From 0ce641a3bb71af40d611a0cb6535d54208c52291 Mon Sep 17 00:00:00 2001
From: Xueshan Feng <sfeng@stanford.edu>
Date: Sun, 22 Nov 2015 22:19:43 -0800
Subject: [PATCH] Added "OAUTH_SAML_LABEL" environment to allow customization.

---
 README.md                                 | 5 ++++-
 assets/runtime/config/gitlabhq/gitlab.yml | 2 +-
 assets/runtime/env-defaults               | 1 +
 assets/runtime/functions                  | 1 +
 4 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index a259330f..11d9c9bc 100644
--- a/README.md
+++ b/README.md
@@ -696,7 +696,9 @@ For example, if your Client ID is `xxx` and the Client secret is `yyy`, then add
 
 GitLab can be configured to act as a SAML 2.0 Service Provider (SP). This allows GitLab to consume assertions from a SAML 2.0 Identity Provider (IdP) such as Microsoft ADFS to authenticate users. Please refer to the GitLab [documentation](http://doc.gitlab.com/ce/integration/saml.html).
 
-The following parameters have to be configured to enable SAML OAuth support in this image: `OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL`, `OAUTH_SAML_IDP_CERT_FINGERPRINT`, `OAUTH_SAML_IDP_SSO_TARGET_URL`, `OAUTH_SAML_ISSUER` and `OAUTH_SAML_NAME_IDENTIFIER_FORMAT`
+The following parameters have to be configured to enable SAML OAuth support in this image: `OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL`, `OAUTH_SAML_IDP_CERT_FINGERPRINT`, `OAUTH_SAML_IDP_SSO_TARGET_URL`, `OAUTH_SAML_ISSUER` and `OAUTH_SAML_NAME_IDENTIFIER_FORMAT`.
+
+You can also override the default "Sign in with" button label with `OAUTH_SAML_LABEL`.
 
 Please refer to [Available Configuration Parameters](#available-configuration-parameters) for the default configurations of these parameters.
 
@@ -868,6 +870,7 @@ Below is the complete list of available options that can be used to customize yo
 - **OAUTH_SAML_IDP_CERT_FINGERPRINT**: The SHA1 fingerprint of the certificate. No Defaults.
 - **OAUTH_SAML_IDP_SSO_TARGET_URL**: The URL to which the authentication request should be sent. No defaults.
 - **OAUTH_SAML_ISSUER**: The name of your application. When `GITLAB_HTTPS=true`, defaults to `https://${GITLAB_HOST}` else defaults to `http://${GITLAB_HOST}`.
+- **OAUTH_SAML_LABEL**: The "Sign in with" button label. Defaults to "Our SAML Provider".
 - **OAUTH_SAML_NAME_IDENTIFIER_FORMAT**: Describes the format of the username required by GitLab, Defaults to `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`
 - **OAUTH_CROWD_SERVER_URL**: Crowd server url. No defaults.
 - **OAUTH_CROWD_APP_NAME**: Crowd server application name. No defaults.
diff --git a/assets/runtime/config/gitlabhq/gitlab.yml b/assets/runtime/config/gitlabhq/gitlab.yml
index 2341113e..824fc9b4 100644
--- a/assets/runtime/config/gitlabhq/gitlab.yml
+++ b/assets/runtime/config/gitlabhq/gitlab.yml
@@ -306,7 +306,7 @@ production: &base
           app_id: '{{OAUTH_TWITTER_API_KEY}}',
           app_secret: '{{OAUTH_TWITTER_APP_SECRET}}' }
       - { name: 'saml',
-          label: 'Our SAML Provider',
+          label: label: '{{OAUTH_SAML_LABEL}}',
           args: {
                   assertion_consumer_service_url: '{{OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL}}',
                   idp_cert_fingerprint: '{{OAUTH_SAML_IDP_CERT_FINGERPRINT}}',
diff --git a/assets/runtime/env-defaults b/assets/runtime/env-defaults
index dce69098..0f1c549c 100644
--- a/assets/runtime/env-defaults
+++ b/assets/runtime/env-defaults
@@ -227,6 +227,7 @@ case $GITLAB_HTTPS in
     OAUTH_SAML_ISSUER=${OAUTH_SAML_ISSUER:-http://${GITLAB_HOST}}
     ;;
 esac
+OAUTH_SAML_LABEL=${OAUTH_SAML_LABEL:-'Our SAML Provider'}
 OAUTH_SAML_IDP_CERT_FINGERPRINT=${OAUTH_SAML_IDP_CERT_FINGERPRINT:-}
 OAUTH_SAML_IDP_SSO_TARGET_URL=${OAUTH_SAML_IDP_SSO_TARGET_URL:-}
 OAUTH_SAML_NAME_IDENTIFIER_FORMAT=${OAUTH_SAML_NAME_IDENTIFIER_FORMAT:-urn:oasis:names:tc:SAML:2.0:nameid-format:transient}
diff --git a/assets/runtime/functions b/assets/runtime/functions
index b1595933..57106f55 100644
--- a/assets/runtime/functions
+++ b/assets/runtime/functions
@@ -401,6 +401,7 @@ gitlab_configure_oauth_saml() {
         -n ${OAUTH_SAML_NAME_IDENTIFIER_FORMAT} ]]; then
     echo "Configuring gitlab::oauth::saml..."
     OAUTH_ENABLED=${OAUTH_ENABLED:-true}
+    exec_as_git sed -i 's/{{OAUTH_SAML_LABEL}}/'"${OAUTH_SAML_LABEL}"'/' ${GITLAB_INSTALL_DIR}/config/gitlab.yml
     exec_as_git sed -i 's,{{OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL}},'"${OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL}"',' ${GITLAB_INSTALL_DIR}/config/gitlab.yml
     exec_as_git sed -i 's/{{OAUTH_SAML_IDP_CERT_FINGERPRINT}}/'"${OAUTH_SAML_IDP_CERT_FINGERPRINT}"'/' ${GITLAB_INSTALL_DIR}/config/gitlab.yml
     exec_as_git sed -i 's,{{OAUTH_SAML_IDP_SSO_TARGET_URL}},'"${OAUTH_SAML_IDP_SSO_TARGET_URL}"',' ${GITLAB_INSTALL_DIR}/config/gitlab.yml