Stack Overflow
Stack Overflow

Questions tagged [oauth2-proxy]

64 questions
0
votes
0 answers

how to define entrypoint command in dependency helm chart

I have this issue. I need to setup oauth2-proxy in kubernetes via helm, and I need it to use injected vault secret for configuration of proxy. I know that this would be possible by defining 'command' : ['sh', '-c', 'source…
robertxd98
  • 1
0
votes
0 answers

How CSRF is implemented in OAuth2-proxy?

I am new to OAuth2-proxy, I am using it with keyclock to secure our backend, ouath2-proxy generate CSRF token as cookie which is not recommended by OWSAP can anyone explain why it is implemented using cookie. Additionally, it isonly used in callback…
Hammad Ahmad
  • 69
  • 6
0
votes
1 answer

When running `stunnel` as non-root it errors with "setgroups: Operation not permitted"

I need to authenticate to an OIDC server using a client cert (in addition to the normal OIDC client authentication) To avoid modifying the oauth2-proxy code, I'm setting up a transparent encryption layer using stunnel inside a Docker image. FWIW - I…
Jeremy
  • 2,970
  • 1
  • 26
  • 50
0
votes
0 answers

Keycloak oauth-proxy with mocked server mocklab on Kubernetes

When trying to setup keycloak oauth2 on local machine with minikube (virtualbox driver) with mocked server from: https://www.mocklab.io/docs/oauth2-mock/ I get error from : [2022/11/04 15:09:14] [provider.go:55] Performing OIDC…
Lukk17s
  • 986
  • 10
  • 11
0
votes
0 answers

oauth2-proxy and keycloak identity provider error

I'm right now stuck with some configuration I have in my kubernetes. In my lab I want to configure oauth2-proxy to use keycloak as an identity provider. I've everything ready but when trying to login using keycloak it shows a 403 Forbidden error…
Payomeke
  • 43
  • 1
  • 7
0
votes
0 answers

How to stop auto-login using oauth2-proxy, but still refresh sessions when login endpoint was hit once and session exists

I'm curious if ouath2-proxy in an K8S Istio setup can be configured such that login only happens for a host if a user manually requested it pressing a login button for example that redirects to /oauth/start. My use case would be, having a publicly…
Krotz
  • 615
  • 3
  • 9
  • 21
0
votes
1 answer

Cross-Origin Read Blocking (CORB) occurs when setting notpaths config in istio authorization policy

i'm working on istio configuration to build automatic authorization system. I use oauth2-proxy for external authorization and dex for OICD. I have to avoid authorization check for certain sub adress, so I set notPaths option in authorization…
m_moo
  • 7
  • 4
0
votes
1 answer

Grafana running behind nginx and authenticated through oauth2_proxy

Issue: I am trying to set up the following configuration locally [nginx] <-> [oauth2_proxy] <-> [grafana] nginxlistens on 80 oauth2_proxy listens on 4180 grafana listens 3000 Although successfully authenticating through the proxy (from proxy and…
mariovalens
  • 365
  • 1
  • 13
0
votes
1 answer

Grafana login with oauth2_proxy

Issue: I am trying to set up a very simple configuration locally grafana running on default port 3000 oauth2_proxy running on default port 4180 Expectation: Expectation is: after successfully login through oauth2_proxy using google credentials,…
mariovalens
  • 365
  • 1
  • 13
0
votes
1 answer

Problem trying to authenticate with bearer token on nginx + oauth2-proxy + docker

I'm trying to setup a Google Authentication for my MLflow application using nginx, oauth2-proxy and Docker. Everything works fine when I'm logging through web-browser, but I need to access MLflow in Python Scripts and request the MLflow API too. I'm…
Jorge Nachtigall
  • 501
  • 4
  • 20
0
votes
0 answers

Oauth2-proxy: returning 500 error when trying to access through Web-ui

I have a web-ui, oauth2-proxy and Keycloak running a as Kubernetes apps; web-ui and oauth2 are behind the ingress-nginx and keycloak is exposed through NodePort. These are the endpoints I'm using: web-ui: https://ui.mydomain.uk.local oauth2:…
MacUsers
  • 2,091
  • 3
  • 35
  • 56
0
votes
1 answer

Oauth2-proxy failing to sign in after redirecting to oath2 provider

End goal: https://auth.wayofthesys.com/oauth2 should redirect to DigitalOcean or GitHub provider and allow sign in. Currently results in an "oops something went wrong" error at DigitalOcean and a "404 page not found" error at GitHub. Repo is located…
TheOneTrueMorty
  • 159
  • 1
  • 1
  • 9
0
votes
1 answer

OAuth2-proxy test flow

I am trying to set up a workflow of authentication to a new kubernetes cluster (Azure AKS) using oauth2-proxy (https://oauth2-proxy.github.io/oauth2-proxy/). My question is probably pretty dumb, but I am a bit confused. Is there a way to test a flow…
Francesco
  • 61
  • 6
0
votes
1 answer

oauth2-proxy: Connection-refused on local setup

I am setting up oauth2-proxy (https://github.com/oauth2-proxy/oauth2-proxy) in front of another application which cannot provide A&A by it's own. Keycloak-OIDC provider is configured for identity management, In the final state the app will run on…
Marian
  • 91
  • 2
  • 5
0
votes
1 answer

Azure AD: missing roles claim in jwt token through AAD

I am not able to fetch role claim when using AzureAD for authentication. quay.io/oauth2-proxy is used
Docker user
  • 1
1 2 3
4
5