go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-11-24 08:52:25 +02:00
Code Issues Releases Activity
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
2,009 Commits 27 Branches 34 Tags 79 MiB
Go 98.2%
Makefile 0.7%
HTML 0.5%
Shell 0.3%
Dockerfile 0.3%
f9a0a4a280
Go to file
Teko f9a0a4a280
doc: fix typo in function description (#2738)
2024-08-20 18:41:23 +02:00
.devcontainer chore(deps): update mcr.microsoft.com/vscode/devcontainers/go docker tag to v1 (#2453) 2024-01-26 11:55:12 +00:00
.github docs: restructure all options and flags (#2747) 2024-08-20 10:40:27 +02:00
.vscode Improved dev environment (#2211) 2024-01-20 20:10:37 +00:00
contrib chore(deps): update docker-compose (#2714) 2024-07-25 23:23:17 +02:00
docs docs: restructure all options and flags (#2747) 2024-08-20 10:40:27 +02:00
pkg doc: fix typo in function description (#2738) 2024-08-20 18:41:23 +02:00
providers chore(deps): Updated to ginkgo v2 (#2459) 2024-07-18 22:41:02 +02:00
static Embed static stylesheets and dependencies 2023-08-24 20:50:17 -04:00
testdata Rename test directory to testdata 2020-10-06 21:37:25 +09:00
tools Generate reference page in configuration 2021-01-18 09:57:44 +00:00
.dockerignore Parameterise runtime image (#1478) 2022-04-14 14:10:59 +01:00
.gitignore Improved dev environment (#2211) 2024-01-20 20:10:37 +00:00
.golangci.yml chore: Updated go-jwt to v5 2024-03-04 01:42:00 +01:00
.pre-commit-config.yaml Improved dev environment (#2211) 2024-01-20 20:10:37 +00:00
CHANGELOG.md docs: update provider list with refresh support (#2711) 2024-07-18 23:43:58 +02:00
CODE_OF_CONDUCT.md add code of conduct (#2387) 2024-01-23 11:39:10 +00:00
CONTRIBUTING.md Drop configure script in favour of native Makefile env and checks (#515) 2020-05-09 16:07:46 +01:00
dist.sh feat: Replace default Go user-agent with oauth2-proxy and version (#2570) 2024-07-14 21:09:17 +01:00
Dockerfile chore(deps): update docker.io/library/golang docker tag to v1.22 2024-02-13 11:19:38 +00:00
go.mod chore(deps): Updated to ginkgo v2 (#2459) 2024-07-18 22:41:02 +02:00
go.sum chore(deps): Updated to ginkgo v2 (#2459) 2024-07-18 22:41:02 +02:00
LICENSE add MIT license for google_auth_proxy 2014-06-09 16:25:26 -04:00
main_suite_test.go chore(deps): Updated to ginkgo v2 (#2459) 2024-07-18 22:41:02 +02:00
main_test.go chore(deps): Updated to ginkgo v2 (#2459) 2024-07-18 22:41:02 +02:00
main.go feat: Replace default Go user-agent with oauth2-proxy and version (#2570) 2024-07-14 21:09:17 +01:00
MAINTAINERS docs: maintainers file update (#2355) 2023-12-18 09:12:00 +00:00
Makefile feat: Replace default Go user-agent with oauth2-proxy and version (#2570) 2024-07-14 21:09:17 +01:00
oauthproxy_test.go chore(deps): Updated to ginkgo v2 (#2459) 2024-07-18 22:41:02 +02:00
oauthproxy.go feat: Replace default Go user-agent with oauth2-proxy and version (#2570) 2024-07-14 21:09:17 +01:00
README.md docs/fix-go-install-instruction (#2578) 2024-03-31 08:48:07 +07:00
RELEASE.md feature: add release automation workflows (#2224) 2024-01-20 20:14:09 +00:00
SECURITY.md Update SECURITY.md 2024-07-07 18:29:14 -03:00
validator_test.go Fix Linting Errors (#1835) 2022-10-21 11:57:51 +01:00
validator.go Watch the htpasswd file for changes and update the htpasswdMap (#1701) 2022-09-01 19:46:00 +01:00

README.md

OAuth2 Proxy

Continuous Integration Go Report Card GoDoc MIT licensed Maintainability Test Coverage

A reverse proxy and static file server that provides authentication using Providers (Google, Keycloak, GitHub and others) to validate accounts by email, domain or group.

Note: This repository was forked from bitly/OAuth2_Proxy on 27/11/2018. Versions v3.0.0 and up are from this fork and will have diverged from any changes in the original fork. A list of changes can be seen in the CHANGELOG.

Note: This project was formerly hosted as pusher/oauth2_proxy but has been renamed as of 29/03/2020 to oauth2-proxy/oauth2-proxy. Going forward, all images shall be available at quay.io/oauth2-proxy/oauth2-proxy and binaries will be named oauth2-proxy.

Sign In Page

Installation

  1. Choose how to deploy:

    a. Using a Prebuilt Binary (current release is v7.6.0)

    b. Using Go to install the latest release

    $ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest

    This will install the binary into $GOPATH/bin. Make sure you include $GOPATH in your $PATH. Otherwise your system won't find binaries installed via go install

    c. Using a Prebuilt Docker Image (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)

    d. Using a Pre-Release Nightly Docker Image (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)

    e. Using the official Kubernetes manifest (Helm)

    Prebuilt binaries can be validated by extracting the file and verifying it against the sha256sum.txt checksum file provided for each release starting with version v3.0.0.

    sha256sum -c sha256sum.txt 2>&1 | grep OK
oauth2-proxy-x.y.z.linux-amd64: OK

  2. Select a Provider and Register an OAuth Application with a Provider

  3. Configure OAuth2 Proxy using config file, command line options, or environment variables

  4. Configure SSL or Deploy behind a SSL endpoint (example provided for Nginx)

Security

If you are running a version older than v6.0.0 we strongly recommend you please update to a current version. See open redirect vulnerability for details.

Docs

Read the docs on our Docs site.

OAuth2 Proxy Architecture

Images

From v7.6.0 and up the base image has been changed from Alpine to GoogleContainerTools/distroless. This image comes with even fewer installed dependencies and thus should improve security. The image therefore is also slightly smaller than Alpine. For debugging purposes (and those who really need it (i.e. armv6)) we still provide images based on Alpine. The tags of these images are suffixed with -alpine.

Since 2023-11-18 we provide nightly images. These images are build and pushed nightly to quay.io/oauth2-proxy/oauth2-proxy-nightly from master. These images should be considered alpha and therefore should not be used for production purposes unless you know what you're doing.

Getting Involved

If you would like to reach out to the maintainers, come talk to us in the #oauth2-proxy channel in the Gophers slack.

Contributing

Please see our Contributing guidelines. For releasing see our release creation guide.