## Google Auth Proxy Config File ## https://github.com/bitly/google_auth_proxy ## : to listen on for HTTP clients # http_address = "127.0.0.1:4180" ## the OAuth Redirect URL. # defaults to the "https://" + requested host header + "/oauth2/callback" # redirect_url = "https://internalapp.yourcompany.com/oauth2/callback" ## the http url(s) of the upstream endpoint. If multiple, routing is based on path # upstreams = [ # "http://127.0.0.1:8080/" # ] ## Log requests to stdout # request_logging = true ## pass HTTP Basic Auth, X-Forwarded-User and X-Forwarded-Email information to upstream # pass_basic_auth = true ## pass the request Host Header to upstream ## when disabled the upstream Host is used as the Host Header # pass_host_header = true ## Google Apps Domains to allow authentication for # google_apps_domains = [ # "yourcompany.com" # ] ## The Google OAuth Client ID, Secret # client_id = "123456.apps.googleusercontent.com" # client_secret = "" ## Authenticated Email Addresses File (one email per line) # authenticated_emails_file = "" ## Htpasswd File (optional) ## Additionally authenticate against a htpasswd file. Entries must be created with "htpasswd -s" for SHA encryption ## enabling exposes a username/login signin form # htpasswd_file = "" ## Templates ## optional directory with custom sign_in.html and error.html # custom_templates_dir = "" ## Cookie Settings ## Secret - the seed string for secure cookies; should be 16, 24, or 32 bytes ## for use with an AES cipher when cookie_refresh or pass_access_code ## is set ## Domain - optional cookie domain to force cookies to (ie: .yourcompany.com) ## Expire - expire timeframe for cookie ## Refresh - refresh the cookie when less than this much time remains before ## expiration; should be less than cookie_expire; set to 0 to disable # cookie_secret = "" # cookie_domain = "" # cookie_expire = "168h" # cookie_refresh = "144h" # cookie_secure = true # cookie_httponly = true # pass_access_code = true