I am trying to add oauth2-proxy to secure my opengrok instance. I am following the document mentioned here: https://developer.okta.com/blog/2022/07/14/add-auth-to-any-app-with-oauth2-proxy
and my docker-compose.yaml file is as below: https://pastebin.com/raw/WkGqgiB3
I am able to validate and authenticate using my company sso (Oauth2 authentication) but not able to figure out how I can pass the username to opengrok UI.
I tried editing ROOT/pageheader.jspf file, to add below code but that doesn't work:
--%><%@page import="org.opengrok.web.PageConfig"%>
<%
/* ---------------------- pageheader.jspf start --------------------- */
{
PageConfig cfg = PageConfig.get(request);
%>
<%= cfg.getEnv().getIncludeFiles().getHeaderIncludeFileContent(false) %>
<div class="logout">
<span id="logout">
Welcome, <%=request.getRemoteUser()%>! | <a href="/source/logout.jsp">Logout</a>
</span>
</div>
<%
}
/* ---------------------- pageheader.jspf end --------------------- */
%>
But getRemoteUser() returns null. I also tried to get different headers such as:
<%=request.getHeader("X-Forwarded-Email")%>
etc but all returns null.
I am just admin of this application and don't have much java/ jsp experience so can't identify in detail what exactly is going wrong.
Can any Opengrok or Oauth2 expert help here please. Please let me know if you need any more information.
Finally got it working:
Use -set-xauthrequest = true
or if you are passing environment variable then pass:
OAUTH2_PROXY_SET_XAUTHREQUEST = true
this will pass through X-Auth-Request-Email X-Auth-Request-User
Much thanks to answer here: https://github.com/oauth2-proxy/oauth2-proxy/issues/197#issuecomment-540158057