Google oauth reverse proxy

Hi all,

I am not a developer, so… sorry for the silly questions about a Google product!

I followed the great guide Chris Castel made here.

The reverse proxy with Google authentication works great and takes me to my private service, however there is a specific issue with how Google have implemented “test users” and unpublished apps.

Long story short, a workaround to this is to request a “consent” to a restricted Google API (in the solution example I’m following this is the Calendar API)

My question is:

In the Render Web Service settings that runs my oAuth reverse proxy, is there a way for me to replicate the solution as shown in the Supabase example below and pass a “prompt” and “scope” variable when interacting with the Google oAuth service?

Thanks!

Hi,

Those wouldn’t be Render settings, but the configuration of the OAuth2-Proxy project the blog post utilizes.

The screenshot references queryParams. Maybe that is a similar feature that was added OAuth2-Proxy in version 7.3.0? Changelog (the forked blog post example repo uses 7.2.1)

Alan

For anyone else looking for the solution to this problem it was to:

1. create a “oauth2_proxy.cfg” file in the main directory on github

2. add this line to that cfg file:
   scope = "profile email https://www.googleapis.com/auth/calendar.readonly"

3. add this line to the bottom of the DOCKERFILE in the main directory on github:

ENTRYPOINT [ "sh", "-c", "/bin/oauth2-proxy --config=/etc/oauth2_proxy.cfg --upstream=http://${UPSTREAM}" ]

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.