Comments (6)
Correction finally got it to work and here is my options.
- '-openshift-review-url=https://openshift.default.svc/apis/authorization.openshift.io/v1/subjectaccessreviews'
- '-redeem-url=https://openshift.default.svc/oauth/token'
- '-validate-url=https://openshift.default.svc/apis/user.openshift.io/v1/users/~'
from oauth-proxy.
is there a plan to make those fields to be over written?
No, there are no plans to change the configuration of these fields. masterPublicURL
must be available both internally and externally to the cluster. The decision between masterPublicURL
and masterURL
is one that should be based on the origin of the request (and we did not have a good way to determine that), not one that is based on a singular hard coded configuration. Thus we opted to use masterPublicURL
as that is generally available to all parties.
If you have a proxy in front of openshift, you can have it override the data returned for /.well-known/oauth-authorization-server
with the desired values.
from oauth-proxy.
Feel free to reopen if you have further questions.
from oauth-proxy.
Not to re-open more of something on the side. I finally got this working using the below extra options
'-redeem-url=https://openshift.default.svc/oauth/token'
'-validate-url=https://openshift.default.svc/oauth/authorize'
So login is still on the public master url, but actual authentication is now on the internal where the nodes can actually hit the master api.
Working on a separate 500 error issue now but getting there.
from oauth-proxy.
The above worked for me too. Thanks!
from oauth-proxy.
That works for me as well. Thanks
from oauth-proxy.
Related Issues (20)
- delegated authorization doesn't works as expected for multiple path prefixes HOT 4
- Need the username/info from application HOT 9
- Feature request: Provide metrics HOT 11
- Only token with "Bearer" prefix is passed HOT 4
- Need user authorization token for proper RBAC settings on custom backend APIs HOT 6
- refresh OpenShift token HOT 13
- oauth-proxy fails with perms error after OpenShift upgrade. HOT 9
- has anyone successfully using this with tekton dashboard? HOT 5
- Is there an updated location for the published image of this project? HOT 12
- The page isnβt redirecting properly HOT 11
- --ssl-insecure-skip-verify=true not work as expected HOT 4
- Cookie signature includes the hostname when the --cokie-domain flag is set HOT 4
- Is it possible to match URL path with request parameters in openshift-delegate-urls HOT 4
- Error when using single quote with options HOT 4
- Group/Role Access Restriction support in auth endpoint HOT 4
- can we encrypt username stored in oauth_proxy cookie ? HOT 19
- Inject custom headers HOT 4
- pass X-Forwarded-Groups header HOT 7
- 404 Not Found for oauth/start HOT 5
- `HTTP 301` redirection responses mangle `Location` header HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth-proxy.