Hi everyone,
I'm reaching out to request reviews for a series of OAuth-related changes that we (Arista Networks) have been successfully running in production on Gerrit 3.10-3.12 for the past year. We recently ran into merge conflicts when upgrading to 3.13, which motivated us to rebase these patches and work towards getting them merged upstream.
Background:
The first two commits were originally posted in 2024, and we've been using these patches to enable OAuth authentication alongside HTTP passwords for service/robot users that don't have an identity in OAuth providers.
Changes:
1.
OAuth: Refactor verify method to reduce nesting - Refactoring to improve code readability and maintainability
- Addresses review feedback from
https://gerrit-review.googlesource.com/c/gerrit/+/508386 - Review:
https://gerrit-review.googlesource.com/c/gerrit/+/521461 2.
GitBasicAuthPolicy: Add support for HTTP_OAUTH - Adds HTTP_OAUTH configuration option
- Allows service users to use HTTP passwords when OAuth is enabled
- Enables OAuth and HTTP password authentication to coexist
- Review:
https://gerrit-review.googlesource.com/c/gerrit/+/434157/11 3.
OAuth: Correctly map externalId for Git authentication - Ensures the correct externalId from OAuthRealm is used instead of the default 'external:'
- Added tests along with refactoring
- Review:
https://gerrit-review.googlesource.com/c/gerrit/+/434897/8
Request:
Could I get reviews on these changes? We'd love to work with the community to get these merged upstream. Happy to address any feedback or concerns!
Thank you,
Rohan
