GitLab Authorization Provider

GitLab OAuth App

Creating a GitLab OAuth Application

The first step is to create and register a GitLab Application to grant access to the user's accessible resources like User (Used by Aura Auth), Commits, Deployments, etc. For more detailed information read [OAuth 2.0 identity provider API](OAuth 2.0 identity provider API), OAuth Scopes and Get the current user.

Creating a GitLab OAuth app includes:

• Name: The application name shown when the user tries to grant access to the app.
• Redirect URI: The URL to which GitLab OAuth will redirect, it should end in /auth/callback/GitLab for local and production environments.
  • Local environment: http://localhost:3000/auth/callback/GitLab.
  • Production environment: Set the URL of your production application.
• Scopes: Select scopes based on your application's needs. Aura Auth uses read_user

GitLab Aura Auth

Installation

Install the package using a package manager like npm, pnpm or yarn.

npm install @aura-stack/auth

Environment setup

Now, it's time to create and consume the GitLab credentials required and used by Aura Auth, which include the client Id and client Secret and write them into a .env file.

Additionally set the secret used by Aura Auth to sign and encrypt the user's session.

# GitLab Credentials
AURA_AUTH_GITLAB_CLIENT_ID="gitlab_client_id"
AURA_AUTH_GITLAB_CLIENT_SECRET="gitlab_client_secret"

# Aura Secret
AURA_AUTH_SECRET="32-bytes-secret"

Configure the provider

Set the oauth option of the createAuth instance and writing "gitlab" name.

import { createAuth } from "@aura-stack/auth"

export const auth = createAuth({
  oauth: ["gitlab"],
})

export const { handlers } = auth

Get HTTP Handlers

Use the HTTP handlers to consume the authentication logic and flow the Aura Auth library to be integrated into routers and frameworks.

import { handlers } from "@/auth"

export const { GET, POST } = handlers