swift-chef-97535
12/24/2021, 3:18 PMhappy-magician-21721
12/24/2021, 3:22 PMFROM oryd/oathkeeper:v0.38.12-beta.1
ADD config.yaml /config.yaml
ADD rules.json /rules.json
ADD jwks.json /jwks.json
Dockerfilehappy-magician-21721
12/24/2021, 3:22 PMserve:
proxy:
port: 4455 # run the proxy at port 4455
api:
port: 4456 # run the api at port 4456
access_rules:
repositories:
- file:///rules.json
errors:
fallback:
- json
handlers:
json:
enabled: true
config:
verbose: true
redirect:
enabled: true
config:
to: <https://www.ory.sh/docs>
mutators:
header:
enabled: true
config:
headers:
X-User: "{{ print .Subject }}"
# You could add some other headers, for example with data from the
# session.
# X-Some-Arbitrary-Data: "{{ print .Extra.some.arbitrary.data }}"
noop:
enabled: true
id_token:
enabled: true
config:
issuer_url: <http://localhost:4455/>
jwks_url: file:///jwks.json
authorizers:
allow:
enabled: true
deny:
enabled: true
remote_json:
# Set enabled to "true" to enable the authenticator, and "false" to disable the authenticator. Defaults to "false".
enabled: true
config:
remote: <http://my-remote-authorizer/authorize>
payload: |
{
"subject": "{{ print .Subject }}",
"resource": "{{ printIndex .MatchContext.RegexpCaptureGroups 0 }}"
}
authenticators:
anonymous:
enabled: true
config:
subject: guest
noop:
enabled: true
happy-magician-21721
12/24/2021, 3:24 PM[
{
"id": "nest-oauthkeeper",
"version": "v0.36.0-beta.4",
"upstream": {
"url": "<http://host.docker.internal:2828>",
"strip_path": "/api"
},
"match": {
"url": "http://<127.0.0.1|localhost>:4455/api/oathkeeper",
"methods": [
"GET"
]
},
"authenticators": [
{
"handler": "noop"
}
],
"authorizer": {
"handler": "remote_json",
"config": {
"remote": "<http://host.docker.internal:2828/oathkeeper/authorizer>",
"payload": {
"extra": "{{ print .Extra }}",
"subject": "{{ print .Subject }}",
"Header": "{{ print .Header }}",
"matchContext": "{{ print .MatchContext }}"
}
},
"forward_response_headers_to_upstream": []
},
"mutators": [
{
"handler": "noop"
}
],
"errors": [
{
"handler": "json"
}
]
}
]