backends/gitlab.html You'll want to look at how our SSO system is implemented: (as a starting point) and the social auth docs regarding what is required for the backend: It's probably not too hard, but our built-in settings system means you'll just need to be aware of where you need to make the changes. @rooftopcellist has done a good bit of work around here. You can track us down on irc and the mailing list if you have issues implementing it We have some architectural docs for the overal auth system: |
Any movement on this? +1 for still wanted. |
I'm closing this issue as we would not look to do anything through this mechanism. SSO as a platform feature in now under consideration for controller and would address all SSO needs. |
Summary
AWX offers Github & Github Enterprise authentication, however I would be able to connect with other OAuth2 system like GitLab (Gitlab.com and self-hosted instances).
You can:
The text was updated successfully, but these errors were encountered: