aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabIdentityProvider.java5
-rw-r--r--server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabIdentityProviderTest.java2
2 files changed, 4 insertions, 3 deletions
diff --git a/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabIdentityProvider.java b/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabIdentityProvider.java
index fdd76dcd932..ebfa534c55c 100644
--- a/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabIdentityProvider.java
+++ b/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabIdentityProvider.java
@@ -43,6 +43,7 @@ public class GitLabIdentityProvider implements OAuth2IdentityProvider {
public static final String API_SCOPE = "api";
public static final String READ_USER_SCOPE = "read_user";
+ public static final String KEY = "gitlab";
private final GitLabSettings gitLabSettings;
private final ScribeGitLabOauth2Api scribeApi;
private final GitLabRestClient gitLabRestClient;
@@ -55,7 +56,7 @@ public class GitLabIdentityProvider implements OAuth2IdentityProvider {
@Override
public String getKey() {
- return "gitlab";
+ return KEY;
}
@Override
@@ -93,7 +94,7 @@ public class GitLabIdentityProvider implements OAuth2IdentityProvider {
checkState(isEnabled(), "GitLab authentication is disabled");
return new ServiceBuilder(gitLabSettings.applicationId())
.apiSecret(gitLabSettings.secret())
- .defaultScope(API_SCOPE)
+ .defaultScope(gitLabSettings.syncUserGroups() ? API_SCOPE : READ_USER_SCOPE)
.callback(context.getCallbackUrl());
}
diff --git a/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabIdentityProviderTest.java b/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabIdentityProviderTest.java
index 3371b3188a1..49399eb64e7 100644
--- a/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabIdentityProviderTest.java
+++ b/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabIdentityProviderTest.java
@@ -85,7 +85,7 @@ public class GitLabIdentityProviderTest {
gitLabIdentityProvider.init(initContext);
- verify(initContext).redirectTo("http://server/oauth/authorize?response_type=code&client_id=123&redirect_uri=http%3A%2F%2Fserver%2Fcallback&scope=api");
+ verify(initContext).redirectTo("http://server/oauth/authorize?response_type=code&client_id=123&redirect_uri=http%3A%2F%2Fserver%2Fcallback&scope=read_user");
}
@Test