Comments (4)
Hey @Ghazgkull,
I appreciate our Documentation currently sucks, I have a personal project on-going in which I hope to improve the situation of our documentation but it may take some time before that is done. Please bear with us!
It looks to me like the problem you are having is that the proxy-prefix
isn't being honoured when redirecting to start by the start button, GET - "/oauth2/start?rd=%2F"
should be GET - "/logs/oauth2/start?rd=%2F"
right?
from oauth2-proxy.
@JoelSpeed Yes, the proxy-prefix
setting was the issue. Or rather, my interpretation of how it should behave.
I expected that proxy-prefix
is a way for me to configure the proxy path that oauth2_proxy
is behind. I expected that oauth2_proxy
would prepend proxy-prefix
to any paths it gives out. But I didn't expect proxy-prefix
to affect the route handling within oauth2_proxy
itself. I realize now that proxy-prefix
really just means path-prefix
and it's a way to tell oauth2-proxy
what paths to expect.
Armed with this new understanding, I was able to get oauth2_proxy
to start working with my OIDC provider (Okta).
I would really like a way to tell oauth2_proxy
that it's behind another proxy, though, the same way I can configure Kibana with what they call server.basePath
. It would allow to more seamlessly add oauth2_proxy
to setups like mine where I'm doing path-based routing to a particular microservice behind a single hostname and I want oauth2_proxy
to provide authorization just for that route. In my example, I want to route the public path /logs
to oauth2_proxy
using URL re-writing to remove the /logs
prefix of the path before it ever gets to the proxy. So oauth2_proxy
would receive traffic at its default routes. But any time it handed out a URL (like on the signup page), it would have to prepend `/logs.
from oauth2-proxy.
@Ghazgkull do you remember how you got it to work in the end We are also using a proxy (ambassador) in front of the oauth2 proxy.
when we go through Ambassador to reach /dashboard, we redirect to oauth2_proxy but the /dashboard is always kept...
from oauth2-proxy.
This issue has been inactive for 60 days. If the issue is still relevant please comment to re-activate the issue. If no action is taken within 7 days, the issue will be marked closed.
from oauth2-proxy.
Related Issues (20)
- [Bug]: Infinite loop if the Csrf cookie is set twice
- [Support]: nginx + oauth2-proxy, logout configuration
- [Feature]: options for add files in /oauth2/static/ HOT 4
- [Feature]: Guides for rauthy and/or authelia
- [Bug]: Unable to use hyphen in JSON path for oidc-groups-claim option
- [Bug]: Invalid authentication via OAuth2 via Github for the owner of the organisation HOT 8
- [Bug]: Possible typo in source code for static upstreams HOT 2
- [Bug]: Incomplete source of request urls for skip_auth_routes feature
- [Bug]: Redirect after second google login to home page not working
- [Support]: 401 Authorization Required even finished authentication HOT 1
- [Feature]: use username (or any other attribute from the provider) in basic auth header instead of the ID
- [Feature]: JWT validation only mode HOT 8
- [Bug]: An invalid redirect to a non-whitelisted domain creates a valid session cookie after redirecting to "/"
- Pass bearer token to the backend with nginx
- [Support]: Multi-Domain Forward-Auth with Traefik/k3s
- [Feature]: [Azure] Support certificate-based flow for requesting access token HOT 1
- [Feature]: Support for dry-run
- [Support]: failed to verify id token signature
- [Bug]: Setting `proxy-prefix` in helm seems to break login
- [Bug]: Azure provider: problem with ProfileURL/ userInfoURL (duplicate of closed issue #2162 )
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth2-proxy.