HI, After using your plug-in in the newly installed gerrit, the login Identities shows as untrusted?

davido / gerrit-oauth-provider

OAuth2 authentication provider for Gerrit Code Review. Please upload changes for review to: https://gerrit-review.googlesource.com/#/admin/projects/plugins/oauth

Apache License 2.0

140 stars 84 forks source link

HI, After using your plug-in in the newly installed gerrit, the login Identities shows as untrusted? #142

Closed gesangtome closed 4 years ago

gesangtome commented 4 years ago

Hey, I use your 'github-oauth' plugin to log in and create the first administrator account in the newly installed gerrit. But I found that in the "Identity" settings, the status has become untrusted? Strangely, my account ID is 1000000, but I found that I missed any settings or tasks that require administrator privileges? Why is this so?

@davido Help me, Please

davido commented 4 years ago

Have you checked FAQ before asking: [1]?

Q. Why I am getting identity is untrusted error with Hybrid OpenID+OAuth method?

A. You need to set trustedOpenID:

  [auth]
    type = OPENID
    trustedOpenID=^.*$

[1] https://github.com/davido/gerrit-oauth-provider/wiki/FAQ

gesangtome commented 4 years ago

@davido Thanks, I found the solution through your link, it's great.

kleptog commented 3 years ago

For other people looking for how to configure trustedOpenID and allowedOpenID off the office365 oauth2, I found the following works for us:

trustedOpenID = office365-oauth:
allowedOpenID = http://gerrit-oauth-provider_-office365-oauth

Our problem with the '^.*$' approach it that it causes the Yahoo option to appear, which we definitely don't want.

davido commented 3 years ago

Thanks for pointing this out, this is also documented in the FAQ.