oauth2-proxy as an GitHub authenticating reverse proxy example.
Add 127.0.0.1 example.test
to your hosts
file.
Register a new GitHub OAuth Application with:
Setting | Value |
---|---|
Homepage URL |
http://example.test:4180 |
Authorization callback URL |
http://example.test:4180/oauth2/callback |
Generate a new client secret, and export the created application OAuth credentials as environemnt variables:
export OAUTH2_PROXY_PROVIDER='github'
export OAUTH2_PROXY_SCOPE='user:email'
#export OAUTH2_PROXY_GITHUB_USER='rgl'
export OAUTH2_PROXY_CLIENT_ID='YOUR_OAUTH2_PROXY_GITHUB_APP_CLIENT_ID'
export OAUTH2_PROXY_CLIENT_SECRET='YOUR_OAUTH2_PROXY_GITHUB_APP_CLIENT_SECRET'
Download oauth2-proxy
:
wget https://github.com/oauth2-proxy/oauth2-proxy/releases/download/v7.4.0/oauth2-proxy-v7.4.0.windows-amd64.tar.gz
tar xf oauth2-proxy-v7.4.0.windows-amd64.tar.gz --strip-components 1
Start the oauth2-proxy
service:
export OAUTH2_PROXY_COOKIE_SECRET="$(openssl rand -hex 16)"
./oauth2-proxy \
--email-domain=* \
--http-address=:4180 \
--redirect-url=http://example.test:4180/oauth2/callback \
--cookie-secure=false \
--cookie-samesite=strict \
--upstream=http://localhost:4181/example \
--upstream="file:///$(cygpath --windows "$PWD" | tr \\\\ /)/#/"
In another shell, build and start the example service:
cd example
go build
./example -listen 127.0.0.1:4181
Access the root endpoint:
Access some of the endpoints: