gitlab

### OmniAuth Settings
###! Docs: https://docs.gitlab.com/ee/integration/omniauth.html
gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
# gitlab_rails['omniauth_sync_email_from_provider'] = 'saml'
# gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml']
# gitlab_rails['omniauth_sync_profile_attributes'] = ['email']
# gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
gitlab_rails['omniauth_block_auto_created_users'] = false
# gitlab_rails['omniauth_auto_link_ldap_user'] = false
gitlab_rails['omniauth_auto_link_saml_user'] = true
# gitlab_rails['omniauth_auto_link_user'] = ['saml']
# gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2']
# gitlab_rails['omniauth_allow_bypass_two_factor'] = ['google_oauth2']
# gitlab_rails['omniauth_providers'] = [
#   {
#     "name" => "google_oauth2",
#     "app_id" => "YOUR APP ID",
#     "app_secret" => "YOUR APP SECRET",
#     "args" => { "access_type" => "offline", "approval_prompt" => "" }
#   }
# ]
gitlab_rails['omniauth_providers'] = [
    {
     "name" => "saml",
     "label" => "saml sso",
     "args" => {
        "assertion_consumer_service_url" => "http://192.168.2.240:6080/users/auth/saml/callback",
        "idp_cert_fingerprint" => "EC:8B:2F:12:7D:3B:6C:CD:36:6A:DF:00:73:1F:52:C9:B4:39:14:8A",
         "idp_sso_target_url" => "https://authsaur.deepoove.com/idp/profile/SAML2/Redirect/SSO",
         "issuer" => "http://192.168.2.240:6080",
         "name_identifier_format" => "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
         "attribute_statements" => { email: ['umail'],nickname: ['uname'] },
         "uid_attribute" => 'uprincipal'
     }
    }
]