authenticate/providers : add gitlab support (#28)

- Add UserInfo struct and implementation to gather additional user information if the endpoint exists. - Add example docker-compose.yml for on-prem gitlab. - Add gitlab docs. - Removed explicit email checks in handlers. - Providers are now a protected type on provider data. - Alphabetized provider list. - Refactored authenticate.New to be more concise.
2025-06-05 12:23:03 +02:00 · 2019-01-24 15:10:16 -08:00 · 2019-01-24 15:10:16 -08:00 · b9c298d278
commit b9c298d278
parent 426e003b03
16 changed files with 510 additions and 182 deletions
--- a/authenticate/providers/oidc.go
+++ b/authenticate/providers/oidc.go
@ -10,6 +10,7 @@ import (

 // OIDCProvider provides a standard, OpenID Connect implementation
 // of an authorization identity provider.
+// see : https://openid.net/specs/openid-connect-core-1_0.html
 type OIDCProvider struct {
 	*ProviderData
 }
@ -20,15 +21,16 @@ func NewOIDCProvider(p *ProviderData) (*OIDCProvider, error) {
 	if p.ProviderURL == "" {
 		return nil, errors.New("missing required provider url")
 	}
-	provider, err := oidc.NewProvider(ctx, p.ProviderURL)
+	var err error
+	p.provider, err = oidc.NewProvider(ctx, p.ProviderURL)
 	if err != nil {
 		return nil, err
 	}
-	p.verifier = provider.Verifier(&oidc.Config{ClientID: p.ClientID})
+	p.verifier = p.provider.Verifier(&oidc.Config{ClientID: p.ClientID})
 	p.oauth = &oauth2.Config{
 		ClientID:     p.ClientID,
 		ClientSecret: p.ClientSecret,
-		Endpoint:     provider.Endpoint(),
+		Endpoint:     p.provider.Endpoint(),
 		RedirectURL:  p.RedirectURL.String(),
 		Scopes:       []string{oidc.ScopeOpenID, "profile", "email"},
 	}