Mattermost has depreciated support for GitLab SSO in community (open source) version since V11, so there's no need to keep this repository private. The latest known version as usable is V10.
This repository works as a middleware between Mattermost and Keycloak, providing a compatibility layer for open source version of Mattermost to use Keycloak as SSO provider. It has some nasty tricks since keycloak doesn't use integer ID as GitLab, so use at your own risk.
We deploy this repository on CloudFlare Workers, so if you want to deploy your own version or use other platforms, please don't forget to change necessary settings like those in wrangler.jsonc.
This repository won't receive any updates as we are now looking for alternatives.
sequenceDiagram
MM->>+Agent: Authorize request (Frontend)
Agent->>+KC: Authorize request (Redirect)
KC->>-Agent: Authorize callback
Agent->>-MM: Authorize complete
MM->>+Agent: Token request (Backend)
Agent->>+KC: Token request (Proxy)
KC->>-Agent: Token response
Agent->>-MM: Token response
MM->>+Agent: User request (Backend)
Agent->>+KC: User request (Proxy)
KC->>-Agent: User response
Agent-->>Agent: Modify response, map int ID
Agent->>-MM: User response (modified)