The Grey Matter Proxy supports full OAuth 2.0 negotiation.
Filter Configuration Options
Name | Type | Default | Description |
---|---|---|---|
provider |
|
| The url for the OpenID connect provider to use. This is used to determine the particular OAuth endpoints. |
client_id |
|
| The public identifier registered with the OAuth authorization server. |
client_secret |
|
| The secret known only to the application and the authorization server. |
server_name |
|
| The host name of the application. When a user signs in through the OAuth provider, they will need to be redirected back to your application; this host name will be used during the redirect. |
server_insecure |
|
| Setting this to |
session_secret |
|
| The secret known only to the application. This will be used to cryptographically sign the user's session cookie. |
domain |
|
| A regex describing the expected email domain(s) for authorized users. If this regex pattern does not match, the attempted login is forbidden. |
Example
http_filters:
- name: gm.oauth
config:
provider: https://accounts.google.com
client_id: 234q2348uads8f9sdafds.apps.googleusercontent.com
client_secret: secret
server_name: oauth.yoursite.com
server_insecure: false
session_secret: secret2
domain: gmail.com