{"id":13556203,"url":"https://github.com/evry/docker-oidc-proxy","last_synced_at":"2025-04-03T09:30:56.385Z","repository":{"id":150796645,"uuid":"90599776","full_name":"evry/docker-oidc-proxy","owner":"evry","description":"Docker Image built on Alpine Linux for secure OpenID Connect (OIDC) proxy authentication","archived":false,"fork":false,"pushed_at":"2023-06-16T15:19:39.000Z","size":515,"stargazers_count":121,"open_issues_count":17,"forks_count":59,"subscribers_count":8,"default_branch":"master","last_synced_at":"2024-11-04T05:33:46.746Z","etag":null,"topics":["alpine","alpine-linux","cookie-session","docker","docker-image","nginx","nginx-proxy","oidc","oidc-single-sign-on","openid-client"],"latest_commit_sha":null,"homepage":"https://hub.docker.com/r/evry/oidc-proxy/","language":"Lua","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/evry.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-05-08T07:39:07.000Z","updated_at":"2024-09-03T21:27:33.000Z","dependencies_parsed_at":"2024-01-14T16:09:06.525Z","dependency_job_id":"2377352a-3d5f-412d-8190-f8dc57c9cd1b","html_url":"https://github.com/evry/docker-oidc-proxy","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evry%2Fdocker-oidc-proxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evry%2Fdocker-oidc-proxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evry%2Fdocker-oidc-proxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evry%2Fdocker-oidc-proxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/evry","download_url":"https://codeload.github.com/evry/docker-oidc-proxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246976145,"owners_count":20863023,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alpine","alpine-linux","cookie-session","docker","docker-image","nginx","nginx-proxy","oidc","oidc-single-sign-on","openid-client"],"created_at":"2024-08-01T12:03:41.859Z","updated_at":"2025-04-03T09:30:55.552Z","avatar_url":"https://github.com/evry.png","language":"Lua","readme":"# evry/oidc-proxy [![Image Layers](https://images.microbadger.com/badges/image/evry/oidc-proxy.svg)](https://microbadger.com/#/images/evry/oidc-proxy)\n\nDocker Image for OpenID Connect proxy authentication. Useful for putting\nservices behind Keycloak and other OpenID Connect authentication.\n\nThis is Image used Nginx for proxying request and OpenResty with the\n`lua-resty-openidc` library to handle OpenID Connect authentication.\n\n![\"Docker OIDC Proxy overview\"](https://raw.githubusercontent.com/evry/docker-oidc-proxy/master/assets/overview.png \"Docker OIDC Proxy overview\")\n\n## Supported tags and respective Dockerfile links\n\n* [`latest`, `v1.2.0` (*Dockerfile*)](https://github.com/evry/docker-oidc-proxy/blob/master/Dockerfile)\n\n## How to use this image\n\nThis proxy is controlled through environment variables, so there is no need to\nmess with any configuration files unless you want to of course. The following\nenvironment variables is used in this image:\n\n* `OID_SESSION_SECRET`: secret value for cookie sessions\n* `OID_SESSION_CHECK_SSI`: check SSI or not (`on` or `off`)\n* `OID_SESSION_NAME`: cookie session name\n\n* `OID_REDIRECT_PATH`: Redirect path after authentication\n* `OID_DISCOVERY`: OpenID provider well-known discovery URL\n* `OID_CLIENT_ID`: OpenID Client ID\n* `OID_CLIENT_SECRET`: OpenID Client Secret\n* `OID_USE_PKCE`: Enable PKCE (`true` or `false`, default is `false`)\n* `OIDC_AUTH_METHOD`: OpenID Connect authentication method (`client_secret_basic` or `client_secret_post`)\n* `OIDC_RENEW_ACCESS_TOKEN_ON_EXPIRY`: Enable silent renew of access token (`true` or `false`)\n\n* `PROXY_HOST`: Host name of the service to proxy\n* `PROXY_PORT`: Port of the service to proxy\n* `PROXY_PROTOCOL`: Protocol to the service to proxy (`http` or `https`)\n\n* `ADD_HOST_HEADER`: pass the proxy host header downstream (`true` or `false`)\n\n```\ndocker run \\\n  -e OID_DISCOVERY=https://my-auth-server/auth \\\n  -e OID_CLIENT_ID=my-client \\\n  -e OID_CLIENT_SECRET=my-secret \\\n  -e PROXY_HOST=my-service \\\n  -e PROXY_PORT=80 \\\n  -e PROXY_PROTOCOL=http \\\n  -p 80:80 \\\n  evry/oidc-proxy\n```\n\n## License\n\nThis Docker image is licensed under the [MIT License](https://github.com/evry/docker-oidc-proxy/blob/master/LICENSE).\n\nSoftware contained in this image is licensed under the following:\n\n* docker-openresty: [BSD 2-clause \"Simplified\" License](https://github.com/openresty/docker-openresty/blob/master/COPYRIGHT)\n* lua-resty-http: [BSD 2-clause \"Simplified\" License](https://github.com/pintsized/lua-resty-http/blob/master/LICENSE)\n* lua-resty-jwt: [Apache License 2.0](https://github.com/cdbattags/lua-resty-jwt/blob/master/LICENSE.txt)\n* lua-resty-openidc: [Apache License 2.0](https://github.com/pingidentity/lua-resty-openidc/blob/master/LICENSE.txt)\n* lua-resty-session: [BSD 2-clause \"Simplified\" License](https://github.com/bungle/lua-resty-session/blob/master/LICENSE)\n* lua-resty-hmac: [BSD 2-clause \"Simplified\" License](https://github.com/jkeys089/lua-resty-hmac/#copyright-and-license)\n\n## Supported Docker versions\n\nThis image is officially supported on Docker version 1.12.\n\nSupport for older versions (down to 1.0) is provided on a best-effort basis.\n\n## User Feedback\n\n### Documentation\n\n* [Docker](http://docs.docker.com)\n* [nginx](http://nginx.org/en/docs/)\n* [OpenResty](http://openresty.org/)\n* [lua-resty-openidc](https://github.com/pingidentity/lua-resty-openidc#readme)\n\n### Issues\n\nIf you have any problems with or questions about this image, please contact us\nthrough a [GitHub issue](https://github.com/evry/docker-oidc-proxy/issues).\n\n### Contributing\n\nYou are invited to contribute new features, fixes, or updates, large or small;\nwe are always thrilled to receive pull requests, and do our best to process them\nas fast as we can.\n\nBefore you start to code, we recommend discussing your plans through a [GitHub\nissue](https://github.com/evry/docker-oidc-proxy/issues), especially for more\nambitious contributions. This gives other contributors a chance to point you in\nthe right direction, give you feedback on your design, and help you find out if\nsomeone else is working on the same thing.\n","funding_links":[],"categories":["Lua","docker"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fevry%2Fdocker-oidc-proxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fevry%2Fdocker-oidc-proxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fevry%2Fdocker-oidc-proxy/lists"}