First of all thank you for creating this project and I’m even more stoked that it integrates with Gitlab making it much easier to get it adopted in the organisation that’s already using Gitlab.
Now my frontend servers use HSTS header so all things that run off them, run on https off a wildcard certificate. I’ve used your draft notes to configure mattermost (0.7.1 precompiled binary) with Gitlab SSO and it’s working a treat.
The only hitch that I noticed was that when mattermost calls the OAuth Authorize endpoint, it uses redirect url of http and not https. Since I didn’t expect that, I didn’t have it configured originally (but added the http counterpart just so it can get authorization). Is there a way to tell mattermost that it’s running in SSL mode (via SSL based frontend proxy server which is then doing http reverse proxy to mattermost) and it should only request https based urls?
PS: Thank you @alerque as I used your configuration snippets as a sample starting point and everything just fell into place once I put the right values in for my setup.