This repository has been archived on 2022-10-07. You can view files and clone it, but cannot push or open issues or pull requests.
skynet-webportal/docker/kratos/oathkeeper/access-rules.yml

71 lines
1.4 KiB
YAML
Raw Normal View History

2020-12-15 16:22:31 +00:00
- id: "ory:kratos:public"
2020-12-09 12:50:17 +00:00
upstream:
preserve_host: true
url: "http://kratos:4433"
strip_path: /.ory/kratos/public
match:
url: "http://oathkeeper:4455/.ory/kratos/public/<**>"
methods:
- GET
- POST
- PUT
- DELETE
- PATCH
authenticators:
2020-12-15 16:22:31 +00:00
- handler: noop
2020-12-09 12:50:17 +00:00
authorizer:
handler: allow
mutators:
- handler: noop
2021-02-03 14:06:44 +00:00
- id: "dashboard:anonymous"
2020-12-09 12:50:17 +00:00
upstream:
preserve_host: true
2021-02-03 14:06:44 +00:00
url: "http://dashboard:3000"
2020-12-09 12:50:17 +00:00
match:
2021-02-05 11:46:18 +00:00
url: "http://oathkeeper:4455/<{error,recovery,verify,auth/*,**.css,**.js}{/,}>"
2020-12-09 12:50:17 +00:00
methods:
- GET
authenticators:
2020-12-15 16:22:31 +00:00
- handler: anonymous
2020-12-09 12:50:17 +00:00
authorizer:
handler: allow
mutators:
2020-12-15 16:22:31 +00:00
- handler: noop
2020-12-09 12:50:17 +00:00
2021-02-03 14:06:44 +00:00
- id: "dashboard:protected"
2020-12-09 12:50:17 +00:00
upstream:
preserve_host: true
2021-02-03 14:06:44 +00:00
url: "http://dashboard:3000"
2020-12-09 12:50:17 +00:00
match:
2021-02-04 13:31:26 +00:00
url: "http://oathkeeper:4455/<{,uploads,downloads,payments,api,api/hello}>"
2020-12-09 12:50:17 +00:00
methods:
- GET
authenticators:
2020-12-15 16:22:31 +00:00
- handler: cookie_session
2020-12-09 12:50:17 +00:00
authorizer:
handler: allow
mutators:
- handler: id_token
errors:
- handler: redirect
config:
2020-12-16 12:08:51 +00:00
to: http://127.0.0.1/auth/login
2020-12-15 16:22:31 +00:00
- id: "accounts"
upstream:
preserve_host: true
url: "http://accounts:3000"
match:
2021-02-05 16:46:11 +00:00
url: "http://oathkeeper<{,:4455}>/<{user,user/**}>"
2020-12-15 16:34:07 +00:00
methods:
- GET
2020-12-15 16:22:31 +00:00
authenticators:
- handler: cookie_session
authorizer:
handler: allow
mutators:
- handler: id_token
errors:
- handler: json