diff options
| author | mo khan <mo@mokhan.ca> | 2025-05-10 20:21:08 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-05-11 21:21:38 -0600 |
| commit | 1594d11f088cd01c1170561789889c37361fbd97 (patch) | |
| tree | 8538923d61965b386c047b32db5c0efccc5ce111 | |
| parent | d3dd477e06203b2e17b6b617e4bf9fe0ce2be2c1 (diff) | |
chore: add temporary paths to not collide with builtin sparkle oidc flow
| -rw-r--r-- | envoy.yml | 22 |
1 files changed, 18 insertions, 4 deletions
@@ -36,7 +36,7 @@ static_resources: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext - auto_host_sni: true + sni: example.com listeners: - name: listener_0 address: @@ -82,6 +82,14 @@ static_resources: authorization_endpoint: "https://example.com/oauth/authorize" credentials: client_id: "OAUTH_CLIENT_ID" + cookie_names: + bearer_token: bearer_token + oauth_hmac: oauth_hmac + oauth_expires: oauth_expires + id_token: id_token + refresh_token: refresh_token + oauth_nonce: oauth_nonce + # code_verifier: code_verifier token_secret: name: client_secret hmac_secret: @@ -121,13 +129,19 @@ static_resources: - name: ":path" string_match: exact: "/dashboard/nav" + - name: ":path" + string_match: + prefix: "/session/" # temporary + - name: ":path" + string_match: + prefix: "/dashboard" # temporary redirect_path_matcher: path: - exact: /session/callback - redirect_uri: "%REQ(x-forwarded-proto)%://%REQ(:authority)%/session/callback" + exact: /tmp/callback + redirect_uri: "%REQ(x-forwarded-proto)%://%REQ(:authority)%/tmp/callback" signout_path: path: - exact: /session/destroy + exact: /tmp/destroy token_endpoint: cluster: oidc uri: "https://example.com/oauth/token" |