From 4d6d248e16e3fa3322abcd28ee6bccb3ae86a033 Mon Sep 17 00:00:00 2001
From: Imre Farkas <ifarkas@gitlab.com>
Date: Thu, 26 Jan 2023 17:54:09 +0100
Subject: [PATCH] Remove omniauth-authentiq gem
---
.markdownlint.yml | 1 -
Gemfile | 1 -
Gemfile.checksum | 1 -
Gemfile.lock | 4 -
.../images/auth_buttons/authentiq_64.png | Bin 17679 -> 0 bytes
.../omniauth_callbacks_controller.rb | 8 --
app/helpers/auth_helper.rb | 1 -
config/gitlab.yml.example | 14 ---
doc/.vale/gitlab/spelling-exceptions.txt | 1 -
doc/administration/auth/authentiq.md | 100 +-----------------
doc/integration/index.md | 1 -
doc/integration/omniauth.md | 1 -
doc/topics/authentication/index.md | 1 -
lib/gitlab/omniauth_initializer.rb | 14 ---
.../profiles/accounts_controller_spec.rb | 2 +-
spec/features/oauth_login_spec.rb | 2 +-
spec/features/oauth_registration_spec.rb | 1 -
spec/lib/gitlab/omniauth_initializer_spec.rb | 8 --
18 files changed, 7 insertions(+), 154 deletions(-)
delete mode 100644 app/assets/images/auth_buttons/authentiq_64.png
diff --git a/.markdownlint.yml b/.markdownlint.yml
index 6be0b9fad29b..b77e7c488cde 100644
--- a/.markdownlint.yml
+++ b/.markdownlint.yml
@@ -33,7 +33,6 @@ proper-names:
"API",
"Asana",
"Auth0",
- "Authentiq",
"Azure",
"Bamboo",
"Bitbucket",
diff --git a/Gemfile b/Gemfile
index 72569a35dc03..f0079321d353 100644
--- a/Gemfile
+++ b/Gemfile
@@ -71,7 +71,6 @@ gem 'omniauth-oauth2-generic', '~> 0.2.2'
gem 'omniauth-saml', '~> 2.0.0'
gem 'omniauth-twitter', '~> 1.4'
gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md
-gem 'omniauth-authentiq', '~> 0.3.3'
gem 'omniauth_openid_connect', '~> 0.6.0'
# Locked until Ruby 3.0 upgrade since upgrading will pull in an updated net-smtp gem.
# See https://docs.gitlab.com/ee/development/emails.html#rationale.
diff --git a/Gemfile.checksum b/Gemfile.checksum
index 14be8b71f25d..22a07689bffb 100644
--- a/Gemfile.checksum
+++ b/Gemfile.checksum
@@ -391,7 +391,6 @@
{"name":"omniauth-alicloud","version":"2.0.1","platform":"ruby","checksum":"b14c425bca02b4d0f73e710ceb62c0f1f8533e0c427c1c495d2b40f87b3f48d3"},
{"name":"omniauth-atlassian-oauth2","version":"0.2.0","platform":"ruby","checksum":"eb07574a188ab8a03376ce288bce86bc2dd4a1382ffa5781cb5e2b7bc15d76c9"},
{"name":"omniauth-auth0","version":"2.0.0","platform":"ruby","checksum":"823769be7883b45b2fa94367c2f6a17f7b3b1333986016089c016d45827da545"},
-{"name":"omniauth-authentiq","version":"0.3.3","platform":"ruby","checksum":"11b3791085a130782bf14b0088653beeb085638a9548d7110a57d3cbbb54fb4c"},
{"name":"omniauth-azure-activedirectory-v2","version":"2.0.0","platform":"ruby","checksum":"c484cedd52cd233e3c216c4b3ed667ec07d20e51c550a613b65a0f90fe8ad072"},
{"name":"omniauth-dingtalk-oauth2","version":"1.0.1","platform":"ruby","checksum":"6545670f1c38344eaf960df9750c550a9534f790f888af088761a9e04269139b"},
{"name":"omniauth-facebook","version":"4.0.0","platform":"ruby","checksum":"05ae3565c8fdb38df8dab04eb8ca854ea6c18e81591d3e6598ce101293a2f20f"},
diff --git a/Gemfile.lock b/Gemfile.lock
index be3cd068e5d3..72a4eb028579 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -997,9 +997,6 @@ GEM
omniauth-oauth2 (>= 1.5)
omniauth-auth0 (2.0.0)
omniauth-oauth2 (~> 1.4)
- omniauth-authentiq (0.3.3)
- jwt (>= 1.5)
- omniauth-oauth2 (>= 1.5)
omniauth-azure-activedirectory-v2 (2.0.0)
omniauth-oauth2 (~> 1.8)
omniauth-dingtalk-oauth2 (1.0.1)
@@ -1771,7 +1768,6 @@ DEPENDENCIES
omniauth-alicloud (~> 2.0.1)
omniauth-atlassian-oauth2 (~> 0.2.0)
omniauth-auth0 (~> 2.0.0)
- omniauth-authentiq (~> 0.3.3)
omniauth-azure-activedirectory-v2 (~> 2.0)
omniauth-azure-oauth2 (~> 0.0.9)!
