This repository has been archived on 2022-10-07. You can view files and clone it, but cannot push or open issues or pull requests.
skynet-webportal/docker/kratos/oathkeeper/oathkeeper.yml

101 lines
1.7 KiB
YAML
Raw Normal View History

2020-12-09 12:50:17 +00:00
log:
level: debug
format: json
serve:
proxy:
cors:
enabled: true
allowed_origins:
- "*"
allowed_methods:
- POST
- GET
- PUT
- PATCH
- DELETE
allowed_headers:
- Authorization
- Content-Type
exposed_headers:
- Content-Type
allow_credentials: true
debug: true
errors:
fallback:
- json
handlers:
redirect:
enabled: true
config:
2020-12-16 12:08:51 +00:00
to: http://127.0.0.1/auth/login
2020-12-09 12:50:17 +00:00
when:
2020-12-15 17:00:10 +00:00
- error:
2020-12-09 12:50:17 +00:00
- unauthorized
- forbidden
request:
header:
accept:
- text/html
json:
enabled: true
config:
verbose: true
access_rules:
matching_strategy: glob
repositories:
- file:///etc/config/oathkeeper/access-rules.yml
authenticators:
anonymous:
enabled: true
config:
subject: guest
cookie_session:
enabled: true
config:
check_session_url: http://kratos:4433/sessions/whoami
preserve_path: true
extra_from: "@this"
subject_from: "identity.id"
only:
- ory_kratos_session
noop:
enabled: true
authorizers:
allow:
enabled: true
mutators:
noop:
enabled: true
2021-02-09 10:59:55 +00:00
hydrator:
enabled: true
config:
api:
url: http://dashboard:3000/api/hydrator
2021-02-09 11:49:27 +00:00
cookie:
enabled: true
config:
cookies:
userxxxx: "{{ print .Subject }}",
some-arbitrary-data: "{{ print .Extra.foo }}"
2020-12-09 12:50:17 +00:00
id_token:
enabled: true
config:
2020-12-15 17:00:10 +00:00
issuer_url: http://oathkeeper:4455/
2020-12-09 12:50:17 +00:00
jwks_url: file:///etc/config/oathkeeper/id_token.jwks.json
claims: |
{
"session": {{ .Extra | toJson }}
}