Problems using GitLab as OAuth2 provider

[ocaisa]

Hi,

I tried to use this to have our Etherpad instance authenticate against our GitLab server but it gave me a "too many redirects" error. Does my configuration make sense?

"users": {
  "oauth2": {
    "authorizationURL": "http://gitlab.myserver.eu/oauth/authorize",
    "tokenURL": "http://gitlab.myserver.eu/oauth/token",
    "clientID": "CLIENT_ID",
    "clientSecret": "CLIENT_SECRET",
    "publicURL": "http://etherpad.myserver.eu",
    "userinfoURL": "http://gitlab.myserver.eu/api/v3/user",
    "usernameKey": "name",
    "useridKey": "email"
  }
}

publicURL should be the etherpad, right?

Thanks,

Alan

[oliamb]

Back from holidays. I can reproduce your issue. The reason is that you are authenticated but not authorised to access the admin page anyway.

For an unknown reason, a 403 redirect you to the login again instead of displaying an error page. I will think of a solution to it. I think a 401 should redirect you to the login process but 403 errors should be final. But it seems that Etherpad only retrieve 403 error...

At this point, I use this plugin with a custom authorize plugin so I did not face this case.

[ToniIltanen]

Is there any solution for this? Im facing the same issue (against a custom openid provider, which works as it should). How did you make your authorize plugin, is there any info on that?

[oliamb]

The authorization plugin is very specific to the HumanBrainProject org, you can find it here: https://github.com/HumanBrainProject/ep_hbp_collaboratory

[oliamb]

Fixed in v0.1.4