Pricore Version
0.52.4
PHP Version
Provided by ghcr.io/pricorephp/pricore:0.52.4
Description
On a self-hosted Pricore deployment pointed at a self-hosted GitLab instance, a user who connects GitLab via OAuth has no path to point the resulting Git Credential at their GitLab base URL. The credential's edit form gates the GitLab URL field behind the personal-access-token field above it, which is marked required. Because the OAuth flow never captures a base URL, and the URL field can't be saved without also providing a PAT, all GitLab API calls fall through to the hardcoded https://gitlab.com default in GitLabProvider::getBaseUrl() and 401 against the user's self-hosted-issued OAuth token.
This effectively blocks the self-hosted-Pricore-against-self-hosted-GitLab deployment shape unless the user generates and pastes a PAT they shouldn't otherwise need.
Steps to Reproduce
- Deploy Pricore (
ghcr.io/pricorephp/pricore:latest) against a self-hosted GitLab instance (e.g. https://gitlab.example.com).
- Sign in to Pricore and connect GitLab via OAuth from the user-account integration flow.
- Navigate to Settings → Git Credentials and click Edit on the GitLab credential created in step 2.
- Enter
https://gitlab.example.com in the GitLab URL field and try to save without filling in the PAT field above it.
- Observe that the save is blocked because the PAT field is required.
- Skip the save, navigate to the import-repository flow, and trigger a "list available repositories" call.
Expected Behavior
I would expect that using the OAuth-integration would capture the Gitlab base URL during the creation flow or honor the site-wide GITLAB_INSTANCE_URI used to direct the OAuth flow, requiring no customization.
Actual Behavior
With no URL on the credential, GitLabProvider::getBaseUrl() falls through to the hardcoded default of https://gitlab.com, causing all subsequent API calls to that integration provider to fail.
Additional Context
- Workaround: Instead of using the OAuth integration, generate a PAT and register the provider that way, with a custom URL provided.
- Fix: Two approaches seem reasonable:
I plan on submitting a fix MR.
Pricore Version
0.52.4
PHP Version
Provided by ghcr.io/pricorephp/pricore:0.52.4
Description
On a self-hosted Pricore deployment pointed at a self-hosted GitLab instance, a user who connects GitLab via OAuth has no path to point the resulting Git Credential at their GitLab base URL. The credential's edit form gates the GitLab URL field behind the personal-access-token field above it, which is marked required. Because the OAuth flow never captures a base URL, and the URL field can't be saved without also providing a PAT, all GitLab API calls fall through to the hardcoded
https://gitlab.comdefault inGitLabProvider::getBaseUrl()and 401 against the user's self-hosted-issued OAuth token.This effectively blocks the self-hosted-Pricore-against-self-hosted-GitLab deployment shape unless the user generates and pastes a PAT they shouldn't otherwise need.
Steps to Reproduce
ghcr.io/pricorephp/pricore:latest) against a self-hosted GitLab instance (e.g.https://gitlab.example.com).https://gitlab.example.comin the GitLab URL field and try to save without filling in the PAT field above it.Expected Behavior
I would expect that using the OAuth-integration would capture the Gitlab base URL during the creation flow or honor the site-wide
GITLAB_INSTANCE_URIused to direct the OAuth flow, requiring no customization.Actual Behavior
With no URL on the credential,
GitLabProvider::getBaseUrl()falls through to the hardcoded default ofhttps://gitlab.com, causing all subsequent API calls to that integration provider to fail.Additional Context
GitlabAuthController- likely theSyncUserGitlabCredentialAction- we should make sure the Gitlab URI is saved.GitlabProvider::getBaseUrl()fall back to theGITLAB_INSTANCE_URIenvironment variable.I plan on submitting a fix MR.