Skip to content

Implementing Gitlab OAuth

Issue: #57 Implement Gitlab login with OAuth

Approach:

As per the use case of this project, I implemented Gitlab OAuth with PKCE. For this, we are not required to pass the Secret to the server and it will work with just the ClientID.

Note: The backend can also be deployed using a Socket, I am unable to configure OAuth with that. I did some research and it seems that OAuth can only work over HTTP/HTTPS. I have added a check that if Sockets are being used for deployment, I am skipping the OAuth Flow.

Note 2: I have added the OAuth support with unix socket as well, but it does require the proxy_port of the NGINX conf for building the callback url

I have added the OAuth check as a middleware in routing so it is being checked over all the routes. I am open to any changes to this approach.

Flow:

The general flow of the program is as per this

image.png

Edited by Achintya Singh

Merge request reports