https://sso.konst.fish is an OAuth2 Proxy which authorizes any member of the shoal-konst-fish GitHub Org.
Architecture
flowchart TD A[Web] --> ing(Ingress) subgraph OAuth2 Flow ing -->|1| sso[sso.konst.fish] sso -->|2| gh{{GitHub IdP}} gh -->|3| sso sso -->|4| ing end ing -->|5| srv(Service)
Usage
Add the following annotations to an ingress to use the proxy. All request made to the ingress will be secured by the proxy. The headers X-Auth-Request-Email
, X-Auth-Request-Groups
& X-Auth-Request-User
are passed to the application, which can be used to identify and assign appropriate access levels to the user.