Login
Oauth2 login support for web applications.
yaml
server:
entrypoints:
web:
address: ":8082"
http:
middlewares:
role:
role:
roles:
- "transaction"
methods:
- "GET"
main:
hello:
headers:
Content-Type: "text/html; charset=utf-8"
message: |
<!DOCTYPE html>
<head>
<title>Turna</title>
<style>
body {background-color: #f7fff7;}
h1 {border-bottom: 2px solid #ff6b6b;}
.logout {float: right; color: #ff6b6b; text-decoration: none;}
pre {background-color: #faf0ca; overflow: auto; white-space: pre-wrap; word-wrap: break-word; }
</style>
</head>
<body>
<h1>Turna - Test Page <a class="logout" href="/logout/">Logout</a></h1>
<div>
<p>Test page</p>
</div>
</body>
</html>
token:
set:
values:
- token_header
- disable_redirect
session_info:
session_info:
information:
values:
- preferred_username
- email
- given_name
- family_name
roles: true
session_middleware: "session"
session:
session:
cookie_name: "turna_test"
session_key: "my_secret_key"
store:
active: file
file: {}
redis:
address: "localhost:6379"
key_prefix: "turna_test_"
options:
http_only: true
secure: false
same_site: 2
provider:
test1:
password_flow: true
oauth2:
client_id: "test"
client_secret: ""
cert_url: "http://localhost:8080/realms/master/protocol/openid-connect/certs"
token_url: "http://localhost:8080/realms/master/protocol/openid-connect/token"
auth_url: "http://localhost:8080/realms/master/protocol/openid-connect/auth"
logout_url: "http://localhost:8080/realms/master/protocol/openid-connect/logout"
scopes:
- "openid"
# test2:
# oauth2:
# client_id: "test2"
# client_secret: ""
# cert_url: "http://localhost:8080/realms/master/protocol/openid-connect/certs"
# token_url: "http://localhost:8080/realms/master/protocol/openid-connect/token"
# auth_url: "http://localhost:8080/realms/master/protocol/openid-connect/auth?kc_idp_hint=test1"
# test11:
# password_flow: true
# oauth2:
# client_id: "test1"
# client_secret: ""
# cert_url: "http://localhost:8080/realms/master/protocol/openid-connect/certs"
# token_url: "http://localhost:8080/realms/master/protocol/openid-connect/token"
# auth_url: "http://localhost:8080/realms/master/protocol/openid-connect/auth"
# test2:
# priority: 1
# oauth2:
# client_id: "test2"
# client_secret: "K5lR1GyWdBVFK4E2b9vShu6XUsFyo6bI"
# cert_url: "http://localhost:8080/realms/master/protocol/openid-connect/certs"
# token_url: "http://localhost:8080/realms/master/protocol/openid-connect/token"
# auth_url: "http://localhost:8080/realms/master/protocol/openid-connect/auth"
# test3:
# priority: 2
# oauth2:
# client_id: "test3"
# client_secret: ""
# cert_url: "http://localhost:8080/realms/master/protocol/openid-connect/certs"
# token_url: "http://localhost:8080/realms/master/protocol/openid-connect/token"
# auth_url: "http://localhost:8080/realms/master/protocol/openid-connect/auth"
action:
token:
login_path: "/login/"
logout:
set:
values:
- logout
login:
login:
path:
base: "/login/"
redirect:
schema: http
info:
title: "Turna Login"
session_middleware: "session"
role_data:
role_data:
map:
- roles:
- "transaction_rw"
data:
"test": 5555
default:
- test: 0
- test2: 0
role_check:
role_check:
allow_others: true
path_map:
- regex_path: "^/api/transaction/.*"
map:
- roles:
- "transaction_r"
- "transaction_rw"
methods:
- "GET"
- roles:
- "transaction_rw"
methods:
- "POST"
- "PUT"
- "DELETE"
whoami:
service:
loadbalancer:
servers:
- url: "http://localhost:9090"
routers:
login:
path: /login/*
middlewares:
- login
logout:
path: /logout/*
middlewares:
- logout
- login
info:
path: /auth/info
middlewares:
- session_info
role_data:
path: /role_data
middlewares:
- session
- role_data
role_check:
path: /api/*
middlewares:
- token
- session
- role_check
- whoami
whoami:
path: /whoami/*
middlewares:
- token
- session
# - role
- whoami
main:
path: /*
middlewares:
- session
- main