lua-resty-openidc
lua-resty-openidc copied to clipboard
zmartzone
OpenID Connect Relying Party and OAuth 2.0 Resource Server implementation in Lua for NGINX / OpenResty
Hi after upgrade to 1.8.0 version (latest from git) I get 302 redirection loop and problem loading site and static files: My configuration: ``` lua_code_cache on; set $session_secret secret; access_by_lua_block...
I have the following production environment setup: * openresty:alpine-fat docker image deployed to AWS App Runner * Nginx files using `lua-resty-openidc`. When hitting the URL to the server, there is...
I have lua-resty-openidc configured and working fine with the config: ```lua local opts = { redirect_uri_path = "http://localhost/return", discovery = "https://login.microsoftonline.com/aaa/v2.0/.well-known/openid-configuration", client_id = "xxx", client_secret = "yyy", scope = "openid",...
I am using [docker-kong-oidc](https://github.com/revomatico/docker-kong-oidc) (which is using lua-resty-openidc) as docker image of Kong in kubernetes helm chart. Increased kubernetes Pods of kong using `replicaCount` to more than 1. X_SESSION_SECRET env...
### Description: Keycloak 23 requires X-Forwarded headers to validate the iss (issuer) of the refresh token during a REFRESH_TOKEN request. However, the openidc.lua implementation in Kong does not include the...
It appears that `none` is the recommended configuration when using the PKCE auth flow for public clients (see [OIDC 1.0 specs](https://openid.net/specs/openid-connect-registration-1_0.html), [Okta docs](https://developer.okta.com/docs/api/openapi/okta-oauth/guides/client-auth/#client-authentication-methods), [Hydra docs](https://developer.okta.com/docs/api/openapi/okta-oauth/guides/client-auth/#client-authentication-methods)). Is there a reason why...
