Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • nd-uwsgi-rewrite
  • timeout
  • v0.2.1 protected
  • v0.2.0 protected
  • v0.1.1 protected
  • v0.1.0 protected
7 results

uffd-nginxauth

  • Clone with SSH
  • Clone with HTTPS
    • psy's avatar
    remove unused headers
    psy authored
    b0291ac4
    History
    psy's avatar b0291ac4
    History
    Name Last commit Last update
    debian
    testapp
    .gitignore
    .gitlab-ci.yml
    .pylintrc
    README.md
    app.py
    default_config.py
    nginx.include.conf
    pytest.ini
    test_app.py
    uwsgi.ini
    README.md

    OAuth2 Proxy for Single-Sign-On with Nginx

    This application implements a generic OAuth2 client for easy integration of NGINX into an OAuth2-based Single-Sign-On system. It is bound to a single OAuth2 server (urls defined in config) and -- apart from a session cookie -- stateless. OAuth2 client id, secret and redirect URI are passed from the integrating NGINX to the proxy in HTTP headers.

    The following data about the authenticated user is returned by the /auth endpoint as HTTP headers:

    • OAUTH-USER-ID: (usually numeric) unique user id
    • OAUTH-USER-NAME: display name
    • OAUTH-USER-NICKNAME: unique user name (for urls, @-handles, ...)
    • OAUTH-USER-EMAIL: email address
    • OAUTH-USER-GROUPS: comma-separated list of group names

    See testapp for an example setup.

    Impressum - Datenschutzerklärung