Would be wonderful to see how oauth2-proxy is configured with ISTIO
@manasjain914
3 жыл бұрын
please also make a video on the active directory OAuth2 Proxy
@leonidgaidai1989
2 жыл бұрын
Good explanation. Thank you for video
@g-luu
Жыл бұрын
Great tutorial. Have a question regarding how would i protect a backend api with this? For instance the frontend already has the access token but the api is of a different system that is not public.
@laszlofogas
Жыл бұрын
There is a problem. If you put the token in the frontend, it will go to the user's machine and the backend will not be protected anymore as you exposed your keys. So static tokens, and basic auth will not work here. Maybe if you use an OAuth based approach, like with Github, that's better. At least those tokens expire and are linked to your identity. What you need to check is what cookie the auth parameters are stored in. If you are lucky you can access those cookies and you can send those tokens when you request the backend with your frontend. But chances are there is a browser sandbox limitation, and you won't be able to access the cookie.
@nguyenphu-o5d
Ай бұрын
Hi can I ask why I can stll get inside my app after revoke my github token? I am using public host.
@laszlofogas
24 күн бұрын
There is a cookie in oauth2proxy that holds authorized state. It has a timeout, maybe that needs tuning. I wanted to find it for you, but didn't get there.
@nguyenphu-o5d
24 күн бұрын
@@laszlofogasI figure it out, the issue is nginxinc which I was using does not support sso, the ingress-nginx develop by kubernetes does support sso which is different from nginxinc.
@JerryOmann
3 жыл бұрын
Nice video. How can the application read the login Username? Is there a header field for the name, how can we add that? 🤔
@laszlofogas
3 жыл бұрын
I scanned the docs, but don't see such an option: oauth2-proxy.github.io/oauth2-proxy/docs/
@Yggdrasil42
2 жыл бұрын
Several headers are added to the forwarded request. The username is in one of them.
@rampanwar1316
3 жыл бұрын
Can i add my custom auth server ?
@JosiahRitchie
3 жыл бұрын
Very useful info, but hard to hear.
@laszlofogas1723
3 жыл бұрын
You are right, the sound level is way too low. I was using a condenser mic which I was never able to set up properly. Either picked up every noise from the whole house or it was too quiet. I picked up a podcaster mic since then. Hoping to produce better sound levels in the coming videos.
@JosiahRitchie
3 жыл бұрын
@@laszlofogas1723 Excellent!
@yousrimefteh2506
6 ай бұрын
i need help please can you help me ?
@LuizJrDeveloper
2 жыл бұрын
How to validade group on keycloak?
@laszlofogas
2 жыл бұрын
These are the keycloak configs: oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider#keycloak-auth-provider You have to edit the manifests/oauth2-proxy.yaml manually, to match the config from the link above. Gimlet Stack will preserve your changes in future updates.
Пікірлер: 18