search

openshift / oauth-proxy

A reverse proxy that provides authentication with OpenShift via OAuth and Kubernetes service accounts
MIT License
261 stars 136 forks source link

Inject custom headers #253

Closed fabry00 closed 11 months ago

fabry00 commented 1 year ago

Hi

is it possible to inject custom headers to the upstream? My use case is this: I need to inject a Service Account token as Authorization Barer token to the upstream. Then the upstream server will forward the token to thanos for authentication.

This is my current configuration

image: openshift4/ose-oauth-proxy:v4.8'
args:
  - '--https-address=:8443'
  - '--provider=openshift'
  - '--openshift-service-account={{ .Values.service_account }}'
  - '--upstream=http://localhost:{{ .Values.ports.ui }}'
  - '--tls-cert=/etc/tls/private/tls.crt'
  - '--tls-key=/etc/tls/private/tls.key'
  - '--cookie-secret=cookie-secret'
  - '--skip-provider-button'
  - '--pass-basic-auth=false'

I would like to do something like this:

args:
 - '--upstream=http://localhost:{{ .Values.ports.ui }}'
 - - '--upstream-headers=Authorization: Bearer ${mytocken_from_env_variable}'

Thank you

openshift-bot commented 1 year ago

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close. Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

openshift-bot commented 1 year ago

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten. Rotten issues close after an additional 30d of inactivity. Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten /remove-lifecycle stale

openshift-bot commented 11 months ago

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen. Mark the issue as fresh by commenting /remove-lifecycle rotten. Exclude this issue from closing again by commenting /lifecycle frozen.

/close

openshift-ci[bot] commented 11 months ago

@openshift-bot: Closing this issue.

In response to [this](https://github.com/openshift/oauth-proxy/issues/253#issuecomment-1704041795): >Rotten issues close after 30d of inactivity. > >Reopen the issue by commenting `/reopen`. >Mark the issue as fresh by commenting `/remove-lifecycle rotten`. >Exclude this issue from closing again by commenting `/lifecycle frozen`. > >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.