omniauth-cas3 (~> 1.1.4)!
diff --git a/app/assets/images/auth_buttons/authentiq_64.png b/app/assets/images/auth_buttons/authentiq_64.png
deleted file mode 100644
index 81767bbcc54f114ec3d6436d3abf640f260dc169..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 17679
zcmeI3X;c&0wty=EB@%|9I3Y?1q9}&U2?<kxfH*K?3pf#y3Pd0YNq{IKqlyC#wAhL`
zfTCUp#MX<VGN_=at<osiD$;<o11O@Rh~uk(43=7}-+TA2yWU<1nMD`|Q2X`Sv;c
zRDRTIAFt{9x+b~+0O-%~;Q2vUuKJ4^3jH1wM>jy1VKR>(1pr`2sJ|#6J7)|4*zFSs
z1S$hPXLAJ7C>y>|8VcH|qGV8S0I+vb$@qc@P>Bx(!^9E?!t*m_1iV=2K$y$$BzwwS
z!Emw1QaR|q)GI)+G(x}@5}X`$?NuDeK@_Ou<5f|S5(P))K<M$yf$r7KBm%yti!#E2
z;H(aa5A^iGyGrFCo?*iz3dl?rp2fDIFjy=)YZ{(PrZ7lk8i__GQfVAInM0@IzkCRe
zy3n1yTqxrB@!Y?JgCqw+xKb(OkVtWHaW-)@8>u{uL}9bpBr=smr4peYM8y(`lCL64
z6c)Ws`uy-fg+MNrDaBF=UhS73DveP(5D4l({hu%MijwsQk|@5ggD8?zd>M&iLneLC
zNGRyHk;TX(dxj<ykibYV3X~`nkR9c_cCv7(QmP1-{vc$(`iFs`oOpWn$NuhkqoTeW
zTA_4{g%Er}`dv#!z!Diq@&gsp7`Xs+i-o3Q@x9qA#iD`aeC0{4`Qg|>mG}o{YE7?M
z&r;~kkUcb4j;kExE2Z)PsWj5Dca{0{A;i17_N*$r)m*VeD2-E0u_wVz2J$`N4dn5a
zpd+*%nM5*`NTvi(XdD`uLt$H!sT?wSkdxk?Fdv>$p;)wJkPjx2!szkA<j|ScWLm$E
zK|SF<p#3A{EBSxR%iz9){0IdckyIYVS2~KL_+cPPCJD1A4Kxnw*}tkduF^=U92yqr
zNV6w>uX&JF&r0LWkSLUVi2$6zbA%df#9|>w08*G_5hIi+VnF;tMRXC7Z%Y;unYJRT
zElVH-g#tzoL{HDb=HIyHNd+<L-2%DpEi6K*0CGPtED^<)E@DvFL>d*O5h)aqNerdg
z(ug9OkWS&#SWF=(=nFK+**Af_<zlGr@goQIQO`vP1q<b~gdm?PAPUJ$I+0GNvxsaq
z%a%x^FrX*`5i?ZC>I?B5H{XQv5G$b7x@6EQhSqXVW%CE4zi#bQM2dSVl#DM|fa?9{
zK<L|m{UxoxVySI<_A!SqP}ep`fqHv@LVMCztpmgAxBOxz{x+R|4?(a0LFPY>5f=_h
zkhWK^tDaszcA}7qlyQ7H=o|*EkiWC@d%b>b26t~yQlABp;(tRT6#Ur#T^bl7I+Y(P
zA`@x0WInXm=^&8}Qdz`MhLB8W^U0J@0lhEH|J^k7RVXT(LuT|<sQ+9V23D~koG%Fj
zg^r}Yne{dNU&`FytB3!y4b+!8+TgS0|3T(@cjDJIv9Hd4TSM*Dj};uK{zA2Y-&6M}
z_M~sx2G&e(|3Gyejg0B(&!Uo{4~e4w{bD*;4L1!!HXW>nn+{mck%*O!)GyIs&4aAe
z&py2evp@8h4mvU!3>tKP!kgh1K4KLZ8OReuC#XVw5-_3a&|?EveAh7OM}~tGUkrOw
zHRyr5r+W6bLXYdvKLt|%UxjZ9YybK4ue=$U(ZA9w%$Ftz3<$EQ!G+8Rrq$qr0YMfu
