Category : oauth-2.0

I’am unable to force OAuth2 Proxy log real IP address of client. Here is how it configured now: It is a Docker container with quay.io/oauth2-proxy/oauth2-proxy image.OIDC provider is keycloak (I suppose it doesn’t matter here). Upstream service is a custom web application. Container port is exposed and server listen on it from internet. So, my ..

Read more

I am using GuzzleHttpClient for calling api from Laravel application controller. I am using this API to get oauth token in Laravel controller but this api calling is not wroking. eg: My written API is getBearerToken So API url is https://test.domain.com/api/v1/getBearerToken public function getBearerToken(Request $request) { $client = new Client(); $url = ‘https://test.domain.com.’/oauth/token’; $response = ..

Read more

I have some microservices that need to be protected with authentication. So that I used OAuth2 + Keycloak. You can see the detailed configurations from this post (Keycloak returns 'Invalid parameter: redirect_uri'). After successfully login in, the keycloak generates an access token that is routed to the OAUth2 service for validating. Somehow, the OAuth2 thinks ..

Read more

I am trying to deploy a jupyterhub service behind a NGINX reverse proxy on OpenStack and using the generic authentication class to authenticate users from an external OIDC provider. After redirecting from the authentication server I get a "400: Bad Request OAuth state missing from cookies" error message. Here are my jupyterhub_config.py contents: c = ..

Read more

I am trying to automate the docker implementation of ZAP proxy to target some of my token based web applications, which use Amazon Cognito for authentication and authorization. Since, the target app need token as Authorization header, on ZAP Desktop application it can be done through "Authentication" and "HttpSender" scripts for fetching token from Cognito ..

Read more

I have multiple subdomains for services and only one Google Oauth service, they are running in docker swarm mode. Once a user logged into a service successfully, they can also access the other serives. Now I want to restrict access for a group of users. For example, I have multiple groups groupa.domain.com, groupb.domain.com and groupc.domain.com, ..

Read more