95 lines
1.6 KiB
YAML
95 lines
1.6 KiB
YAML
|
log:
|
||
|
|
level: debug
|
||
|
|
format: json
|
||
|
|
|
||
|
|
serve:
|
||
|
|
proxy:
|
||
|
|
cors:
|
||
|
|
enabled: true
|
||
|
|
allowed_origins:
|
||
|
|
- "*"
|
||
|
|
allowed_methods:
|
||
|
|
- POST
|
||
|
|
- GET
|
||
|
|
- PUT
|
||
|
|
- PATCH
|
||
|
|
- DELETE
|
||
|
|
allowed_headers:
|
||
|
|
- Authorization
|
||
|
|
- Content-Type
|
||
|
|
exposed_headers:
|
||
|
|
- Content-Type
|
||
|
|
allow_credentials: true
|
||
|
|
debug: true
|
||
|
|
|
||
|
|
errors:
|
||
|
|
fallback:
|
||
|
|
- json
|
||
|
|
|
||
|
|
handlers:
|
||
|
|
redirect:
|
||
|
|
enabled: true
|
||
|
|
config:
|
||
|
|
to: http://127.0.0.1/auth/login
|
||
|
|
when:
|
||
|
|
- error:
|
||
|
|
- unauthorized
|
||
|
|
- forbidden
|
||
|
|
request:
|
||
|
|
header:
|
||
|
|
accept:
|
||
|
|
- text/html
|
||
|
|
json:
|
||
|
|
enabled: true
|
||
|
|
config:
|
||
|
|
verbose: true
|
||
|
|
|
||
|
|
access_rules:
|
||
|
|
matching_strategy: glob
|
||
|
|
repositories:
|
||
|
|
- file:///etc/config/oathkeeper/access-rules.yml
|
||
|
|
|
||
|
|
authenticators:
|
||
|
|
anonymous:
|
||
|
|
enabled: true
|
||
|
|
config:
|
||
|
|
subject: guest
|
||
|
|
|
||
|
|
cookie_session:
|
||
|
|
enabled: true
|
||
|
|
config:
|
||
|
|
check_session_url: http://kratos:4433/sessions/whoami
|
||
|
|
preserve_path: true
|
||
|
|
extra_from: "@this"
|
||
|
|
subject_from: "identity.id"
|
||
|
|
only:
|
||
|
|
- ory_kratos_session
|
||
|
|
|
||
|
|
noop:
|
||
|
|
enabled: true
|
||
|
|
|
||
|
|
authorizers:
|
||
|
|
allow:
|
||
|
|
enabled: true
|
||
|
|
|
||
|
|
mutators:
|
||
|
|
noop:
|
||
|
|
enabled: true
|
||
|
|
|
||
|
|
header:
|
||
|
|
enabled: true
|
||
|
|
config:
|
||
|
|
headers:
|
||
|
|
X-User: "{{ print .Subject }}"
|
||
|
|
|
||
|
|
id_token:
|
||
|
|
enabled: true
|
||
|
|
config:
|
||
|
|
issuer_url: http://oathkeeper:4455/
|
||
|
|
jwks_url: file:///etc/config/oathkeeper/id_token.jwks.json
|
||
|
|
ttl: 720h
|
||
|
|
claims: |
|
||
|
|
{
|
||
|
|
"session": {{ .Extra | toJson }}
|
||
|
|
}
|