greenpau / caddy-security

🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐
https://authcrunch.com/
Apache License 2.0
1.49k stars 73 forks source link

question: How to add ouath2 proxy parameter? #238

Open artem-zherdiev-ingio opened 1 year ago

artem-zherdiev-ingio commented 1 year ago

Hi, we tried OUATH2 PROXY and had such issue https://github.com/oauth2-proxy/oauth2-proxy/issues/644 which has fix like OAUTH2_PROXY_SESSION_COOKIE_MINIMAL=true.

After switching to caddy security we have same issure now, could we somehow set that session option there? We are using caddy 2.5.1. Thank you!

UPD. The tool we use behind the ouath2 proxy added option to increase the headers limit. So that ticket may be used as FYI, and free to close.

greenpau commented 1 year ago

@artem-zherdiev-ingio , could you please elaborate what the issue is? I don't use oauth2-proxy. Please provide as much context as possible.

CruzMarcio commented 1 year ago

I believe he meant his token is too big, so the application being proxied is giving a "Header is too large" error. You can try adding "enable strip token" on the authorization policy. that will remove the "access_token" cookie from the proxied app.

greenpau commented 1 year ago

@CruzMarcio , thank you! 👍