zxRCk4v>IG6AjqNy7cw81R)Y%$1X<MJLgoY0YH-1TAd4DY$b4X04K5fEWKn|)nGZ~>
z!36_?ENXBe^MPqKxL`n#MGY=wJ}|8Y7YqopsKJHI2d35Ff&oDmHMo%Zz_c1%Fd)dH
z1{X3Pm{x-e1_W8u;6mmD(`s<RfFO$+T*!Q2S`9835M)t<3z-j0tHA{Wf-GuqA@hN0
zHMn3vkVOqHWIiyh1{VwnvZ%p@%m=2`;DP}`7B#q#`M|UqTreQWq6QZ-ADC8y3kC#P
zM8u^#@bWDvf!?@{gI=w*+{kA@ujS$e9)6wxu+$O&l2QSn`!jTX0st{&0B8*X0M1qb
z7%k0QROt=?m<Ka>&H<{sPq!z^0_Kjq<kVGqa=Y1?JJ$?7lB&4^Y+$$Vay?_KTSn)K
zHW&H0pW_%uyPHP+v-#+!->*M*;-nrpLJY`td3He0)_BU)&Fi&lgLSZ&nk`%E{4h=<
zsy28sFH7E(w3&5X#QkBpJz@KzO4^0lE)8d%?|kmim7}=Py)buk^U_h5V{GzboDYyn
z<1IRZLQFf%La-gNi)L4}r%JZ~vyw(~hxq8fP2Qh;+ziBG#^#q9)B}M@fN`S<o@s)&
zS+*JI&@x0FN}5?7X6!vF>Y^?axPkts)>r_w4E1&rd1zJ1%I3K<^=$P&3=cG<>(PM;
zKxtIY{N*g;GQZ#?|MK9*xm-n}PNSspO!-9o#!B+IAzo-F*7Cd~WhnBc!*A*M`qXYW
ziw;!BI@I}R5rD|#5ff|0+*!h!h&~%pbn)nWbkb$_7vAXngw5W-EtE7n{a7&z7!%g~
zc7Dj#Vd9U@HmFtlxO+>{Nxtqc&Lqk4`_1;fzB1AOGrA6CcN|rYX*3E+o-t3MQ{L^4
zdX%hnkq`@_x$KUSAx7kyikHcgt_ZWFW7euHcU<t9QaC&?vZgNN4R!s*VxJpzgtVY4
zemO71sRJ7#oeKQ4?bd6-!^TX9{Cmwf>5%D9VvLe3%XeXmyq$hA7&FsS=hq0l`&Od;
zkhgXn6J?L(Kpk-PnlHm{jrC}PQGgzgiyxZh>TK>|cFKU)7ERi@;@zk;Gb=0LYD&1)
z)Pn_HJF{X-@^)8$$fKh2YHkrGZF`nb&ph_wD%Ux7@$BIyZN5kF(=*OxN0a1FXIJcQ
zYP^ave?4<j=z-JNQ<vU6C@mV_b;JVWRAo1ce=RU+v82_$;D(`@spYZwJ)iEs1ko;b
zxLrW$kjSFs?jZk#m;?WqzBwy|7(XWBVM2Ot77nvNXSFE{%Xp8<Df?jXsLRPsZ)|eT
zNz<H)IpwEUb)7HJZ=9-?G+AfKXxy=k2MUKr&(R0O+;zKBN}djD*~{KI?(w^ldLXnV
z@M-=A^O@GTBH!PB^^YVPhF!gWTpyJmyDwImb?5dii^*OWf{RVq%VWDPRT=W{7o&qs
z{GAl}b5w>uU$FyRT=ov5>@|(JGh*A6#BRr~tm;{LfThE{%yFw!=!naEsxH5(i6?HV
z-n82+{n?!-wI>Oaz1$i~eJ*uwe%RL7{@J3vDdE7{{mve|pds>?_AM>NTE;*Ymu(|&
zr&ctM^K*)QGVOXD<5c`2UhU4bH<c%cv^R{evil{3xXjpS>I5!;K@o}R=BYTdGX2QJ
zH6~uf>(b?E#|1~$f9~!cKf&?$m7Mnzu450K^ZjF2;<S>gO>Qq9Y6Y9NT=T~@)!f=r
zCdFRg>1k3ZJEc$^|L7Bl@zRTX#Hs(7*cyZF&`y$b1L{+%W-S-_ZCY!4G-}m8EA13c
za&e83^^jbAs~@rb&xL6ZtGFnxwZ%}w)SR;|-lk64VGXy(5&trGPcC#$iEkYvskPGz
z#{w-atvsu3w*sD2T+CdMDo$Q}*tIqX8h?7ke&3l>0!|knB44_{@S(NpWRl9-c1mV;
