Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rename /api/auth/agent-connect/callback -> /admin/auth/callback #6

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

rename /api/auth/agent-connect/callback -> /admin/auth/callback #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 3 additions & 7 deletions Readme.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ Ce dépôt fait partie [d'un ensemble de services qui constituent l'Annuaire des
| --------------------------------- | ------------------------------------------------------------------------------------------------------------- |
| /admin/auth/api | Vérifie si l'utilisateur est authentifié et est connecté, redirige vers `/admin/auth/login` si non connecté |
| /admin/auth/login | Redirige l'utilisateur vers la page d'authorization du serveur OIDC |
| /api/auth/agent-connect/callback | URL sur laquelle l'utilisateur est redirigé par le serveur OIDC afin de finaliser la création de la session |
| /admin/auth/callback | URL sur laquelle l'utilisateur est redirigé par le serveur OIDC afin de finaliser la création de la session |
| /admin/auth/logout-callback | Supprime la session |


Expand Down Expand Up @@ -67,10 +67,6 @@ Exemple de protection de l'ensemble des accès à kibana (hors assets).
location ~ /admin/auth {
proxy_pass http://auth:3000;
}

location ~ /api/auth/agent-connect {
proxy_pass http://auth:3000;
}
```

Workflow correspondant à la configuration Nginx ci-dessus
Expand All @@ -85,8 +81,8 @@ sequenceDiagram
OIDCServer->>AdminAuth: URL d'authentification OIDC
AdminAuth->>Client: HTTP 302 URL d'authentification OIDC
Client->>OIDCServer: URL d'authentification OIDC
OIDCServer->>Client: HTTP 302 vers /api/auth/agent-connect/callback
Client->>AdminAuth: GET /api/auth/agent-connect/callback
OIDCServer->>Client: HTTP 302 vers /admin/auth/callback
Client->>AdminAuth: GET /admin/auth/callback
AdminAuth->>OIDCServer: Validation du code d'authorisation
OIDCServer->>AdminAuth: Génération d'un access token
AdminAuth->>OIDCServer: Récupération des infos utilisateurs
Expand Down
4 changes: 0 additions & 4 deletions demo/sites-enabled/kibana.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,4 @@ server {
location ~ /admin/auth {
proxy_pass http://auth:3000;
}

location ~ /api/auth/agent-connect {
proxy_pass http://auth:3000;
}
}
2 changes: 1 addition & 1 deletion src/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@ app.get('/admin/auth/login', async (req: Request, res: Response) => {
res.redirect(authUrl)
})

app.get('/api/auth/agent-connect/callback', async (req: Request, res: Response) => {
app.get('/admin/auth/callback', async (req: Request, res: Response) => {
const client = await getOpenIDClient();

const params = client.callbackParams(req);
Expand Down