Comments (8)
Okie dokie, this shouldn't cause any issues so I'm game for working on this, I'll target 2.1
from traefik-forward-auth.
Hmm, to be honest, if you're going to the extent of working against the Google APIs then at that point, I think that this use case may actually be best served by created a forward authentication endpoint in your own application?
I'll leave this open for a while to see if there's any further support/justification but my current thinking is that this wouldn't be something we should support.
from traefik-forward-auth.
To one of our application it would be a requirement to pass the access token down to the service,
hence I second this ask.
oauth2_proxy is capable of both providing the access token and refreshing the token.
Unfortunately oauth2_proxy it is not integrating so elegantly with Traefik, traefik-forward-auth would be a much nicer solution if those two would be addressed.
from traefik-forward-auth.
I think this may be a similar request, but sorry if it's not. But how hard would it be to only authenticate certain paths based on different scopes? Or add the users scope(s) to a header or something along those lines?
from traefik-forward-auth.
@cstack89 I think #57 and #63 should be what you're looking for
from traefik-forward-auth.
Note: if this option is enabled, the access token would need to be encrypted prior to storage in the cookie
from traefik-forward-auth.
I haven't found a elegant way to ensure backwards compatibility on this yet, so I'm going to push into 2.3
from traefik-forward-auth.
Notes added in #100 - hoping to merge that
from traefik-forward-auth.
Related Issues (20)
- Invalid cookie doesn't redirect to auth provider to re-login HOT 1
- Control scopes with Open ID provider ?
- On redirect Traefik-forward-auth strips away any existing query-params after successfully authenticating (oauth)
- Google OAuth Set CSRF cookie and redirected to provider login url HOT 4
- Not found "_oauth" with Azure provider HOT 1
- Use docker secrets for environment variables HOT 2
- Feature request: Pull information about groups of user HOT 1
- How to check for token revocation?
- Safe deployment HOT 1
- multiple whitelist users in rules doesn't work HOT 1
- go-compiler Multiple Vulnerabilities
- whitelist rule not working with arm64 images or images <= 2.2
- Invalid Cookie should point to a recoverable state
- oidc: issuer did not match the issuer returned by provider HOT 2
- oidc: id token signed with unsupported algorithm, expected ["RS256"] got "ES384" HOT 2
- 404 not found after Successful Sign in HOT 2
- Endless loop when using OIDC (cognito) as provider ERR_TOO_MANY_REDIRECTS HOT 3
- Missing Binary Files (and Instructions)
- Device code flow support
- Whitelist is case sensitive
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from traefik-forward-auth.