zv-!pm+LJS0CZKubbyj0JK0vk3h?p0LhnnAM+%w7Iio1(TOweN=gY=iaRcj~<PK~ck
zoW>2@?NyqwSUmGnS95OQ&F3r6&JSNdscWR4%ZXt|Q@LJcIw=b#x)$s?xfU119<}ry
zddaBv_d33>Yp0kUduX4|h^JHxul@s5aA-0q?Gt-A>Qd#q-{gnKcE!CY0a{k>W*Qvv
z4Uf3CmshuB`GyVGi_NxfG|DN;I9M=!{e%r?#RL!QCzQDX>sJIC$Fxu6jl+++`FVIW
zCX0V95fkyG3s(u=F0xIusSwCYbw8k+Zrl_Ihq_pI6tIA_73r1c!Kpc&VxF`7)yUl8
zEqlGqhZ?$Sr=*|v<1Mk2pPzPk#iGiEXLWsjHZOc3te@SI!7`uj?WT?Om6oE|pVpyp
zN3bs2lfZ3JI;eyCt=o^8byMo{r1RhN{%F72deB*yrz)KMDkfH%_w2nj4s4ozK5Ts9
z1;LmA{Kt@cw)1vXICRcjS~xOmU%)~}ZLZ0|o7ghX*E_X}JD*~*uub^Z`ms5W5|iFP
zFB3WbBp|N-^AqloVO!^^CpjJ^`O$uPcSbeL|3};T-MIFq#LU2xx?Qh-!MlaeE+N`9
zM!p~0{whKi>$obu@vnlmjazQa3T{M4)jimwSh;7`g9giuShJnn@pn??3wVVX`O6bs
zUY4G(PfcFmED6du{&7mjyy}`H&T^dZPpC@Q%(A1#tw(N0e?F#TRCORMURxD(!Um&1
z<da@~_KsUu=<cC->4emr<s^Civ-Fy#MjG$fn~NSXBilF4jb3<Pcg`GKXIo181FpaJ
zdAGo>!#uC;M-RFAEsls-n|rXq{8)rVYojA(=;=1?J>|EP9G=~8+E(sett=`G!`+=H
z$jHd<*kYI`9Aj*pdg7cXS1`UkpH__~jK-vKx-cuM?^(5SeF5L#T$HjISDbdx;b?~K
z{H+Z^doDcn21vQ_xjXJYsC+!?j^D4fV<mBZt8FX%=+hHQ4Gwv{E3J8c@xjt}=)!#Q
z;deI`TizYoU!C#0etGHV1i~<<-Nve|1`=-U8s*Nr4+t}k2jm}mD^^A<bC_X^z8#vr
zd3(aIxcdvQ3mQG_*v&xph(bHd6JlA~)Zahs?hemXcsb2IYhs%&TA>UApBc=GJP~dB
zs`@ZC(aHbpjwx^S3N4=P*oN|!rJzFBzZhNW_|sVf+co>{NZX1cUX~k|Tmzz4t;WZa
ztS6w>=XPJ%P8)AEZhlixcuJ?<&#s;H1w}@x8;9RwRV~=CpNWo!Zw<(`Eja2`>xOlc
zW;$g&)VXwg_>TC-((;6%>GM1vck1%69p>3%KALh){+8X@lCkN=SiB@R{-oR8{Eu~2
z!9Q2<;zKhX62hu<?89^ZvKqlTgC<Baw}yERzq#ky`G(VsEr!dC5)#9;$FnYS=A5cF
z{qwbZcXq?pK<T2KY3S0lNg;-1Pd`UIK1GcyU`<xu|I>8j=Q8_*9am!v%M*0~of*%T
V+z4D23OyPDGu*s*1uh{e{{<?y$_oGh
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index 5bd3b74af1f5..4046433f8eaa 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -61,14 +61,6 @@ def cas3
handle_omniauth
end
- def authentiq
- if params['sid']
- handle_service_ticket oauth['provider'], params['sid']
- end
-
- handle_omniauth
- end
-
def auth0
if oauth['uid'].blank?
