[SOLVED] Undefined method `provider' for nil:nilclass. Gitlab and LDAP

Undefined method `provider' for nil:nilclass. Gitlab and LDAP

Here is the error on gitlab main page:

Could not authenticate you from Ldapmain because "Undefined method `provider' for nil:nilclass".

Here are logs from gitlab production.log file:

Started POST "/users/auth/ldapmain/callback" for 78.142.235.112 at 2023-10-17 15:06:29 +0000
Processing by Ldap::OmniauthCallbacksController#ldapmain as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "username"=>"rostom", "password"=>"[FILTERED]"}
Completed 500 Internal Server Error in 514ms (ActiveRecord: 285.9ms | Elasticsearch: 0.0ms | Allocations: 61589)
Processing by OmniauthCallbacksController#failure as HTML

Here are proofs that Gitlab can get users from OpenLdap: ApacheDirectoryStudio sreenshot

docker-compose -f docker-compose-gitlab-gateway.yml exec gitlab gitlab-rake gitlab:ldap:check
Checking LDAP ...

LDAP: ... Server: ldapmain
LDAP authentication... Success
LDAP users with access to your GitLab server (only showing the first 100 results)
  DN: cn=ivan,ou=developer,dc=webinnovations,dc=ru   cn: User1
  DN: cn=rostom,ou=developer,dc=webinnovations,dc=ru   cn: User2
  DN: cn=stepan,ou=owner,dc=webinnovations,dc=ru   cn: User1
  DN: cn=john,ou=maintainer,dc=webinnovations,dc=ru   cn: User1
  DN: cn=andrew,ou=guest,dc=webinnovations,dc=ru   cn: User1

Checking LDAP ... Finished

The error is not related to the password length or to a specific domain: admin area in Gitlab sreenshot

Here is my gitlab.rb config:

#LDAP

gitlab_rails['ldap_enabled'] = true

gitlab_rails['ldap_servers'] = YAML.load <<-EOS # remember to close this block with 'EOS' below
  main:
    active_directory: true 
    allow_username_or_email_login: true
    attributes:
      email:
        - mail
      first_name: givenName
      last_name: sn
      name: cn
      username:
        - cn 
    base: 'DC=webinnovations,DC=ru'
    bind_dn: 'cn=admin,dc=webinnovations,dc=ru'
    encryption: 'plain' 
    host: 'openldap'
    label: 'LDAP'
    uid: 'cn'
    port: '1389'
    password: 'password'
    verify_certificates: false 
    block_auto_created_users: false 
    user_filter: '(&(!(ou=!Stoped))(!(ou=Disabled People)))'
EOS

I've used that image for LDAP: https://hub.docker.com/r/bitnami/openldap/

I've tried change active_directory: true to false in gitlab.rb and expect that I can sing in, but it doesn't help me.

Solution

I've found the answer:

2023-10-17T17:51:36.519Z: (ldapmain) Callback phase initiated.
2023-10-17T17:51:37.296Z: (LDAP) Error saving user cn=ivan,ou=developer,dc=webinnovations,dc=ru (temp-email-for-oauth-User1@gitlab.localhost): ["Email has already been taken"]
2023-10-17T17:51:37.306Z: (ldapmain) Authentication failure! ldap_error: NoMethodError, undefined method `provider' for nil:NilClass

I've added mail attribute to user and it works!

Sreenshot with user attributes