From bae509d2ecde533ffa32a6a72159eb948cabd1d3 Mon Sep 17 00:00:00 2001 From: Evan Carroll Date: Mon, 28 Apr 2025 16:52:27 -0500 Subject: [PATCH] docs: clear up multiple-providers is unimplemented (#3046) * docs: clear up multiple-providers is unimplemented Currently this configuration option is held up by #926. So users don't assume this solution will work for them, and later find the feature is not yet implemented -- own the shortcoming clearly. * doc: add note about missing multi provider implementation to versioned docs --------- Signed-off-by: Jan Larwig Co-authored-by: Jan Larwig --- docs/docs/configuration/alpha_config.md | 8 ++++++-- docs/docs/configuration/providers/index.md | 2 +- .../version-7.8.x/configuration/alpha_config.md | 8 ++++++-- .../version-7.8.x/configuration/providers/index.md | 2 +- .../version-7.9.x/configuration/alpha_config.md | 8 ++++++-- .../version-7.9.x/configuration/providers/index.md | 2 +- pkg/apis/options/alpha_options.go | 4 +++- pkg/apis/options/providers.go | 6 +++++- 8 files changed, 29 insertions(+), 11 deletions(-) diff --git a/docs/docs/configuration/alpha_config.md b/docs/docs/configuration/alpha_config.md index 732100ed..018a2941 100644 --- a/docs/docs/configuration/alpha_config.md +++ b/docs/docs/configuration/alpha_config.md @@ -168,7 +168,7 @@ They may change between releases without notice. | `injectResponseHeaders` | _[[]Header](#header)_ | InjectResponseHeaders is used to configure headers that should be added
to responses from the proxy.
This is typically used when using the proxy as an external authentication
provider in conjunction with another proxy such as NGINX and its
auth_request module.
Headers may source values from either the authenticated user's session
or from a static secret value. | | `server` | _[Server](#server)_ | Server is used to configure the HTTP(S) server for the proxy application.
You may choose to run both HTTP and HTTPS servers simultaneously.
This can be done by setting the BindAddress and the SecureBindAddress simultaneously.
To use the secure server you must configure a TLS certificate and key. | | `metricsServer` | _[Server](#server)_ | MetricsServer is used to configure the HTTP(S) server for metrics.
You may choose to run both HTTP and HTTPS servers simultaneously.
This can be done by setting the BindAddress and the SecureBindAddress simultaneously.
To use the secure server you must configure a TLS certificate and key. | -| `providers` | _[Providers](#providers)_ | Providers is used to configure multiple providers. | +| `providers` | _[Providers](#providers)_ | Providers is used to configure your provider. **Multiple-providers is not
yet working.** [This feature is tracked in
#925](https://github.com/oauth2-proxy/oauth2-proxy/issues/926) | ### AzureOptions @@ -472,7 +472,11 @@ and oidc. (**Appears on:** [AlphaOptions](#alphaoptions)) -Providers is a collection of definitions for providers. +The provider can be selected using the `provider` configuration value, or +set in the [`providers` array using +AlphaConfig](https://oauth2-proxy.github.io/oauth2-proxy/configuration/alpha-config#providers). +However, [**the feature to implement multiple providers is not +complete**](https://github.com/oauth2-proxy/oauth2-proxy/issues/926). ### SecretSource diff --git a/docs/docs/configuration/providers/index.md b/docs/docs/configuration/providers/index.md index 9159aa33..b947c09b 100644 --- a/docs/docs/configuration/providers/index.md +++ b/docs/docs/configuration/providers/index.md @@ -25,7 +25,7 @@ Valid providers are : - [Nextcloud](nextcloud.md) - [OpenID Connect](openid_connect.md) -The provider can be selected using the `provider` configuration value. +The provider can be selected using the `provider` configuration value, or set in the [`providers` array using AlphaConfig](https://oauth2-proxy.github.io/oauth2-proxy/configuration/alpha-config#providers). However, [**the feature to implement multiple providers is not complete**](https://github.com/oauth2-proxy/oauth2-proxy/issues/926). Please note that not all providers support all claims. The `preferred_username` claim is currently only supported by the OpenID Connect provider. diff --git a/docs/versioned_docs/version-7.8.x/configuration/alpha_config.md b/docs/versioned_docs/version-7.8.x/configuration/alpha_config.md index e833f53c..c1b6c5af 100644 --- a/docs/versioned_docs/version-7.8.x/configuration/alpha_config.md +++ b/docs/versioned_docs/version-7.8.x/configuration/alpha_config.md @@ -168,7 +168,7 @@ They may change between releases without notice. | `injectResponseHeaders` | _[[]Header](#header)_ | InjectResponseHeaders is used to configure headers that should be added
to responses from the proxy.
This is typically used when using the proxy as an external authentication
provider in conjunction with another proxy such as NGINX and its
auth_request module.
Headers may source values from either the authenticated user's session
or from a static secret value. | | `server` | _[Server](#server)_ | Server is used to configure the HTTP(S) server for the proxy application.
You may choose to run both HTTP and HTTPS servers simultaneously.
This can be done by setting the BindAddress and the SecureBindAddress simultaneously.
To use the secure server you must configure a TLS certificate and key. | | `metricsServer` | _[Server](#server)_ | MetricsServer is used to configure the HTTP(S) server for metrics.
You may choose to run both HTTP and HTTPS servers simultaneously.
This can be done by setting the BindAddress and the SecureBindAddress simultaneously.
To use the secure server you must configure a TLS certificate and key. | -| `providers` | _[Providers](#providers)_ | Providers is used to configure multiple providers. | +| `providers` | _[Providers](#providers)_ | Providers is used to configure your provider. **Multiple-providers is not
yet working.** [This feature is tracked in
#925](https://github.com/oauth2-proxy/oauth2-proxy/issues/926) | ### AzureOptions @@ -471,7 +471,11 @@ and oidc. (**Appears on:** [AlphaOptions](#alphaoptions)) -Providers is a collection of definitions for providers. +The provider can be selected using the `provider` configuration value, or +set in the [`providers` array using +AlphaConfig](https://oauth2-proxy.github.io/oauth2-proxy/configuration/alpha-config#providers). +However, [**the feature to implement multiple providers is not +complete**](https://github.com/oauth2-proxy/oauth2-proxy/issues/926). ### SecretSource diff --git a/docs/versioned_docs/version-7.8.x/configuration/providers/index.md b/docs/versioned_docs/version-7.8.x/configuration/providers/index.md index 9159aa33..b947c09b 100644 --- a/docs/versioned_docs/version-7.8.x/configuration/providers/index.md +++ b/docs/versioned_docs/version-7.8.x/configuration/providers/index.md @@ -25,7 +25,7 @@ Valid providers are : - [Nextcloud](nextcloud.md) - [OpenID Connect](openid_connect.md) -The provider can be selected using the `provider` configuration value. +The provider can be selected using the `provider` configuration value, or set in the [`providers` array using AlphaConfig](https://oauth2-proxy.github.io/oauth2-proxy/configuration/alpha-config#providers). However, [**the feature to implement multiple providers is not complete**](https://github.com/oauth2-proxy/oauth2-proxy/issues/926). Please note that not all providers support all claims. The `preferred_username` claim is currently only supported by the OpenID Connect provider. diff --git a/docs/versioned_docs/version-7.9.x/configuration/alpha_config.md b/docs/versioned_docs/version-7.9.x/configuration/alpha_config.md index 732100ed..018a2941 100644 --- a/docs/versioned_docs/version-7.9.x/configuration/alpha_config.md +++ b/docs/versioned_docs/version-7.9.x/configuration/alpha_config.md @@ -168,7 +168,7 @@ They may change between releases without notice. | `injectResponseHeaders` | _[[]Header](#header)_ | InjectResponseHeaders is used to configure headers that should be added
to responses from the proxy.
This is typically used when using the proxy as an external authentication
provider in conjunction with another proxy such as NGINX and its
auth_request module.
Headers may source values from either the authenticated user's session
or from a static secret value. | | `server` | _[Server](#server)_ | Server is used to configure the HTTP(S) server for the proxy application.
You may choose to run both HTTP and HTTPS servers simultaneously.
This can be done by setting the BindAddress and the SecureBindAddress simultaneously.
To use the secure server you must configure a TLS certificate and key. | | `metricsServer` | _[Server](#server)_ | MetricsServer is used to configure the HTTP(S) server for metrics.
You may choose to run both HTTP and HTTPS servers simultaneously.
This can be done by setting the BindAddress and the SecureBindAddress simultaneously.
To use the secure server you must configure a TLS certificate and key. | -| `providers` | _[Providers](#providers)_ | Providers is used to configure multiple providers. | +| `providers` | _[Providers](#providers)_ | Providers is used to configure your provider. **Multiple-providers is not
yet working.** [This feature is tracked in
#925](https://github.com/oauth2-proxy/oauth2-proxy/issues/926) | ### AzureOptions @@ -472,7 +472,11 @@ and oidc. (**Appears on:** [AlphaOptions](#alphaoptions)) -Providers is a collection of definitions for providers. +The provider can be selected using the `provider` configuration value, or +set in the [`providers` array using +AlphaConfig](https://oauth2-proxy.github.io/oauth2-proxy/configuration/alpha-config#providers). +However, [**the feature to implement multiple providers is not +complete**](https://github.com/oauth2-proxy/oauth2-proxy/issues/926). ### SecretSource diff --git a/docs/versioned_docs/version-7.9.x/configuration/providers/index.md b/docs/versioned_docs/version-7.9.x/configuration/providers/index.md index 9159aa33..b947c09b 100644 --- a/docs/versioned_docs/version-7.9.x/configuration/providers/index.md +++ b/docs/versioned_docs/version-7.9.x/configuration/providers/index.md @@ -25,7 +25,7 @@ Valid providers are : - [Nextcloud](nextcloud.md) - [OpenID Connect](openid_connect.md) -The provider can be selected using the `provider` configuration value. +The provider can be selected using the `provider` configuration value, or set in the [`providers` array using AlphaConfig](https://oauth2-proxy.github.io/oauth2-proxy/configuration/alpha-config#providers). However, [**the feature to implement multiple providers is not complete**](https://github.com/oauth2-proxy/oauth2-proxy/issues/926). Please note that not all providers support all claims. The `preferred_username` claim is currently only supported by the OpenID Connect provider. diff --git a/pkg/apis/options/alpha_options.go b/pkg/apis/options/alpha_options.go index 04769d7f..a438518c 100644 --- a/pkg/apis/options/alpha_options.go +++ b/pkg/apis/options/alpha_options.go @@ -41,7 +41,9 @@ type AlphaOptions struct { // To use the secure server you must configure a TLS certificate and key. MetricsServer Server `json:"metricsServer,omitempty"` - // Providers is used to configure multiple providers. + // Providers is used to configure your provider. **Multiple-providers is not + // yet working.** [This feature is tracked in + // #925](https://github.com/oauth2-proxy/oauth2-proxy/issues/926) Providers Providers `json:"providers,omitempty"` } diff --git a/pkg/apis/options/providers.go b/pkg/apis/options/providers.go index 0aa9d15a..280b1ce0 100644 --- a/pkg/apis/options/providers.go +++ b/pkg/apis/options/providers.go @@ -11,7 +11,11 @@ const ( // OIDCAudienceClaims is the generic audience claim list used by the OIDC provider. var OIDCAudienceClaims = []string{"aud"} -// Providers is a collection of definitions for providers. +// The provider can be selected using the `provider` configuration value, or +// set in the [`providers` array using +// AlphaConfig](https://oauth2-proxy.github.io/oauth2-proxy/configuration/alpha-config#providers). +// However, [**the feature to implement multiple providers is not +// complete**](https://github.com/oauth2-proxy/oauth2-proxy/issues/926). type Providers []Provider // Provider holds all configuration for a single provider