Use correct username field

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
goauthentik · Feb 19, 2024 · cdd103c · cdd103c
1 parent 6d288a0
commit cdd103c
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 11 deletions.
diff --git a/authentik/sources/oauth/tests/test_type_gitlab.py b/authentik/sources/oauth/tests/test_type_gitlab.py
@@ -5,7 +5,7 @@
 from authentik.sources.oauth.types.gitlab import GitLabOAuthCallback
 
 GITLAB_USER = {
-    "username": "dev_gitlab",
+    "preferred_username": "dev_gitlab",
     "email": "dev@gitlab.com",
     "name": "Dev",
 }
@@ -24,6 +24,6 @@ def setUp(self):
     def test_enroll_context(self):
         """Test GitLab Enrollment context"""
         ak_context = GitLabOAuthCallback().get_user_enroll_context(GITLAB_USER)
-        self.assertEqual(ak_context["username"], GITLAB_USER["username"])
+        self.assertEqual(ak_context["username"], GITLAB_USER["preferred_username"])
         self.assertEqual(ak_context["email"], GITLAB_USER["email"])
         self.assertEqual(ak_context["name"], f"{GITLAB_USER['name']}")
diff --git a/authentik/sources/oauth/types/gitlab.py b/authentik/sources/oauth/types/gitlab.py
@@ -1,7 +1,11 @@
-"""GitLab OAuth Views"""
+"""
+GitLab OAuth Views
+
+See https://docs.gitlab.com/ee/integration/oauth_provider.html
+and https://docs.gitlab.com/ee/integration/openid_connect_provider.html
+"""
 from typing import Any
 
-from authentik.sources.oauth.clients.oauth2 import UserprofileHeaderAuthClient
 from authentik.sources.oauth.models import OAuthSource
 from authentik.sources.oauth.types.registry import SourceType, registry
 from authentik.sources.oauth.views.callback import OAuthCallback
@@ -11,7 +15,7 @@
 class GitLabOAuthRedirect(OAuthRedirect):
     """GitLab OAuth2 Redirect"""
 
-    def get_additional_parameters(self, source: OAuthSource):  # pragma: no cover
+    def get_additional_parameters(self, source: OAuthSource):
         return {
             "scope": ["read_user", "openid", "profile", "email"],
         }
@@ -20,16 +24,14 @@ def get_additional_parameters(self, source: OAuthSource):  # pragma: no cover
 class GitLabOAuthCallback(OAuthCallback):
     """GitLab OAuth2 Callback"""
 
-    client_class: UserprofileHeaderAuthClient
-
     def get_user_enroll_context(
         self,
         info: dict[str, Any],
     ) -> dict[str, Any]:
         return {
-            "username": info.get("username"),
+            "username": info.get("preferred_username"),
             "email": info.get("email"),
-            "name": f"{info.get('name')}",
+            "name": info.get("name"),
         }
 
 
@@ -46,4 +48,6 @@ class GitLabType(SourceType):
 
     authorization_url = "https://gitlab.com/oauth/authorize"
     access_token_url = "https://gitlab.com/oauth/token"  # nosec
-    profile_url = "https://gitlab.com/api/v4/user"
+    profile_url = "https://gitlab.com/oauth/userinfo"
+    oidc_well_known_url = "https://gitlab.com/.well-known/openid-configuration"
+    oidc_jwks_url = "https://gitlab.com/oauth/discovery/keys"
diff --git a/pyproject.toml b/pyproject.toml
@@ -43,7 +43,6 @@ omit = [
     "*/migrations/*",
     "*/management/commands/*",
     "*/apps.py",
-    "**/test_*.py",
     "website/",
 ]