-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Send configured claims as headers to backends #72
base: master
Are you sure you want to change the base?
Send configured claims as headers to backends #72
Conversation
This really looks useful - could you provide a build of it, maybe in your fork? |
Sure, here it is: ghcr.io/bennesp/traefik-forward-auth:v3.1.0-pr72. It is built by Github Actions |
Thx! |
Is there something holding this back (apart from devs' time of course)? So far as I can tell this would be the only way for me to receive claims about authenticated users from the identity providers--I am releasing information from the providers but can only get the username (e-mail) to my application. |
I don’t think this is totally true. I recall a configuration variable (I think it was called Then, of course, your backend needs to decode the JWT, but after that (even without verifying it, if you trust the network) you will be able to access any claim defined in the JWT. This of course doesn't prevent this PR to be reviewed and merged 😅 |
Would love to see this one merged... |
I considered this fork as unmaintained since I didn't see any new commits from 2022, but then in August I saw @mhrabovcin working on merging some PRs. Maybe he can give a shot to this PR too? 🙏 |
This PR add the possibility to configure generic claims to be passed to backends as headers.
It is related to this comment #64 (comment) which is by far the most upvoted comment in this repository
Just as an example: if you set
EXTRA_CLAIMS = "x-forwarded-locale:locale, x-forwarded-picture:picture"
then your backends will receive two new headers:X-Forwarded-Locale
, containing the value inside thelocale
claim, andX-Forwarded-Picture
, containing the value inside the claimpicture
Note: remember also to add
authResponseHeaders
orauthResponseHeadersRegex
to your middleware appropriately of course