This repository has been archived on 2022-10-07. You can view files and clone it, but cannot push or open issues or pull requests.
2020-12-09 12:50:17 +00:00
|
|
|
log:
|
|
|
|
level: debug
|
|
|
|
format: json
|
|
|
|
|
|
|
|
serve:
|
|
|
|
proxy:
|
|
|
|
cors:
|
|
|
|
enabled: true
|
|
|
|
allowed_origins:
|
|
|
|
- "*"
|
|
|
|
allowed_methods:
|
|
|
|
- POST
|
|
|
|
- GET
|
|
|
|
- PUT
|
|
|
|
- PATCH
|
|
|
|
- DELETE
|
|
|
|
allowed_headers:
|
|
|
|
- Authorization
|
|
|
|
- Content-Type
|
|
|
|
exposed_headers:
|
|
|
|
- Content-Type
|
|
|
|
allow_credentials: true
|
|
|
|
debug: true
|
|
|
|
|
|
|
|
errors:
|
|
|
|
fallback:
|
|
|
|
- json
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
redirect:
|
|
|
|
enabled: true
|
|
|
|
config:
|
2020-12-16 12:08:51 +00:00
|
|
|
to: http://127.0.0.1/auth/login
|
2020-12-09 12:50:17 +00:00
|
|
|
when:
|
2020-12-15 17:00:10 +00:00
|
|
|
- error:
|
2020-12-09 12:50:17 +00:00
|
|
|
- unauthorized
|
|
|
|
- forbidden
|
|
|
|
request:
|
|
|
|
header:
|
|
|
|
accept:
|
|
|
|
- text/html
|
|
|
|
json:
|
|
|
|
enabled: true
|
|
|
|
config:
|
|
|
|
verbose: true
|
|
|
|
|
|
|
|
access_rules:
|
|
|
|
matching_strategy: glob
|
|
|
|
repositories:
|
|
|
|
- file:///etc/config/oathkeeper/access-rules.yml
|
|
|
|
|
|
|
|
authenticators:
|
|
|
|
anonymous:
|
|
|
|
enabled: true
|
|
|
|
config:
|
|
|
|
subject: guest
|
|
|
|
|
|
|
|
cookie_session:
|
|
|
|
enabled: true
|
|
|
|
config:
|
|
|
|
check_session_url: http://kratos:4433/sessions/whoami
|
|
|
|
preserve_path: true
|
|
|
|
extra_from: "@this"
|
|
|
|
subject_from: "identity.id"
|
|
|
|
only:
|
|
|
|
- ory_kratos_session
|
|
|
|
|
|
|
|
noop:
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
authorizers:
|
|
|
|
allow:
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
mutators:
|
|
|
|
noop:
|
|
|
|
enabled: true
|
|
|
|
|
2021-02-11 22:06:00 +00:00
|
|
|
# hydrator:
|
|
|
|
# enabled: true
|
|
|
|
# config:
|
|
|
|
# api:
|
|
|
|
# url: http://dashboard:3000/api/hydrator
|
2021-02-09 10:59:55 +00:00
|
|
|
|
2021-02-11 22:06:00 +00:00
|
|
|
# cookie:
|
|
|
|
# enabled: true
|
|
|
|
# config:
|
|
|
|
# cookies:
|
|
|
|
# user: "{{ print .Subject }}"
|
|
|
|
# some-arbitrary-data: "{{ print .Extra.foo }}"
|
2021-02-09 11:49:27 +00:00
|
|
|
|
2020-12-09 12:50:17 +00:00
|
|
|
id_token:
|
|
|
|
enabled: true
|
|
|
|
config:
|
2020-12-15 17:00:10 +00:00
|
|
|
issuer_url: http://oathkeeper:4455/
|
2020-12-09 12:50:17 +00:00
|
|
|
jwks_url: file:///etc/config/oathkeeper/id_token.jwks.json
|
2021-02-11 12:30:49 +00:00
|
|
|
ttl: 4h
|
2020-12-09 12:50:17 +00:00
|
|
|
claims: |
|
|
|
|
{
|
|
|
|
"session": {{ .Extra | toJson }}
|
|
|
|
}
|