使用NGINX auth_request和oauth2_proxy设置头 [英] Setting headers with NGINX auth_request and oauth2_proxy
问题描述
我想使用 auth_request 和
I want to use the auth_request and oauth2_proxy to set a header upon a successful authentication request and then pass that through to the next proxy inline that will handle the actual request.
我已经设置了NGINX和各种代理来完成其工作,但是我不确定如何设置用于身份验证请求的服务器的标头(图中的AUTH PROXY),以便该标头是传递到下一个服务器(图中的后端服务器")
I've setup NGINX and the various proxies to do their thing, however I'm unsure how to set the header from the server (AUTH PROXY in diagram) that I'm using for the auth request such that that header is passed to the next server (BACKEND SERVER in diagram)
NGINX ---- auth request ----> AUTH PROXY
|
| <--- 201 <------ SUCCESS
|
----> underlying request ----> BACKEND SERVER
我的NGINX配置看起来像
My NGINX config looks like
server {
listen 9123;
resolver 10.3.0.2;
resolver_timeout 30;
location / {
auth_request /_auth;
proxy_set_header x-user $http_x_user;
proxy_pass http://backend_server;
}
location = /_auth {
internal;
proxy_pass https://auth;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
}
}
当我发出实际请求时,我在NGINX调试日志中看到以下内容(这是来自身份验证服务器的响应的一部分):
When I make the actual request I see the following in the NGINX debug logs (this is part of the response from the auth server):
2013/10/14 17:46:42 [debug] 31222#0: *4 http proxy header: "Content-Type: text/html; charset=utf-8"
2013/10/14 17:46:42 [debug] 31222#0: *4 http proxy header: "Date: Mon, 14 Oct 2013 17:46:42 GMT"
2013/10/14 17:46:42 [debug] 31222#0: *4 http proxy header: "Server: nginx/1.2.5"
2013/10/14 17:46:42 [debug] 31222#0: *4 http proxy header: "Vary: Cookie"
2013/10/14 17:46:42 [debug] 31222#0: *4 http proxy header: "x-user: 1"
我想使用x-user
标头并将其传递给后端服务器.
I want to take the x-user
header and pass that through to the backend server.
我已经尝试了location /
块中的各种组合,但是它们都没有起作用.例如
I've tried various combinations in the location /
block but none of them have worked yet. E.g.
-
proxy_set_header x-user $upstream_http_x_user;
-
proxy_set_header x-user $http_x_user;
-
proxy_set_header x-user $sent_http_x_user;
-
proxy_pass_header x-user
proxy_set_header x-user $upstream_http_x_user;
proxy_set_header x-user $http_x_user;
proxy_set_header x-user $sent_http_x_user;
proxy_pass_header x-user
这些似乎都不起作用.有什么想法可以完成这项工作吗?请注意,正是我的Proxy代理设置了要传递给后端服务器的标头,
None of these seem to work. Any ideas how I can accomplish this task? Please note that it's the auth proxy that's setting the header that I want to pass to the backend server,
推荐答案
糟糕,解决了.正确的NGINX配置如下所示:
Woop, figured it out. The correct NGINX config looks like this:
location / {
auth_request /_auth;
auth_request_set $user $upstream_http_x_user;
proxy_set_header x-user $user;
proxy_pass http://backend_server;
}
问题是您不能将标头直接分配给另一个标头,必须使用auth_request_set
将标头设置为变量,然后将该变量分配给标头.
The issue is that you cannot assign the header directly into another header, you have to use auth_request_set
to set the header into a variable and then assign that variable to a header.
这篇关于使用NGINX auth_request和oauth2_proxy设置头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!