traefik-forward-auth0
traefik-forward-auth0 copied to clipboard
dniel
A backend for performing forward authentication with Auth0 using the Traefik reverse proxy.
Need a modern, nice looking design for http status code page * one status page that can be used for different kinds of status codes (400,401,403,404,500) * css, images and...
To stop redirecting to the login page of Auth0 when rest ajax clients does requests, check if the accept type of the request is application/json and just deny access instead...
To be able to use ForwardAuth as a central component for other services to look up user info a new endpoint Profile/Userinfo/User should be implemented. The endpoint should parse the...
Should delete Session Cookies (JWT_TOKEN and ACCESS_TOKEN) from browser to remove user session.
In the new version its mandatory to use JWT Access Token to be able to verify that the access token is valid and has not expired. This can only be...
After a token has been verified, it should be cached and reused. Verification of a token cost about 50ms, and two of them takes about 100ms for each request. After...
verify both tokens, and check that the sub fields is the same in both.
After asking for help on the Auth0 community board I get the following advice. https://community.auth0.com/t/how-to-verify-a-if-access-token/30840/2 I think its best and less error prone to just deny access to opaque tokens....
Need nice looking HTML error pages that should be displayed to the user when appliction signals 400-599 errors from backend.
Implement error handling so that unauthorized responses is handled correctly by ForwardAuth. Now it just print the error message with the generic error json printer. It should show an better...