# 📦🔐 Verdaccio GitLab OAuth plugin

A GitLab OAuth Plugin for [Verdaccio](https://www.verdaccio.org)

<a href="https://www.npmjs.com/package/verdaccio-gitlab-oauth2">
  <img alt="Version" src="https://flat.badgen.net/npm/v/verdaccio-gitlab-oauth2?icon=npm">
</a>
<a href="https://raw.githubusercontent.com/bizneo/verdaccio-gitlab-oauth2/master/LICENSE">
  <img alt="License" src="https://flat.badgen.net/github/license/bizneo/verdaccio-gitlab-oauth2?icon=github">
</a>
<a href="https://github.com/bizneo/verdaccio-gitlab-oauth2/issues/new/choose">
  <img alt="Issues" src="https://flat.badgen.net/badge/github/create issue/pink?icon=github">
</a>

## About

The plugin is similar to [verdaccio-github-oauth-ui](https://github.com/n4bb12/verdaccio-github-oauth-ui), but adapted to use GitLab APIs. When clicking the login button, instead of filling in a login form, you are asked to log in with itLab.

In case you need CLI support for automation purposes, the plugin is also compatible with it, adapting the functionality from [sinopia-github-oauth-cli](https://github.com/soundtrackyourbrand/sinopia-github-oauth-cli) to work with GitLab.

### Compatibility

- Verdaccio 3, 4 and 5
- Node >=10
- Chrome, Firefox, Firefox ESR, Edge, Safari, IE 11

## Setup Instructions

### Install

```
$ npm install verdaccio-gitlab-oauth2
```

### GitLab Config

- Create an OAuth app at https://gitlab.com/profile/applications
- The callback URL should be `YOUR_REGISTRY_URL/-/doreamon/callback`
- The scope needed is `openid`

### Verdaccio Config

Merge the below options with your existing Verdaccio config:

```yml
middlewares:
  doreamon-oauth2:
    enabled: true

auth:
  doreamon-oauth2:
    client_id: DOREAMON_CLIENT_ID
    client_secret: DOREAMON_CLIENT_SECRET
    root_url: YOUR_REGISTRY_URL # optional, e.g. https://registry.npmjs.org
```

- The configured values can either be the actual value or the name of an environment variable that contains the value.
- The config props can be specified under either the `middlewares` or the `auth` node. Just make sure, the addon is included under both nodes.

#### `client_id` and `client_secret`

These values can be obtained from GitLab OAuth app page at https://gitlab.com/profile/applications.

#### `root_url`

Optional. The URL of the registry, e.g. `https://registry.npmjs.org`.

### Proxy Agent

If you are behind a proxy server, the plugin needs to know the proxy server in order to make GitLab requests.

Configure the below environment variable.

```
$ export GLOBAL_AGENT_HTTP_PROXY=http://127.0.0.1:8080
```

See the [global-agent](https://github.com/gajus/global-agent#environment-variables) docs for detailed configuration instrcutions.

## Login

### Verdaccio UI

- Click the login button and login via GitLab, if not logged in already.
- Authorize the registry - this needs to be done only once.
- After authorizing the registry with GitLab, you'll be redirected back to the Verdaccio registry.

You are now logged in.

### Command Line

To set up authentication with the registry in your npm CLI, you'll need to run the commands shown on the UI.

- Verdaccio 4: open the "Register Info" dialog and klick "Copy to clipboard"
- Verdaccio 3: Select the text in the header and copy it. In case the text is too long, you can double-click it. The invisible part will still be selected and copied.
- Run the copied commands on your terminal.

```
$ npm config set //localhost:4873:_authToken "SECRET_TOKEN"
$ npm config set //localhost:4873:always-auth true
```

- Verify npm is set up correctly by running the `whoami` command. Example:

```
$ npm whoami --registry http://localhost:4873
n4bb12
```

If you see your GitLab username, you are ready to start publishing packages.

## Logout

### Verdaccio UI

Click the <kbd>Logout</kbd> button as per usual.

### Command Line

Unless OAuth access is revoked in the GitLab settings, the token is valid indefinitely.
