Passport strategy for authenticating with SSH keys and gitlab's public user keys used via JWT to authenticate requests.
This module lets you authenticate using GitLab in your Node.js applications. By plugging into Passport, GitLab authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.
$ npm install passport-gitlab-sshSay you've got SSH access to gitlab, eg, you can run ssh [email protected] and it will respond with my user ID.
And you'd like to be able to make a HTTPS request to your-server.com, passing some secret from gitlab.com, so your server knows you're trusted.
This middleware allows you to validate requests signed using your private key.
The example client (docs/example-client.js) will:
- ssh into gitlab to discover the username
- generate a JWT claiming which user I am
- sign the JWT using my private key
And this server middleware will:
- recieve the request claiming which user it was
- get the user's pubkey from gitlab.com/users/myuser.key
- verifies the JWT was signed by that user's private key, using the pubkey provided by gitlab
passport.use(new GitLabSshStrategy({},
function(user, done) {
done(user);
}
));Use passport.authenticate(), specifying the 'gitlab-ssh' strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/secure', passport.authenticate('gitlab-ssh'));Passport-GitLab automatically uses GitLab.com as
authentication endpoint when not configured otherwise. You can use the baseURL
parameter to point to any other GitLab instance as following:
new GitLabSshStrategy({
baseURL: "https://gitlab.example.com/"
}), ...)