omnigollum not handing off to omniauth? #64
Comments
|
Having exactly the same issue here using the github provider. It goes to |
|
I also experience the same issue with github provider, it redirects to |
|
I found this is due to the recent security fixes in OmniAuth that disabled GET access to "/auth/:provider". Though, this is not an optimal solution in terms of security. After applying the above change, I could configure wiki to be invisible to unauthorized users, still I couldn't make it editable for authorized users (got "error updating page" message). I don't know if this is due to that my fix is incomplete. |
|
Same problem here with the Github provider. |
|
I got OAuth working with Gollum here: I'm going about this by configuring Nginx to do OAuth, and then swiping the email address from the headers. |
|
any update on this issue? this issue basically makes omnigollum unusable since I'm not able to edit any pages. |
Omnigollum is broken: arr2036/omnigollum#64 Switched to supporting oauth2 proxy, use somthing like class Precious::App before do email = request.get_header("HTTP_X_FORWARDED_EMAIL") unless email halt 403, "Sorry, nothing for you here." end session["gollum.author"] = { name: email, email: email } @gollum_author_email = email @gollum_logout_link = "/oauth2/sign_out" end end
I followed the setup for using zquestz/omniauth-google-oauth2 and put that into the omnigollum_options:
but when trying to access a protected route, I get bounced to
/__omnigollum__/auth/google_oauth2?origin=%2F, which404's with no errors in the console.I'm not sure if this is a version thing with sinatra or some other component, but digging into the code, this part seems... wrong? https://github.com/arr2036/omnigollum/blob/4c098d2/lib/omnigollum.rb#L310
If the intent is to pass control back to OmniAuth, shouldn't this be
passorforwardorcallinstead of halt?The text was updated successfully, but these errors were encountered: