oauth2-proxy/docs/6_request_signatures.md at bb8b6c0d51deee4d3f50a19d38c0f1f878869c6f

mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-11-27 22:38:39 +02:00

Files

Henry Jenkins 8b61559b8d Fix links in docs

- Fixed a bunch of references to the repo, which were 404ing
- Fixed a couple of things that 301/302ed
- Fixed some in page references

2019-08-11 16:07:03 +01:00

938 B

Raw Blame History

layout, title, permalink, nav_order

layout	title	permalink	nav_order
default	Request Signatures	/request-signatures	6

Request signatures

If signature_key is defined, proxied requests will be signed with the GAP-Signature header, which is a Hash-based Message Authentication Code (HMAC) of selected request information and the request body [see SIGNATURE_HEADERS in oauthproxy.go]({{ site.gitweb }}/oauthproxy.go).

signature_key must be of the form algorithm:secretkey, (ie: signature_key = "sha1:secret0")

For more information about HMAC request signature validation, read the following:

Amazon Web Services: Signing and Authenticating REST Requests
rc3.org: Using HMAC to authenticate Web service requests

938 B Raw Blame History

Request signatures

938 B

Raw Blame History