1

How do I make an HTTPS request to a GitLab page protected by OAuth2?

Background: A GL repo assembles draft documentation from multiple development repos and publishes on GitLab Pages. All of this is protected by OAuth2. As we near a release date I need to make the draft visible to a wider internal audience, for whom we do not buy GL seats. The public documentation server has a preview URL, lightly protected by Basic Auth. I should be able to reverse proxy to the GitLab Pages draft – if I could only get the HTTPS request to GL to work.

Testing with curl and wget and a Personal Access Token (PAT) XYZXYZXYZXYZXYZXYZXY (no, not really) with every role granted.

❯ wget 'https://ourdev.gitlab.io/this/is/my/documentation?access_token=XYZXYZXYZXYZXYZXYZXY'
--2021-09-24 13:33:32--  https://ourdev.gitlab.io/this/is/my/documentation?access_token=XYZXYZXYZXYZXYZXYZXY
Resolving ourdev.gitlab.io (ourdev.gitlab.io)... 35.185.44.232
Connecting to ourdev.gitlab.io (ourdev.gitlab.io)|35.185.44.232|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://projects.gitlab.io/auth?domain=https://ourdev.gitlab.io&state=bCN5ylZVNsjKt33cFslzNw== [following]
--2021-09-24 13:33:33--  https://projects.gitlab.io/auth?domain=https://ourdev.gitlab.io&state=bCN5ylZVNsjKt33cFslzNw==
Resolving projects.gitlab.io (projects.gitlab.io)... 35.185.44.232
Connecting to projects.gitlab.io (projects.gitlab.io)|35.185.44.232|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://gitlab.com/oauth/authorize?client_id=5059a88907e1b093c23df47d996183b101a862a5e53e099b563120d1308db2c1&redirect_uri=https://projects.gitlab.io/auth&response_type=code&state=bCN5ylZVNsjKt33cFslzNw==&scope=api [following]
--2021-09-24 13:33:33--  https://gitlab.com/oauth/authorize?client_id=5059a88907e1b093c23df47d996183b101a862a5e53e099b563120d1308db2c1&redirect_uri=https://projects.gitlab.io/auth&response_type=code&state=bCN5ylZVNsjKt33cFslzNw==&scope=api
Resolving gitlab.com (gitlab.com)... 172.65.251.78, 2606:4700:90:0:f22e:fbec:5bed:a9b9
Connecting to gitlab.com (gitlab.com)|172.65.251.78|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://gitlab.com/users/sign_in [following]
--2021-09-24 13:33:34--  https://gitlab.com/users/sign_in
Reusing existing connection to gitlab.com:443.
HTTP request sent, awaiting response... 503 Service Temporarily Unavailable
2021-09-24 13:33:34 ERROR 503: Service Temporarily Unavailable.

Similar results from:

wget 'https://oauth2:XYZXYZXYZXYZXYZXYZXY@https://ourdev.gitlab.io/this/is/my/documentation'
curl -ILs --header "Authorization: Bearer XYZXYZXYZXYZXYZXYZXY" "https://ourdev.gitlab.io/this/is/my/documentation"

Everything seems to lead to https://gitlab.com/users/sign_in followed by the 503.

Many articles show how to use PATs to reach the GitLab API. Perhaps they are not the way to simply request a page?

SJT
  • 1,067
  • 5
  • 10

1 Answers1

0

GitLab devs say (a year ago) it’s “not possible currently”:

Programmatic access to private pages

SJT
  • 1,067
  • 5
  • 10