Comments (4)
jehiah
commented on July 19, 2024
@jos3k4 you are correct, oauth2_proxy will not rewrite requests (or responses) like you are describing.
The primary options you have are to a) use subdomains so you have app1.domain.com and app2.domain.com and set your cookie_domain to .domain.com so they can share authentication, or b) set your upstream as an intermediate nginx endpoint and configure request/response url rewriting there.
from oauth2_proxy.
jos3k4
commented on July 19, 2024
@jehiah thanks for the answer.
With the option a) you mean have something like this?
upstreams = [
"http://app1.company.com",
"http://app2.company.com" ]
If you mean that I've already tried it and the application returns the following trace.
panic: http: multiple registrations for /
goroutine 1 [running]:
net/http.(*ServeMux).Handle(0xc20800b020, 0x7c4810, 0x1, 0x7fd79a471568, 0xc20801ee60)
/usr/local/Cellar/go/1.4.2/libexec/src/net/http/server.go:1557 +0x244
main.NewOauthProxy(0xc20800cd80, 0xc20801eca0, 0x1)
/Users/jehiah/projects/tmp_build/src/github.com/bitly/oauth2_proxy/oauthproxy.go:98 +0x3d3
main.main()
/Users/jehiah/projects/tmp_build/src/github.com/bitly/oauth2_proxy/main.go:92 +0x14c7
goroutine 2 [runnable]:
runtime.forcegchelper()
/usr/local/Cellar/go/1.4.2/libexec/src/runtime/proc.go:90
runtime.goexit()
/usr/local/Cellar/go/1.4.2/libexec/src/runtime/asm_amd64.s:2232 +0x1
goroutine 3 [runnable]:
runtime.bgsweep()
/usr/local/Cellar/go/1.4.2/libexec/src/runtime/mgc0.go:82
runtime.goexit()
/usr/local/Cellar/go/1.4.2/libexec/src/runtime/asm_amd64.s:2232 +0x1
goroutine 4 [runnable]:
runtime.runfinq()
/usr/local/Cellar/go/1.4.2/libexec/src/runtime/malloc.go:712
runtime.goexit()
/usr/local/Cellar/go/1.4.2/libexec/src/runtime/asm_amd64.s:2232 +0x1
I understand is normal behaviour because the application doesn't allow two routing paths pointing to "/"
Probably for now I will use multiple instances of oauth2_proxy for each application on my internal network. Again thanks for all.
from oauth2_proxy.
mbland
commented on July 19, 2024
For a one-cookie-multiple-domain example, check out the 18F/hub SSO configuration, inspired by #12. It is a little subtle, but very effective. The one thing the README doesn't get into is the individual location definitions; you can see those in the 18F/hub nginx vhost configs.
from oauth2_proxy.
jos3k4
commented on July 19, 2024
The implementation that I've done is fine for now, thanks for the help to everyone!
from oauth2_proxy.
Related Issues (20)
- GitHub Authentication keeps valid after user is removed from org or team HOT 1
- V2.2 is complaining about the google oauth Json file
- will oauth2_proxy support PUT HOT 2
- help with scope setting for okta HOT 1
- HTTP Basic Auth and set-xauthrequest HOT 4
- oauth2_proxy failing on the callback url using oidc provider HOT 1
- failing with oidc provider discovery object
- Safari is not sending cookies when doing CORS requests
- set response_mode
- Recent update of golang.org/x/oauth2/google libraries caused TestRequestSignaturePostRequest to fail
- OIDC provider disappeared in `v2.2` without any notice. HOT 1
- how to handle the callback url and get the login google emaill account? HOT 1
- htpasswd auth not working HOT 2
- Integrating oauth2_proxy with AWS Cognito HOT 3
- Microsoft Azure AD B2C Support
- user-configured redirect URL clobbered in oauthproxy.go HOT 5
- oidc and scope
- Restrict auth to specific Google groups returning Invalid Account HOT 1
- 404 not found on redirect HOT 1
- Cookie Path Defaults to Root '/' Even when Using "proxy-prefix" option
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth2_proxy.