fail_auth0_login
diff --git a/app/helpers/auth_helper.rb b/app/helpers/auth_helper.rb
index f818088a4c6e..e2e89c9abcaa 100644
--- a/app/helpers/auth_helper.rb
+++ b/app/helpers/auth_helper.rb
@@ -5,7 +5,6 @@ module AuthHelper
alicloud
atlassian_oauth2
auth0
- authentiq
azure_activedirectory_v2
azure_oauth2
bitbucket
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 1b18f977e4f2..5a9811c0e912 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -1072,16 +1072,6 @@ production: &base
# login_url: '/cas/login',
# service_validate_url: '/cas/p3/serviceValidate',
# logout_url: '/cas/logout' } }
- # - { name: 'authentiq',
- # # for client credentials (client ID and secret), go to https://www.authentiq.com/developers
- # app_id: 'YOUR_CLIENT_ID',
- # app_secret: 'YOUR_CLIENT_SECRET',
- # args: {
- # scope: 'aq:name email~rs address aq:push'
- # # callback_url parameter is optional except when 'gitlab.host' in this file is set to 'localhost'
- # # callback_url: 'YOUR_CALLBACK_URL'
- # }
- # }
# - { name: 'github',
# app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET',
@@ -1628,10 +1618,6 @@ test:
client_id: 'YOUR_AUTH0_CLIENT_ID',
client_secret: 'YOUR_AUTH0_CLIENT_SECRET',
namespace: 'YOUR_AUTH0_DOMAIN' } }
- - { name: 'authentiq',
- app_id: 'YOUR_CLIENT_ID',
- app_secret: 'YOUR_CLIENT_SECRET',
- args: { scope: 'aq:name email~rs address aq:push' } }
- { name: 'salesforce',
app_id: 'YOUR_CLIENT_ID',
app_secret: 'YOUR_CLIENT_SECRET'
diff --git a/doc/.vale/gitlab/spelling-exceptions.txt b/doc/.vale/gitlab/spelling-exceptions.txt
index 7d36887de39e..a2a23c03aa37 100644
--- a/doc/.vale/gitlab/spelling-exceptions.txt
+++ b/doc/.vale/gitlab/spelling-exceptions.txt
@@ -48,7 +48,6 @@ auditability
auditable
Auth0
authenticator
-Authentiq
Authy
autocomplete
autocompleted
diff --git a/doc/administration/auth/authentiq.md b/doc/administration/auth/authentiq.md
index 4eabdddfc635..a32d2a2cf94e 100644
--- a/doc/administration/auth/authentiq.md
+++ b/doc/administration/auth/authentiq.md
@@ -1,102 +1,12 @@
---
-type: reference
stage: Manage
group: Authentication and Authorization
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+remove_date: '2023-02-22'
+redirect_to: '../../integration/omniauth.md'
---
-# Authentiq OmniAuth Provider **(FREE SELF)**
+# Authentiq OmniAuth Provider (removed) **(FREE SELF)**
-To enable the Authentiq OmniAuth provider for passwordless authentication, you must register an application with Authentiq.
-
-Authentiq generates a Client ID and the accompanying Client Secret for you to use.
-
-1. Get your Client credentials (Client ID and Client Secret) at [Authentiq](https://www.authentiq.com/developers).
-
-1. On your GitLab server, open the configuration file:
-
- For omnibus installation
-
- ```shell
- sudo editor /etc/gitlab/gitlab.rb
- ```
-
- For installations from source:
-
- ```shell
- sudo -u git -H editor /home/git/gitlab/config/gitlab.yml
- ```
-
-1. Edit the [common configuration file settings](../../integration/omniauth.md#configure-common-settings)
- to add `authentiq` as a single sign-on provider. This enables Just-In-Time
- account provisioning for users who do not have an existing GitLab account.
