OAuth2 authentication provider for Gerrit Code Review. Please upload changes for review to: https://gerrit-review.googlesource.com/#/admin/projects/plugins/oauth
Apache License 2.0
140
stars
84
forks
source link
Should be using "openid" scope instead of "api" scope. #102
Gerrit doesn't need "Full access to GitLab as the user, including read/write on all their groups and projects", it just needs to verify the user exists.
https://github.com/davido/gerrit-oauth-provider/blob/90b66bbf374fe4575b829eb41d940556060fda31/src/main/java/com/googlesource/gerrit/plugins/oauth/GitLabOAuthService.java#L49
Gerrit doesn't need "Full access to GitLab as the user, including read/write on all their groups and projects", it just needs to verify the user exists.