Merge branch 'bvl-fix-openid-redirect' into 'master'

Skip `authenticate_user!` for Doorkeeper controllers Closes #44639 See merge request gitlab-org/gitlab-ce!18599

Merge branch 'bvl-fix-openid-redirect' into 'master'
c0a0443c · Douwe Maan · James Lopez · 10ed401d · c0a0443c · c0a0443c
Unverified Commit c0a0443c authored Apr 30, 2018 by Douwe Maan Committed by James Lopez May 02, 2018
5 changed files
--- a/changelogs/unreleased/bvl-fix-openid-redirect.yml
+++ b/changelogs/unreleased/bvl-fix-openid-redirect.yml
+---
+title: Fix redirection error for applications using OpenID
+merge_request: 18599
+author:
+type: fixed
--- a/config/initializers/fast_gettext.rb
+++ b/config/initializers/fast_gettext.rb
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -104,5 +104,5 @@ Doorkeeper.configure do
  # set to true if you want this to be allowed
  # wildcard_redirect_uri false

-  base_controller 'ApplicationController'
+  base_controller '::Gitlab::BaseDoorkeeperController'
 end
--- a/lib/gitlab/base_doorkeeper_controller.rb
+++ b/lib/gitlab/base_doorkeeper_controller.rb
+# This is a base controller for doorkeeper.
+# It adds the `can?` helper used in the views.
+module Gitlab
+  class BaseDoorkeeperController < ActionController::Base
+    include Gitlab::Allowable
+    helper_method :can?
+  end
+end
--- a/spec/requests/openid_connect_spec.rb
+++ b/spec/requests/openid_connect_spec.rb
@@ -153,4 +153,13 @@ describe 'OpenID Connect requests' do
      end
    end
  end
+
+  context 'OpenID configuration information' do
+    it 'correctly returns the configuration' do
+      get '/.well-known/openid-configuration'
+
+      expect(response).to have_gitlab_http_status(200)
+      expect(json_response).to have_key('issuer')
+    end
+  end
 end