search

h2oai / wave

Realtime Web Apps and Dashboards for Python and R
https://wave.h2o.ai
Apache License 2.0
3.9k stars 325 forks source link

Forward all inbound HTTP headers to apps for additional processing #1704

Closed lo5 closed 1 year ago

lo5 commented 1 year ago

See https://github.com/h2oai/wave/discussions/1383#discussioncomment-4163733

MaksymSofer commented 1 year ago

I would like to add very specific usecase to this scenario: Cloudflare Zerotrust use CF_Authorization header to provide authorization to underline app https://developers.cloudflare.com/cloudflare-one/identity/authorization-cookie/validating-json/

and wave currently unable to utilize it..

CF does have client abilities for OIDC but to utilize it i need to setup fullfledged OIDC server and the flow would be CF -> OIDC server -> waveAPP - which raises the implementation score (which i would like to prevent).