-
-1. Add the provider configuration for Authentiq:
-
- For Omnibus packages:
-
- ```ruby
- gitlab_rails['omniauth_providers'] = [
- {
- name: "authentiq",
- # label: "Provider name", # optional label for login button, defaults to "Authentiq"
- app_id: "<your_client_id>",
- app_secret: "<your_client_secret>",
- args: {
- "scope": 'aq:name email~rs address aq:push'
- }
- }
- ]
- ```
-
- For installations from source:
-
- ```yaml
- - { name: 'authentiq',
- # label: 'Provider name', # optional label for login button, defaults to "Authentiq"
- app_id: '<your_client_id>',
- app_secret: '<your_client_secret>',
- args: {
- scope: 'aq:name email~rs address aq:push'
- }
- }
- ```
-
-1. The `scope` is set to request the:
- - User's name.
- - Required and signed email.
- - Permission to send push notifications to sign in on subsequent visits.
-
- See [OmniAuth Authentiq strategy](https://github.com/AuthentiqID/omniauth-authentiq/wiki/Scopes,-callback-url-configuration-and-responses) for more information on scopes and modifiers.
-
-1. Change `<your_client_id>` and `<your_client_secret>` to the Client credentials you received from Authentiq.
-
-1. Save the configuration file.
-
-1. For the changes to take effect:
- - [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) if you installed GitLab using Omnibus.
- - [Restart GitLab](../restart_gitlab.md#installations-from-source) if you installed GitLab from source.
-
-On the sign in page there should now be an Authentiq icon below the regular sign in form. Select the
-icon to begin the authentication process. If the user:
-
-- Has the Authentiq ID app installed in their iOS or Android device, they can:
- 1. Scan the QR code.
- 1. Decide what personal details to share.
- 1. Sign in to your GitLab installation.
-- Does not have the app installed, they are prompted to download the app and then follow the
- previous procedure.
-
-If everything works, the user is returned to GitLab and is signed in.
-
-<!-- ## Troubleshooting
-
-Include any troubleshooting steps that you can foresee. If you know beforehand what issues
-one might have when setting this up, or when something is changed, or on upgrading, it's
-important to describe those, too. Think of things that may go wrong and include them here.
-This is important to minimize requests for support, and to avoid doc comments with
-questions that you know someone might ask.
-
-Each scenario can be a third-level heading, for example `### Getting error message X`.
-If you have none to add when creating a doc, leave this section in place
-but commented out to help encourage others to add to it in the future. -->
+This feature was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/389452) in 15.9.
+Use another [OmniAuth provider](../../integration/omniauth.md) instead.
diff --git a/doc/integration/index.md b/doc/integration/index.md
index d778d7c08563..195890ea4d8b 100644
--- a/doc/integration/index.md
+++ b/doc/integration/index.md
@@ -29,7 +29,6 @@ You can integrate GitLab with the following authentication sources:
- Enable sign-in with [LDAP](../administration/auth/ldap/index.md).
- Enable creating [OAuth 2.0](oauth_provider.md) applications.
- Use [OmniAuth](omniauth.md) to enable sign-in through:
- - Authentiq ID
- Azure
- Bitbucket
- Crowd
diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md
index b25ba6a00e23..61019915c52d 100644
--- a/doc/integration/omniauth.md
+++ b/doc/integration/omniauth.md
@@ -20,7 +20,6 @@ GitLab supports the following OmniAuth providers.
