Check Forward Auth Bearer
This page shows you how to verify the forward-auth middleware
installed when the oauth chart is installed.
Set the auth middleware on whomai
Section titled “Set the auth middleware on whomai”The bearer is not passed by default with the forward-auth middleware, we use then the forward-auth-bearer middleware
Apply forward-auth-bearer middleware on whoami in the cluster file
whoami: enabled: true auth_middleware: 'forward-auth-bearer' hostname: 'whoami-xxx.sslip.io.io'Deploy the whoami chart
Section titled “Deploy the whoami chart”kubee helmet -c clusertName play whoamiNavigate to whoami web app
Section titled “Navigate to whoami web app”- Go to https://whoami-xxx.nip.io
- Grab the
Authorization: BearerHeader value in the request
Example in this request, the value starts with eyJhbGciOiJSU...
Hostname: whoami-kubee-748cc6f455-mp6jjIP: 127.0.0.1GET / HTTP/1.1Host: whoami-xxx.sslip.ioUser-Agent: xxxAccept: xxxAccept-Encoding: xxxAccept-Language: xxxAuthorization: Bearer eyJhbGciOiJSU...Decode the value
Section titled “Decode the value”- Decode the payload at https://jwt.io/. Example:
{ "iss": "https://dex-xxx.nip.io", "sub": "CiQwOGE4Njg0Yi1kYjg4LTRiNzMtOTBhOS0zY2QxNjYxZjU0NjYSBWxvY2Fs", "aud": "oauth2-proxy", "exp": 1739983694, "iat": 1739897294, "at_hash": "HtDam6UvwOt6h07X2-BAkw", "c_hash": "tv4WJTo8QFFBJdKPQEJHLQ", "email": "admin@example.com", "email_verified": true, "name": "admin"}