*: create set of enrichment APIs for sso to proxy to providers

buzzfeed / sso

sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services

MIT License

3.09k stars 186 forks source link

*: create set of enrichment APIs for sso to proxy to providers #111

Open shrayolacrayon opened 5 years ago

shrayolacrayon commented 5 years ago

Some upstreams need additional information about users from the google apis that require having an access token. Rather than passing the access token in a header, we can create a set of enrichment APIs that proxy requests to the google API and retrieve common user information. Upstreams would hit an endpoint in either sso-proxy or sso-auth to make those requests.

shrayolacrayon commented 5 years ago

This would allow us to deprecate using the abstraction in #109 and remove the potential of upstreams accidentally creating security vulnerability.