What is the simplest way to restrict access to a static website using social auth

I have a static website composed of HTML/CSS/JavaScript files. The website is automatically generated and updated frequently.

Instead of authorizing access to the website with a username/password (basic auth), I would like to have users authenticate using Google Sign-in/openID Connect, and then control access via a whitelist of gmail addresses.

What is the simplest way to set this up?

I ended up using oauth2_proxy which is exactly what I was looking for.

I configured to do the following:

• oauth2_proxy listens on 0.0.0.0:443
• When a user connects, the Google sign-in flow is initiated
• After sign-in, it validates the user's email address against a whitelist
• After successful validation, oauth2_proxy proxies the request to an upstream nginx server listening on 127.0.0.1:8080