From f1a42b71145a4f3a60b391f59de9070a19b3dfd6 Mon Sep 17 00:00:00 2001
From: marlon <marlon@riseup.net>
Date: Wed, 30 Oct 2024 17:36:36 -0400
Subject: [PATCH] add SSO_PROVIDER_ID

---
 .env.sample    | 3 ++-
 gitlab.rb.tmpl | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.env.sample b/.env.sample
index bfd76f4..536afd5 100644
--- a/.env.sample
+++ b/.env.sample
@@ -21,6 +21,7 @@ SECRET_RUNNER_TOKEN_VERSION=v1
 SSO=false
 ## Authentik Configuration
 # SSO=true
-# SSO_PROVIDER_URL="https://authentik.mydomain.com/application/o/gitlab/"
 # ORG_NAME="My Organization"
+# SSO_PROVIDER_URL="https://authentik.mydomain.com/application/o/gitlab/"
+# SSO_PROVIDER_ID="your authentik Client ID"
 # SECRET_SSO_PROVIDER_SECRET_VERSION=v1
diff --git a/gitlab.rb.tmpl b/gitlab.rb.tmpl
index 607540b..e51b7dd 100644
--- a/gitlab.rb.tmpl
+++ b/gitlab.rb.tmpl
@@ -579,7 +579,7 @@ gitlab_rails['omniauth_providers'] = [
       "client_auth_method" => "query",
       "send_scope_to_token_endpoint" => "false",
       "client_options" => {
-        "identifier" => "gitlab",
+        "identifier" => "{{ env "SSO_PROVIDER_ID" }}",
         "secret" => "{{ secret "sso_provider_secret" }}",
         "redirect_uri" => "https://{{ env "DOMAIN" }}/users/auth/openid_connect/callback"
       }