refator: refacoting, replace ssl by tls

2024-11-29 13:48:00 +01:00
parent 076d9aa56d
commit e33af02f04
11 changed files with 233 additions and 80 deletions
--- a/docs/middleware/oauth.md
+++ b/docs/middleware/oauth.md
@@ -5,9 +5,9 @@ parent: Middleware
 nav_order: 5
 ---

-### OAuth middleware
+# OAuth middleware

-Example of Google provider
+### Example of Google provider

 ```yaml
  - name: google-oauth
@@ -30,7 +30,7 @@ Example of Google provider

 ```

-Example of Authentik provider
+### Example of Authentik provider

 ```yaml
    - name: oauth-authentik
@@ -59,32 +59,6 @@ Example of Authentik provider
        jwtSecret: your-strong-jwt-secret | It's optional

 ```
-### Access middleware
-
-Access middleware prevents access to a route or specific route path.
-
-Example of access middleware
-```yaml
-  # The server will return 403
-  - name: api-forbidden-paths
-    type: access
-    ## prevents access paths
-    paths:
-      - /swagger-ui/*
-      - /v2/swagger-ui/*
-      - /api-docs/*
-      - /internal/*
-      - /actuator/*
-```
-### RateLimit middleware
-
-The RateLimit middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
-
-Example of rateLimit middleware
-```yaml
-
-```
-
 ### Apply middleware on the route

 ```yaml
@@ -99,4 +73,37 @@ Example of rateLimit middleware
      cors: {}
      middlewares:
        - oauth-authentik
+```
+
+## Advanced Kubernetes deployment
+
+```yaml
+apiVersion: gomaproj.github.io/v1beta1
+kind: Middleware
+metadata:
+  name: oauth-middleware-sample
+spec:
+    type: basic
+    paths:
+      - /protected
+      - /example-of-oauth
+    rule:
+      clientId: xxx
+      clientSecret: xxx
+      # oauth provider google, gitlab, github, amazon, facebook, custom
+      provider: custom
+      endpoint:
+        authUrl: https://authentik.example.com/application/o/authorize/
+        tokenUrl: https://authentik.example.com/application/o/token/
+        userInfoUrl: https://authentik.example.com/application/o/userinfo/
+      redirectUrl: https://example.com/callback
+      #RedirectPath is the PATH to redirect users after authentication, e.g: /my-protected-path/dashboard
+      redirectPath: ''
+      #CookiePath e.g.: /my-protected-path or / || by default is applied on a route path
+      cookiePath: "/"
+      scopes:
+        - email
+        - openid
+      state: randomStateString
+      jwtSecret: your-strong-jwt-secret | It's optional
 ```