skylothar / sentry-auth-gitlab Goto Github PK

View Code? Open in Web Editor NEW

40.0 4.0 31.0 12 KB

An SSO provider for Sentry which enables GitLab Login

License: Apache License 2.0

Makefile 2.05% Python 97.95%

sentry-auth-gitlab's Introduction

GitLab Auth for Sentry

v0.1.0

An SSO provider for Sentry which enables GitLab Login

Changes made for Gitlab 9.x

Following configuration has been changed

# You can specify scope to "api" in Gitlab's OAuth Application page
# If you failed to do that, set GITLAB_AUTH_SCOPE = "read_user"
GITLAB_AUTH_SCOPE = "api"
# If your gitlab does not support v4 api, set GITLAB_API_VERSION = 3
GITLAB_API_VERSION = 4

Install

pip install sentry-auth-gitlab

Setup

Create a new application under your GitLab. Enter the Callback URL as the prefix to your Sentry installation:

http(s?)://sentry.example.com/auth/sso/

Once done, grab your API keys and drop them in your ``sentry.conf.py:

GITLAB_APP_ID = "APP-ID"
GITLAB_APP_SECRET = "APP-SECRET"
GITLAB_BASE_DOMAIN = "git.example.com"

Optionally you may also specify the api version, scheme, and scope:

GITLAB_API_VERSION = 4
GITLAB_AUTH_SCOPE = "api"
GITLAB_HTTP_SCHEME = "https"

Notice

If your gitlab is deployed in a private network (probably). You need to alter sentry's default ip black list to make oauth flow work.

Put following config in your sentry.conf.py and delete conflit ones

SENTRY_DISALLOWED_IPS = (
    '0.0.0.0/8',
    '10.0.0.0/8',
    '100.64.0.0/10',
    '127.0.0.0/8',
    '169.254.0.0/16',
    '172.16.0.0/12',
    '192.0.0.0/29',
    '192.0.2.0/24',
    '192.88.99.0/24',
    '192.168.0.0/16',
    '198.18.0.0/15',
    '198.51.100.0/24',
    '224.0.0.0/4',
    '240.0.0.0/4',
    '255.255.255.255/32'
)

sentry-auth-gitlab's People

Contributors

Stargazers

Watchers

Forkers

pragkent erickgnavar ebu nuaays underyx yidinghan corpusops caimaoy bayun2 lfsadamn cirmaciu stanhu theophilechevalier leanlaufer sunfshine

sentry-auth-gitlab's Issues

User-Login via GitLab always occur as admin user in sentry

Steps to reproduce:

use sentry docker variant, fresh git clone
edit sentry.conf.py as in Readme here (v4, api)
Enable Gitlab in Settings->Auth
Invite member with email-address
sign out
click on Join your Team Button in email (another computer, so clean cache)
choose "Create new account"
on http://sentry/auth/login/sentry/ click Login with GitLab
on your GitLab page, login with any username

Now it tells, your account is already a member of this organization.
"switch accounts" will redirect you back to choose "Create new account" vs "Login as an existing user".
Clicking "Create new account" redirects to "Login with GitLab", which redirects back to "Your account admin is already a member..."

If you "Join the Sentry organization", you will be logged in Sentry (v9.1.2) as admin user instead of the User you just logged in on GitLab (on-premise, v12.3.5).

anyway, what does the option

Require SSO
Require members use a valid linked SSO account to access this organization

really mean?

Bad Request (400) after Gitlab Authorize

When I click Authorize in Gitlab I'm redirected to address https://sentry.my.domain/auth/sso/?code=xxx&state=yyy and I get error Bad Request (400). No more information in logs. I tested to change constants.py from read_user to api as proposed in other issue, but it didn't help either. Any ideas how to search more information of the problem?

Gitlab version 9.2.1-ee (Docker), Sentry version 8.16.0 (Docker)

After another people close and open the auth, when I login sentry prompt me that

What did I do wrong?

Default configuration results in The organization you were looking for was not found.

And I have no idea, where to look yet :-(

Plugin does not work with newest sentry version of Sentry On-Premise Docker setup

After installing plugin via adding sentry-auth-gitlab to requirements.txt and rebuilding.
The web, worker, cron and post-process docker containers are constantly restarting.

The docker logs for the web service give this error:

Traceback (most recent call last):
File "/usr/local/bin/sentry", line 8, in <module>
  sys.exit(main())
File "/usr/local/lib/python2.7/site-packages/sentry/runner/__init__.py", line 164, in main
  cli(prog_name=get_prog(), obj={}, max_content_width=100)
File "/usr/local/lib/python2.7/site-packages/click/core.py", line 722, in __call__
  return self.main(*args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/click/core.py", line 697, in main
  rv = self.invoke(ctx)
File "/usr/local/lib/python2.7/site-packages/click/core.py", line 1066, in invoke
  return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python2.7/site-packages/click/core.py", line 1066, in invoke
  return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python2.7/site-packages/click/core.py", line 895, in invoke
  return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python2.7/site-packages/click/core.py", line 535, in invoke
  return callback(*args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/click/decorators.py", line 17, in new_func
  return f(get_current_context(), *args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/sentry/runner/decorators.py", line 68, in inner
  return ctx.invoke(f, *args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/click/core.py", line 535, in invoke
  return callback(*args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/click/decorators.py", line 17, in new_func
  return f(get_current_context(), *args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/sentry/runner/decorators.py", line 29, in inner
  configure()
File "/usr/local/lib/python2.7/site-packages/sentry/runner/__init__.py", line 127, in configure
  configure(ctx, py, yaml, skip_service_validation)
File "/usr/local/lib/python2.7/site-packages/sentry/runner/settings.py", line 158, in configure
  skip_service_validation=skip_service_validation,
File "/usr/local/lib/python2.7/site-packages/sentry/runner/initializer.py", line 308, in initialize_app
  django.setup()
File "/usr/local/lib/python2.7/site-packages/django/__init__.py", line 27, in setup
  apps.populate(settings.INSTALLED_APPS)
File "/usr/local/lib/python2.7/site-packages/django/apps/registry.py", line 85, in populate
  app_config = AppConfig.create(entry)
File "/usr/local/lib/python2.7/site-packages/django/apps/config.py", line 94, in create
  module = import_module(entry)
File "/usr/local/lib/python2.7/importlib/__init__.py", line 37, in import_module
  __import__(name)
File "/usr/local/lib/python2.7/site-packages/sentry_auth_gitlab/__init__.py", line 5, in <module>
  from .provider import GitLabOAuth2Provider
File "/usr/local/lib/python2.7/site-packages/sentry_auth_gitlab/provider.py", line 3, in <module>
  from sentry.auth.providers.oauth2 import (
File "/usr/local/lib/python2.7/site-packages/sentry/auth/providers/oauth2.py", line 9, in <module>
  from sentry.auth.provider import Provider
File "/usr/local/lib/python2.7/site-packages/sentry/auth/provider.py", line 6, in <module>
  from .view import ConfigureView
File "/usr/local/lib/python2.7/site-packages/sentry/auth/view.py", line 5, in <module>
  from sentry.plugins.base.view import PluggableViewMixin
File "/usr/local/lib/python2.7/site-packages/sentry/plugins/base/__init__.py", line 3, in <module>
  from .bindings import BindingManager
File "/usr/local/lib/python2.7/site-packages/sentry/plugins/base/bindings.py", line 5, in <module>
  from sentry.plugins import providers
File "/usr/local/lib/python2.7/site-packages/sentry/plugins/providers/__init__.py", line 5, in <module>
  import_submodules(globals(), __name__, __path__)
File "/usr/local/lib/python2.7/site-packages/sentry/utils/imports.py", line 45, in import_submodules
  module = __import__(module_name, globals(), locals(), ["__name__"])
File "/usr/local/lib/python2.7/site-packages/sentry/plugins/providers/base.py", line 7, in <module>
  from social_auth.models import UserSocialAuth
File "/usr/local/lib/python2.7/site-packages/social_auth/models.py", line 12, in <module>
  from .fields import JSONField
File "/usr/local/lib/python2.7/site-packages/social_auth/fields.py", line 10, in <module>
  from sentry.db.models.utils import Creator
File "/usr/local/lib/python2.7/site-packages/sentry/db/models/__init__.py", line 3, in <module>
  from .base import *  # NOQA
File "/usr/local/lib/python2.7/site-packages/sentry/db/models/base.py", line 37, in <module>
  class BaseModel(models.Model):
File "/usr/local/lib/python2.7/site-packages/django/db/models/base.py", line 110, in __new__
  app_config = apps.get_containing_app_config(module)
File "/usr/local/lib/python2.7/site-packages/django/apps/registry.py", line 247, in get_containing_app_config
  self.check_apps_ready()
File "/usr/local/lib/python2.7/site-packages/django/apps/registry.py", line 125, in check_apps_ready
  raise AppRegistryNotReady("Apps aren't loaded yet.")
django.core.exceptions.AppRegistryNotReady: Apps aren't loaded yet.

it seems to me that the plugin isn't compatible anymore with the django version used in sentry?

Gitlab 9.2.2 seems to requires api SCOPE instaed of read_user

when i updated my gitlab, sentry-oauth was not working anymore.. i fixed it when i changed the scope in constants.py to 'api'

How can I add Organisation support?

Hi, would like to add organisation support. Let me know if I can do that or is currently possible.

Is additional configuration required to activate plugin?

Hi,

I followed the installation steps on a clean deployment of Sentry 8.2.1 for this plugin. After restarting Sentry there appeared no Gitlab option in the Auth section. What could be the cause of this, am I missing a step which is not documented?

Publish the project in pypi

In order to install the package using pip install sentry-auth-gitlab, please publish the package in the python package index.

Gitlab 11.x

Does this support gitlab 11.x ?
i run run the sentry as readme shows , then when tryied to click 'configure' button from Settings/Auth/Gitlab , always take me to https://none/oauth/authorize?scope=api&state=86xxxxx .

ProviderNotRegistered > sentry.tasks.check_auth_identity

Hello,

Sentry 9.0.0 here.

I have a lot of this error in the Sentry's Internal project :

ProviderNotRegistered
gitlab

The error came from here :
sentry/auth/manager.py in get at line 23
def get(self, key, **kwargs):
try:
cls = self.__values[key]
except KeyError:
raise ProviderNotRegistered(key)
return cls(key=key, **kwargs)

Any idea how to fix it ?

Regards.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.