| [AliCloud](alicloud.md) | `alicloud` |
| [Atlassian](../administration/auth/atlassian.md) | `atlassian_oauth2` |
| [Auth0](auth0.md) | `auth0` |
-| [Authentiq](../administration/auth/authentiq.md) | `authentiq` |
| [AWS Cognito](../administration/auth/cognito.md) | `cognito` |
| [Azure v2](azure.md) | `azure_activedirectory_v2` |
| [Azure v1](azure.md) | `azure_oauth2` |
diff --git a/doc/topics/authentication/index.md b/doc/topics/authentication/index.md
index c50275923541..c1d0a69e1f4c 100644
--- a/doc/topics/authentication/index.md
+++ b/doc/topics/authentication/index.md
@@ -29,7 +29,6 @@ This page gathers all the resources for the topic **Authentication** within GitL
- [Debugging LDAP](https://about.gitlab.com/handbook/support/workflows/debugging_ldap.html)
- **Integrations:**
- [OmniAuth](../../integration/omniauth.md)
- - [Authentiq OmniAuth Provider](../../administration/auth/authentiq.md#authentiq-omniauth-provider)
- [Atlassian Crowd OmniAuth Provider](../../administration/auth/crowd.md)
- [CAS OmniAuth Provider](../../integration/cas.md)
- [SAML OmniAuth Provider](../../integration/saml.md)
diff --git a/lib/gitlab/omniauth_initializer.rb b/lib/gitlab/omniauth_initializer.rb
index fb7ffa03d0e7..a03533dcd9af 100644
--- a/lib/gitlab/omniauth_initializer.rb
+++ b/lib/gitlab/omniauth_initializer.rb
@@ -23,8 +23,6 @@ def default_arguments_for(provider_name)
case provider_name
when 'cas3'
{ on_single_sign_out: cas3_signout_handler }
- when 'authentiq'
- { remote_sign_out_handler: authentiq_signout_handler }
when 'shibboleth'
{ fail_with_empty_uid: true }
when 'google_oauth2'
@@ -53,18 +51,6 @@ def cas3_signout_handler
true
end
end
-
- def authentiq_signout_handler
- lambda do |request|
- authentiq_session = request.params['sid']
- if Gitlab::Auth::OAuth::Session.valid?(:authentiq, authentiq_session)
- Gitlab::Auth::OAuth::Session.destroy(:authentiq, authentiq_session)
- true
- else
- false
- end
- end
- end
end
private
diff --git a/spec/controllers/profiles/accounts_controller_spec.rb b/spec/controllers/profiles/accounts_controller_spec.rb
index 1b4b67eeaff6..ba349768b0f9 100644
--- a/spec/controllers/profiles/accounts_controller_spec.rb
+++ b/spec/controllers/profiles/accounts_controller_spec.rb
@@ -31,7 +31,7 @@
end
end
- [:twitter, :facebook, :google_oauth2, :gitlab, :github, :bitbucket, :crowd, :auth0, :authentiq, :dingtalk, :alicloud].each do |provider|
+ [:twitter, :facebook, :google_oauth2, :gitlab, :github, :bitbucket, :crowd, :auth0, :dingtalk, :alicloud].each do |provider|
describe "#{provider} provider" do
let(:user) { create(:omniauth_user, provider: provider.to_s) }
diff --git a/spec/features/oauth_login_spec.rb b/spec/features/oauth_login_spec.rb
index 07d0fca01397..bd96d65f984b 100644
--- a/spec/features/oauth_login_spec.rb
+++ b/spec/features/oauth_login_spec.rb
@@ -16,7 +16,7 @@ def stub_omniauth_config(provider)
end
providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2,
- :facebook, :cas3, :auth0, :authentiq, :salesforce, :dingtalk, :alicloud]
+ :facebook, :cas3, :auth0, :salesforce, :dingtalk, :alicloud]
around do |example|
with_omniauth_full_host { example.run }
diff --git a/spec/features/oauth_registration_spec.rb b/spec/features/oauth_registration_spec.rb
index 6e1445a9ed65..3c1004e452fe 100644
--- a/spec/features/oauth_registration_spec.rb
+++ b/spec/features/oauth_registration_spec.rb
@@ -23,7 +23,6 @@
:facebook | {}
:cas3 | {}
:auth0 | {}
- :authentiq | {}
:salesforce | { extra: { email_verified: true } }
:dingtalk | {}
:alicloud | {}
diff --git a/spec/lib/gitlab/omniauth_initializer_spec.rb b/spec/lib/gitlab/omniauth_initializer_spec.rb
index a94191f310c2..daef280dbaad 100644
--- a/spec/lib/gitlab/omniauth_initializer_spec.rb
+++ b/spec/lib/gitlab/omniauth_initializer_spec.rb
@@ -216,14 +216,6 @@
expect { subject.execute([hash_config]) }.to raise_error(NameError)
end
- it 'configures remote_sign_out_handler proc for authentiq' do
- authentiq_config = { 'name' => 'authentiq', 'args' => {} }
-
- expect(devise_config).to receive(:omniauth).with(:authentiq, { remote_sign_out_handler: an_instance_of(Proc) })
-
- subject.execute([authentiq_config])
- end
-
it 'configures on_single_sign_out proc for cas3' do
cas3_config = { 'name' => 'cas3', 'args' => {} }
--
GitLab