Package org.jenkinsci.plugins

Class GitLabSecurityRealm

java.lang.Object

hudson.model.AbstractDescribableImpl<SecurityRealm>

hudson.security.SecurityRealm

org.jenkinsci.plugins.GitLabSecurityRealm

All Implemented Interfaces:

ExtensionPoint, Describable<SecurityRealm>, UserDetailsService

public class GitLabSecurityRealm
extends SecurityRealm
implements UserDetailsService

Implementation of the AbstractPasswordBasedSecurityRealm that uses gitlab oauth to verify the user can login. This is based on the GitLabSecurityRealm from the gitlab-auth-plugin written by Alex Ackerman.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	GitLabSecurityRealm.ConverterImpl
static final class	GitLabSecurityRealm.DescriptorImpl

Nested classes/interfaces inherited from class hudson.security.SecurityRealm

SecurityRealm.SecurityComponents

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

ExtensionPoint.LegacyInstancesAreScopedToHudson

Field Summary

Fields inherited from class hudson.security.SecurityRealm

AUTHENTICATED_AUTHORITY, AUTHENTICATED_AUTHORITY2, LIST, NO_AUTHENTICATION

Constructor Summary

Constructors

Constructor	Description
GitLabSecurityRealm(String gitlabWebUri, String gitlabApiUri, String clientID, String clientSecret)

Method Summary

Modifier and Type	Method	Description
boolean	allowsSignup()
SecurityRealm.SecurityComponents	createSecurityComponents()
org.kohsuke.stapler.HttpResponse	doCommenceLogin(org.kohsuke.stapler.StaplerRequest request, String from, String referer)
org.kohsuke.stapler.HttpResponse	doFinishLogin(org.kohsuke.stapler.StaplerRequest request)	This is where the user comes back to at the end of the OpenID redirect ping-pong.
boolean	equals(Object object)	Compare an object against this instance for equivalence.
String	getClientID()
Secret	getClientSecret()	Used by jelly
GitLabSecurityRealm.DescriptorImpl	getDescriptor()
String	getGitlabApiUri()
String	getGitlabWebUri()
String	getLoginUrl()
protected String	getPostLogOutUrl(org.kohsuke.stapler.StaplerRequest req, Authentication auth)
int	hashCode()
GroupDetails	loadGroupByGroupname(String groupName)
UserDetails	loadUserByUsername(String username)

Methods inherited from class hudson.security.SecurityRealm

all, canLogOut, commenceSignup, commonFilters, createCliAuthenticator, createFilter, doCaptcha, doLogout, getAuthenticationGatewayUrl, getCaptchaSupport, getCaptchaSupportDescriptors, getFrom, getGroupIdStrategy, getPostLogOutUrl2, getSecurityComponents, getUserIdStrategy, loadGroupByGroupname, loadGroupByGroupname2, loadUserByUsername2, setCaptchaSupport, validateCaptcha

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.acegisecurity.userdetails.UserDetailsService

toSpring

Constructor Details

GitLabSecurityRealm

@DataBoundConstructor
public GitLabSecurityRealm(String gitlabWebUri,
 String gitlabApiUri,
 String clientID,
 String clientSecret)

Parameters:

gitlabWebUri - The URI to the root of the web UI for GitLab or GitLab Enterprise, including the protocol (e.g. https).

gitlabApiUri - The URI to the root of the API for GitLab or GitLab Enterprise, including the protocol (e.g. https).

clientID - The client ID for the created OAuth Application.

clientSecret - The client secret for the created GitLab OAuth Application. Should be encrypted value of a Secret, for compatibility also plain text values are accepted.

Method Details

getGitlabApiUri

public String getGitlabApiUri()

Returns:

the URI to the API root of GitLab or GitLab Enterprise.

getGitlabWebUri

public String getGitlabWebUri()

Returns:

the uri to the web root of GitLab (varies for GitLab Enterprise Edition)

getClientID

public String getClientID()

Returns:

the clientID

getClientSecret

public Secret getClientSecret()

Used by jelly

Returns:

the client secret

doCommenceLogin

public org.kohsuke.stapler.HttpResponse doCommenceLogin(org.kohsuke.stapler.StaplerRequest request,
 @QueryParameter
 String from,
 @Header("Referer")
 String referer)
                                                 throws IOException

Throws:

IOException

doFinishLogin

public org.kohsuke.stapler.HttpResponse doFinishLogin(org.kohsuke.stapler.StaplerRequest request)
                                               throws IOException

This is where the user comes back to at the end of the OpenID redirect ping-pong.

Throws:

IOException

allowsSignup

public boolean allowsSignup()

Overrides:

allowsSignup in class SecurityRealm

createSecurityComponents

public SecurityRealm.SecurityComponents createSecurityComponents()

Specified by:

createSecurityComponents in class SecurityRealm

getLoginUrl

public String getLoginUrl()

Overrides:

getLoginUrl in class SecurityRealm

getPostLogOutUrl

protected String getPostLogOutUrl(org.kohsuke.stapler.StaplerRequest req,
 Authentication auth)

Overrides:

getPostLogOutUrl in class SecurityRealm

getDescriptor

public GitLabSecurityRealm.DescriptorImpl getDescriptor()

Specified by:

getDescriptor in interface Describable<SecurityRealm>

Overrides:

getDescriptor in class SecurityRealm

loadUserByUsername

public UserDetails loadUserByUsername(String username)
                               throws UsernameNotFoundException,
DataAccessException

Specified by:

loadUserByUsername in interface UserDetailsService

Overrides:

loadUserByUsername in class SecurityRealm

Parameters:

username -

Throws:

UsernameNotFoundException

DataAccessException

equals

public boolean equals(Object object)

Compare an object against this instance for equivalence.

Overrides:

equals in class Object

Parameters:

object - An object to campare this instance to.

Returns:

true if the objects are the same instance and configuration.

hashCode

public int hashCode()

Overrides:

hashCode in class Object

loadGroupByGroupname

public GroupDetails loadGroupByGroupname(String groupName)
                                  throws UsernameNotFoundException,
DataAccessException

Overrides:

loadGroupByGroupname in class SecurityRealm

Parameters:

groupName -

Throws:

UsernameNotFoundException

DataAccessException