Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
U
uffd-nginxauth
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Model registry
Operate
Terraform modules
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Russ Garrett
uffd-nginxauth
Commits
edb71f26
Commit
edb71f26
authored
Oct 8, 2020
by
Julian
Browse files
Options
Downloads
Patches
Plain Diff
Added documentation about response headers
parent
a0c88fd1
No related branches found
No related tags found
No related merge requests found
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
README.md
+9
-0
9 additions, 0 deletions
README.md
app.py
+3
-3
3 additions, 3 deletions
app.py
with
12 additions
and
3 deletions
README.md
+
9
−
0
View file @
edb71f26
...
@@ -7,4 +7,13 @@ OAuth2 server (urls defined in config) and -- apart from a session cookie --
...
@@ -7,4 +7,13 @@ OAuth2 server (urls defined in config) and -- apart from a session cookie --
stateless. OAuth2 client id, secret and redirect URI are passed from the
stateless. OAuth2 client id, secret and redirect URI are passed from the
integrating NGINX to the proxy in HTTP headers.
integrating NGINX to the proxy in HTTP headers.
The following data about the authenticated user is returned by the
`/auth`
endpoint as HTTP headers:
*
`OAUTH-USER-ID`
: (usually numeric) unique user id
*
`OAUTH-USER-NAME`
: display name
*
`OAUTH-USER-NICKNAME`
: unique user name (for urls, @-handles, ...)
*
`OAUTH-USER-EMAIL`
: email address
*
`OAUTH-USER-GROUPS`
: comma-separated list of group names
See testapp for an example setup.
See testapp for an example setup.
This diff is collapsed.
Click to expand it.
app.py
+
3
−
3
View file @
edb71f26
...
@@ -45,9 +45,9 @@ def create_app(test_config=None):
...
@@ -45,9 +45,9 @@ def create_app(test_config=None):
client_secret
=
request
.
headers
[
'
X-CLIENT-SECRET
'
],
client_secret
=
request
.
headers
[
'
X-CLIENT-SECRET
'
],
authorization_response
=
request
.
url
,
verify
=
(
not
app
.
debug
))
authorization_response
=
request
.
url
,
verify
=
(
not
app
.
debug
))
userinfo
=
client
.
get
(
app
.
config
[
'
OAUTH2_USERINFO_URL
'
]).
json
()
userinfo
=
client
.
get
(
app
.
config
[
'
OAUTH2_USERINFO_URL
'
]).
json
()
session
[
'
user_id
'
]
=
userinfo
[
'
id
'
]
# (usually numeric) unique user id
session
[
'
user_id
'
]
=
userinfo
[
'
id
'
]
session
[
'
user_name
'
]
=
userinfo
[
'
name
'
]
# display name
session
[
'
user_name
'
]
=
userinfo
[
'
name
'
]
session
[
'
user_nickname
'
]
=
userinfo
[
'
nickname
'
]
# unique user name (for urls, @-handles, ...)
session
[
'
user_nickname
'
]
=
userinfo
[
'
nickname
'
]
session
[
'
user_email
'
]
=
userinfo
[
'
email
'
]
session
[
'
user_email
'
]
=
userinfo
[
'
email
'
]
session
[
'
user_groups
'
]
=
userinfo
[
'
groups
'
]
session
[
'
user_groups
'
]
=
userinfo
[
'
groups
'
]
return
redirect
(
session
.
pop
(
'
url
'
))
return
redirect
(
session
.
pop
(
'
url
'
))
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
