From 7f5672b433f70478c79fe4f7294a92cb56a0b64b Mon Sep 17 00:00:00 2001 From: Pierce Lopez Date: Mon, 24 Apr 2017 17:56:15 -0400 Subject: [PATCH] README: simplify nginx auth_request example /oauth2/auth is not more sensitive than other /oauth2/ paths, does not need "internal" protection "spdy" protocol is obsolete, http2 is the thing to enable now. But it's orthogonal anyway. No need for two separate content/upstream location blocks in this example, reduce to just one, with a comment that it could be serving files instead of proxying. --- README.md | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index be73f36..6ab8de5 100644 --- a/README.md +++ b/README.md @@ -350,15 +350,10 @@ The [Nginx `auth_request` directive](http://nginx.org/en/docs/http/ngx_http_auth ```nginx server { - listen 443 ssl spdy; + listen 443 ssl; server_name ...; include ssl/ssl.conf; - location = /oauth2/auth { - internal; - proxy_pass http://127.0.0.1:4180; - } - location /oauth2/ { proxy_pass http://127.0.0.1:4180; proxy_set_header Host $host; @@ -367,7 +362,7 @@ server { proxy_set_header X-Auth-Request-Redirect $request_uri; } - location /upstream/ { + location / { auth_request /oauth2/auth; error_page 401 = /oauth2/sign_in; @@ -379,13 +374,7 @@ server { proxy_set_header X-Email $email; proxy_pass http://backend/; - } - - location / { - auth_request /oauth2/auth; - error_page 401 = https://example.com/oauth2/sign_in; - - root /path/to/the/site; + # or "root /path/to/site;" or "fastcgi_pass ..." etc } } ```