fostermi
commented
8 months ago Please ignore this. It works by setting the Authorization: header with the token. I forgot that I had tested this many months ago.
Closed fostermi closed 8 months ago
fostermi
commented
8 months ago Please ignore this. It works by setting the Authorization: header with the token. I forgot that I had tested this many months ago.
fostermi
commented
8 months ago Closing
We have a Single Page App written in Angular that is also an OIDC client. The user hits the target URL, is redirected to the SSO (in our case Keycloak), logs in and is redirected back to the SPA. From there we have different menu items the app uses to pull in data via an Apache proxy running mod_auth_openidc by requesting a token from KC and then adding that token in a header that mod_auth_openidc can parse, validate and authorize the request based off of the claims in the token.
Is it possible to configure s3-proxy to do something similar? That is, be called in a restful way and validate a token presented to it by the SPA? This would be done without any kind of browser redirection as the URL protected by s3-proxy is not meant to be accessed directly.