Closed jgn closed 6 years ago
It's in the master branch, but it's not in the v2.2 release (which is over a year old).
Think I should delete these two issues? (I think the one about not throwing an error if you make up a provider is a genuine flaw.)
On Sun, May 13, 2018 at 4:29 PM, Pierce Lopez notifications@github.com wrote:
It's in the master branch, but it's not in the v2.2 release (which is over a year old).
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/bitly/oauth2_proxy/issues/589#issuecomment-388657352, or mute the thread https://github.com/notifications/unsubscribe-auth/AAC38q4ii0Ht4x48plVcZccR6RUOgMLcks5tyKXLgaJpZM4T84t3 .
-- John G. Norman https://www.linkedin.com/in/johngnorman • VP, Technology • Iora Health http://www.iorahealth.com 101 Tremont Street, 6th floor, Boston, MA 02108 651-356-9929
Yeah I'd close the two issues and leave open the confusing default provider one.
Closing out because this is awaiting release 2.3.
Please release version 2.3, because we really need OpenID Connect support,
ThX in advance, Wolfgang Glas
Hi @wglas85, I was searching exactly for the same. But unluckily I was not able to find an official supported and maintained fork from oauth2_proxy.
I then tested the oidc integration with this docker image: a5huynh/oauth2_proxy
and got it working with Auth0 as identity provider.
Let me list an extract from my docker-compose.yml, probably it helps you:
version: '3'
services:
auth-proxy:
image: a5huynh/oauth2_proxy
ports:
- "80:4180"
command: [
"--redirect-url=http://localhost",
"--upstream=http://upstream:3000",
"--login-url=https://your-identity-provider/authorize",
"--redeem-url=https://your-identity-provider/oauth/token",
"--validate-url=https://your-identity-provider/userinfo",
"--email-domain=*",
"--http-address=0.0.0.0:4180",
"--skip-provider-button",
"--scope=openid profile email",
"--cookie-secure=false"
]
environment:
OAUTH2_PROXY_CLIENT_ID: client-id
OAUTH2_PROXY_CLIENT_SECRET: client-secret
OAUTH2_PROXY_COOKIE_SECRET: cookie-secert
Cheers e-bits
Example attempt to run:
Log:
And then when browsing, the login says: "Sign in with a Google Account."
(Basically it seems that the oidc provider isn't hooked in.)