Closed zohiba closed 2 years ago
there is a way to access the username of the logged-in user through the cookie created by OAuth proxy by disabling HTTPS only and secure to false. you can access cookie value through your frontend javascript with the help of libraries like js-cookie etc .the cookie value is base64 encoded so you need to decode it and you can get the username
are you sure it is disabling HTTPS only ? I don't see any such option. I thought these are the two you were talking about
"--cookie-secure=false", "--cookie-httponly=false",
yes "--cookie-secure=false", "--cookie-httponly=false" are the options to disable HTTPS only and secure. if you don't want to disable httpsonly for security reasons you can pass the cookie with your request to the server and decode in the server
can you explain a little more on "how to pass the cookie with your request to the server"?
Issues go stale after 90d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen
.
If this issue is safe to close now please do so with /close
.
/lifecycle stale
Stale issues rot after 30d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle rotten
.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen
.
If this issue is safe to close now please do so with /close
.
/lifecycle rotten /remove-lifecycle stale
Rotten issues close after 30d of inactivity.
Reopen the issue by commenting /reopen
.
Mark the issue as fresh by commenting /remove-lifecycle rotten
.
Exclude this issue from closing again by commenting /lifecycle frozen
.
/close
@openshift-bot: Closing this issue.
HI @vamseekrishna25 do you know what configuration I should use to encrypt the _oauth_proxy value? I read I could use --cookie-secret-file
or --cookie-secret
but it is not working for me, I still see the value as base64 encoded, rather than getting encrypted with the secret I provided. Basically, I want the username to be secure and not easily decoded.
Once the user is validated using the oauth proxy, is there a way to pass in that user info to the application?