Skip to content

Enhance OIDC Authentication: Support Dynamic Redirect URLs, Authentication State in Cookies, and Bearer Token Handling #166

New issue
New issue
Open
Open
Enhance OIDC Authentication: Support Dynamic Redirect URLs, Authentication State in Cookies, and Bearer Token Handling#166
Labels
kind/featureCategorizes issue or PR as related to a new feature.
@modoulo

Description

@modoulo
modoulo
opened on Feb 13, 2025

Issue Description:

Currently, the OIDC authentication flow is limited due to a fixed redirectURL, preventing dynamic redirection for multiple applications. Additionally, applications without frontend authentication logic struggle to persist authentication state, and there is no support for Bearer tokens in HTTP headers.

Proposed Solution:

1. Support Multiple Applications with Dynamic Redirects:

Introduce a new configuration field, AuthorizedRedirectDomains []string, allowing users to define a list of authorized domains.
If an incoming request matches one of these domains, the appropriate redirectURL will be applied dynamically.

2. Persist Authentication State in Cookies:

Store authentication state in cookies to enable OIDC authentication for frontend applications without requiring custom authentication logic.

3. Support Bearer Tokens in Headers:

Allow authentication via Bearer tokens in HTTP headers, enabling backend services and microservices to authenticate requests without requiring cookie-based sessions.

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/featureCategorizes issue or PR as related to a new feature.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions