Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cleanup examples - part 1 #284

Merged
merged 2 commits into from
Nov 28, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions examples/radix-oauth-proxy
Submodule radix-oauth-proxy added at f585f7
5 changes: 1 addition & 4 deletions public-site/docs/src/guides/authentication/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -81,9 +81,6 @@ When OAuth2 is enabled for a component in [`radixconfig.yaml`](../../references/
- Register the OAuth2 service's callback URLs in the Azure AD application registration. The default path is **/oauth2/callback**, and is composed of the value in `proxyPrefix` (default **/oauth2**) and suffixed with **/callback**.
![Register Redirect URL](./aad-register-callback.png "Register Redirect URL")

::: tip Sample
Example application: [radix-example-oauth2-feature](https://github.com/equinor/radix-example-oauth2-feature)
:::

#### Restrict access to AAD group

Expand Down Expand Up @@ -116,7 +113,7 @@ It's possible to use a proxy in front of the client application that takes care

![Diagram](./radix-front-proxy.png "Application diagram")

For an example using [oauth2_proxy](https://github.com/oauth2-proxy/oauth2-proxy/blob/master/docs/docs/configuration/overview.md) see [Radix oauth example](https://github.com/equinor/radix-example-oauth-proxy). [Radix Web Console](https://console.radix.equinor.com/) uses this service, and does API calls to radix-api through a [nginx reverse proxy](https://github.com/equinor/radix-web-console/blob/master/proxy/nginx.conf)
For an example using [oauth2_proxy](https://github.com/oauth2-proxy/oauth2-proxy/blob/master/docs/docs/configuration/overview.md) see [Radix oauth example](../../../../../examples/radix-oauth-proxy/). [Radix Web Console](https://console.radix.equinor.com/) uses this service, and does API calls to radix-api through a [nginx reverse proxy](https://github.com/equinor/radix-web-console/blob/master/proxy/nginx.conf)

Pro

Expand Down
7 changes: 1 addition & 6 deletions public-site/docs/src/other/scenarios/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,5 @@ App which authenticates the user in AD, if logged in read basic user information

Example for Omnia Radix showing how to use a OAuth proxy for authentication

- [Omnia Radix OAuth proxy for authentication](https://github.com/equinor/radix-example-oauth-proxy)

Example for Omnia Radix showing how to use the OAuth2 feature in Radix

- [Omnia Radix Oauth2 Feature](https://github.com/equinor/radix-example-oauth2-feature)

- [Omnia Radix OAuth proxy for authentication](../../../../../examples/radix-oauth-proxy/)

Original file line number Diff line number Diff line change
Expand Up @@ -1030,7 +1030,7 @@ spec:

It is possible to have multiple custom DNS aliases (i.e. to choose your own custom domains) for the application. The `dnsExternalAlias` needs to point to a component marked as public. It can be any domain name, which can in turn be used for public URLs to access the application — as long as the application developer provides a valid certificate for the alias.

If public component is a `proxy` (like `oauth-proxy` in [this example](https://github.com/equinor/radix-example-oauth-proxy)), which is used as a public component, routing requests to `frontend` component - `dnsExternAlias.component` should point to this `proxy` component.
If public component is a `proxy` (like `oauth-proxy`), which is used as a public component, routing requests to `frontend` component - `dnsExternAlias.component` should point to this `proxy` component.

In the example above, the component **frontend** hosted in environment **prod** will be accessible from both `some.alias.com` and `another.alias.com`, as long as the correct certificate has been set.

Expand Down
Loading