search

vouch / vouch-proxy

an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
MIT License
2.87k stars 328 forks source link

auth_resp_x_vouch_user is always homeassistant for all users with home assistant provider #565

Open ivanjx opened 2 months ago

ivanjx commented 2 months ago

Describe the problem i am trying to implement basic authorization per domain with openresty following the examples provided in this repo. however for all the users on my home assistant, the auth_resp_x_vouch_user is always homeassistant.

Expected behavior auth_resp_x_vouch_user should be the same as the home assistant username.

Desktop (please complete the following information):

Additional context configs and scripts: https://gist.github.com/ivanjx/1a08d6e0413cb6b9bb8302ebe7db9de1

nginx log output:

2024/06/27 17:16:22 [error] 7#7: *12 [lua] user_auth.lua:28: VOUCH USER GNAME: homeassistant!
ivanjx commented 2 months ago

sorry for not looking into the HA integration code before opening this issue. i realized that HA does not even provide an api to query the username. however i am trying to merge changes that could make this happen.

https://github.com/home-assistant/core/pull/120811

bnfinet commented 1 month ago

@ivanjx thanks for contributing to VP and improving the userinfo endpoint for HA

Are you using this successfully?

I'll give it a more thorough review when I have some time to look at VP stuff (probably September)

ivanjx commented 1 month ago

yes i have been using it for weeks now without any problems. the prebuilt docker container is also on my github repo packages.