Skip to content

Move static content to oauth2-proxy-static to avoid name collisions (#2223) #2358

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

Move static content to oauth2-proxy-static to avoid name collisions (#2223) #2358

wants to merge 3 commits into from

Conversation

@StefanLobbenmeierObjego
Copy link

@StefanLobbenmeierObjego StefanLobbenmeierObjego commented Dec 19, 2023
edited
Loading

Description

Renamed the static folder to oauth2-proxy-static, so that content hosted by underlying application on /static can still be accessed.

Motivation and Context

Jupyter hosts resources on /static
Closes #2223

How Has This Been Tested?

Tested locally against the configuration that I use in production. Basically like this:

Built it like this:

GOROOT=/opt/homebrew/opt/go/libexec #gosetup
GOPATH=/Users/lobbenst/go #gosetup
/opt/homebrew/opt/go/libexec/bin/go build -o /Users/lobbenst/Library/Caches/JetBrains/IntelliJIdea2023.3/tmp/GoLand/___1go_build_github_com_oauth2_proxy_oauth2_proxy_v7 github.com/oauth2-proxy/oauth2-proxy/v7 #gosetup

ran it like this:

OAUTH2_PROXY_CLIENT_SECRET=censored \
OAUTH2_PROXY_COOKIE_SECRET=censored \
/Users/lobbenst/Library/Caches/JetBrains/IntelliJIdea2023.3/tmp/GoLand/___1go_build_github_com_oauth2_proxy_oauth2_proxy_v7  \
"--upstream=http://localhost:8888/" \
"--banner=-" \
"--footer=-" \
"--custom-sign-in-logo=-" \
"--cookie-secure=true" \
"--cookie-expire=8h0m" \
"--cookie-refresh=60m" \
"--cookie-domain=censored.de" \
"--http-address=0.0.0.0:8080" \
"--proxy-prefix=/jupyter" \
"--redirect-url=https://censored.de/jupyter/callback" \
"--email-domain=censored.de" \
"--provider=oidc" \
"--client-id=123456" \
"--oidc-issuer-url=https://login.microsoftonline.com/987645/v2.0"

And for my local testing I had to add some more settings:
"--tls-cert-file=mycert.crt"
"--tls-key-file=mycert.key" \

Checklist:

  • My change requires a change to the documentation or CHANGELOG.
  • I have updated the documentation/CHANGELOG accordingly.
  • I have created a feature (non-master) branch for my PR.
  • I have written tests for my code changes.

@StefanLobbenmeierObjego StefanLobbenmeierObjego requested a review from a team as a code owner December 19, 2023 16:16
@github-actions github-actions bot added the go label Dec 19, 2023
@github-actions github-actions bot added the docs label Dec 19, 2023
@tuunit tuunit added enhancement breaking A change that will cause a major version bump LGTM PR is ready to merge labels Dec 20, 2023
@tuunit tuunit added this to the v7.6.0 milestone Jan 2, 2024
@JoelSpeed
Copy link
Member

I disagree with this change and I think you're using --proxy-prefix wrong.

The intention of the proxy-prefix flag is to allow you to set a unique path so that there isn't any overlap. In your case, I suspect you want to set the prefix to /jupyter/oauth2, that is, assuming there's no path within Jupyter that relies on oauth2 being a sub path.

@JoelSpeed JoelSpeed removed the LGTM PR is ready to merge label Jan 20, 2024
@tuunit
Copy link
Member

tuunit commented Jan 21, 2024

Hi @StefanLobbenmeierObjego,

could you please test if the --proxy-prefix=/jupyter/oauth2 suggested by @JoelSpeed solves your issue?

@StefanLobbenmeierObjego
Copy link
Author

Hi - thanks for the feedback. I will try it out, waiting for permissions to add that redirect uri in azure, but I will let you know

@StefanLobbenmeierObjego
Copy link
Author

That worked, thank you very much for the support ❤️ I will also let the other affected person know in the linked issue

@StefanLobbenmeierObjego StefanLobbenmeierObjego mentioned this pull request Jan 22, 2024
Closed
@StefanLobbenmeierObjego StefanLobbenmeierObjego deleted the #2223---Move-static-content-to-oauth2-proxy-static-to-avoid-name-collisions branch January 22, 2024 11:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tuunit tuunit tuunit approved these changes

Assignees

No one assigned

Labels

breaking A change that will cause a major version bump changelog docs enhancement go

Projects

None yet

Milestone

v7.6.0

Development

Successfully merging this pull request may close these issues.

7.5.0 breaks protected path /static, HTTP 404

3 participants

@StefanLobbenmeierObjego @JoelSpeed @tuunit