/docker-oidc-proxy

Docker Image built on Alpine Linux for secure OpenID Connect (OIDC) proxy authentication
  1. Lua 50.8%
  2. Shell 49.2%
Lua Shell
Switch branches/tags
Nothing to show
Find file
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Download ZIP

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching Xcode...

If nothing happens, download Xcode and try again.

Launching Visual Studio...

If nothing happens, download the GitHub extension for Visual Studio and try again.

Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
assets Initial commit May 10, 2017
nginx Declear missing OIDC_AUTH_SCOPE and OIDC_AUTH_METHOD env vars Feb 13, 2018
Dockerfile Forward JWT Token in Authorization header downstream Feb 13, 2018
LICENSE Initial commit May 10, 2017
README.md Tag version v1.1.1 Feb 13, 2018
bootstrap.sh Initial commit May 10, 2017
docker-compose.yaml Add echo server to Docker Compose setup Feb 13, 2018

README.md

evry/oidc-proxy Image Layers

Docker Image for OpenID Connect proxy authentication. Useful for putting services behind Keycloak and other OpenID Connect authentication.

This is Image used Nginx for proxying request and OpenResty with the lua-resty-openidc library to handle OpenID Connect authentication.

"Docker OIDC Proxy overview"

Supported tags and respective Dockerfile links

How to use this image

This proxy is controlled through environment variables, so there is no need to mess with any configuration files unless you want to of course. The following environment variables is used in this image:

  • OID_SESSION_SECRET: secret value for cookie sessions

  • OID_SESSION_CHECK_SSI: check SSI or not (on or off)

  • OID_SESSION_NAME: cookie session name

  • OID_REDIRECT_PATH: Redirect path after authentication

  • OID_DISCOVERY: OpenID provider well-known discovery URL

  • OID_CLIENT_ID: OpenID Client ID

  • OID_CLIENT_SECRET: OpenID Client Secret

  • PROXY_HOST: Host name of the service to proxy

  • PROXY_PORT: Port of the service to proxy

  • PROXY_PROTOCOL: Protofol to the service to proxy (http or https)

docker run \
  -e OID_DISCOVERY=https://my-auth-server/auth \
  -e OID_CLIENT_ID=my-client \
  -e OID_CLIENT_SECRET=my-secret \
  -e PROXY_HOST=my-service \
  -e PROXY_PORT=80 \
  -e PROXY_PROTOCOL=http \
  -p 80:80 \
  evry/oidc-proxy

License

This Docker image is licensed under the MIT License.

Software contained in this image is licensed under the following:

Supported Docker versions

This image is officially supported on Docker version 1.12.

Support for older versions (down to 1.0) is provided on a best-effort basis.

User Feedback

Documentation

Issues

If you have any problems with or questions about this image, please contact us through a GitHub issue.

Contributing

You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.

Before you start to code, we recommend discussing your plans through a GitHub issue, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.