Nginx Auth Request By Source IP
Grzegorz Kulewski
gk at leniwiec.biz
Thu Oct 19 19:08:29 UTC 2017
W dniu 19.10.2017 o 20:59, John Baird pisze:
> I have been doing some reading an googling, and I am wondering if someone can help.
>
> I have an oauth2 service successfully authenticating nginx visitors. Because Nginx is fronting a web application on the backend, the web application does NOT have valid domain credentials to interact with the nginx layer.
>
> Goal:
> I would like to be able to do something like the following:
>
> geo $localhost {
> default 0;
> 127.0.0.1/32 <http://127.0.0.1/32> 1;
> }
>
> server {
> location / {
> if ($localhost = 0) {
> auth_request = /oauth2/callback
> ....
> }
> }
> }
>
> Is this possible?
> TL;DR -> bypass nginx oauth2 auth_request module when source ip is localhost
If I understood correctly something like that should work:
satisfy any;
allow 127.0.0.1;
deny all;
auth_request ...;
--
Grzegorz Kulewski
More information about the nginx
mailing list