Finally got it to work. Here is my solution:
### OmniAuth Settings
###! Docs: https://docs.gitlab.com/ce/integration/omniauth.html
gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['oauth2_generic']
# gitlab_rails['omniauth_sync_email_from_provider'] = 'saml'
# gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml']
# gitlab_rails['omniauth_sync_profile_attributes'] = ['email']
# gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_auto_link_ldap_user'] = false
# gitlab_rails['omniauth_auto_link_saml_user'] = false
# gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2']
gitlab_rails['omniauth_providers'] = [
{
"name" => "oauth2_generic",
"app_id" => "XXX",
"app_secret" => "XXX",
"args" => {
client_options: {
'site' => 'https://meeting.swsz.org',
'authorize_url' => '/oauth/authorize',
'token_url' => '/oauth/access_token',
'user_info_url' => '/api/v4/users/me'
},
user_response_structure: {
root_path: [],
attributes: { name: 'first_name'+'last_name',
first_name: 'first_name',
last_name: 'last_name',
nickname: 'username',
email: 'email'
}
},
name: 'oauth2_generic',
strategy_class: "OmniAuth::Strategies::OAuth2Generic"
} }
]
I didn’t get it to work with name: ‘Mattermost’ as the URL mapping doesn’t seem to work, I always get a 404 at the callback url.
Also note that it doesn’t work if the mattermost username exists as a local user already. It doesn’t seem to sync.
Another problem that needs to be addressed is the profile editing in GitLab… the name and email should be readonly and synced from the oauth provider.
But all in all not to bad for a first start. 