S.S.Octopus
oauth2-proxy-blog
S.S.Octopus | oauth2-proxy-blog | |
---|---|---|
5 | 1 | |
3,063 | 6 | |
0.4% | - | |
0.0 | 0.0 | |
12 days ago | about 1 year ago | |
Go | Go | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
S.S.Octopus
-
Use OpenZiti to secure your monitoring
2. An identity aware SSO proxy by Buzzfeed[0]
I really like Buzzfeed's SSO implementation, but it hasn't received updates in a while and doesn't seem to be maintained to me. I could absolutely see OpenZiti replacing this for me.
I really like Wireguard and have absolutely no complaints with it -- but if OpenZiti could replace this as well and match the performance I get on Wireguard I would consider implementing it at home (and would probably be a happy enough customer to push for it at work).
One non-typical use-case I use Wireguard for is being able to do remote game streaming to my Windows hosts via Moonlight+Nvidia Gamestream. Would anyone be able to (anecdotally or scientifically), share how well a use-case like this would work with OpenZiti?
[0] https://github.com/buzzfeed/sso
-
Libredirect – Redirect social media and websites to privacy friendly front ends
In addition to this suggestion, another viable route is to self-host those applications you rely on and don't expose them to the world (so as to reduce load/attack surface). Using a VPN can allow you to access the applications privately/remotely.
e.g. I self-host the applications I rely on such as Teddit, Nitter, Bibliogram and Cloudtube and then use Wireguard to always remain connected to the network they are accessible on. I have also implemented identity-aware SSO[1] so I can expose those applications remotely to specific individuals.
[1] https://github.com/buzzfeed/sso
-
Add Password Protection to Any Site with OAuth2 Proxy - Plus Social Logins
If oauth2-proxy doesn't suit your needs, there are some projects that have spun-off from oauth2-proxy like pomerium and BuzzFeed's sso. In addition to the open source library, Pomerium offers a paid service with a GUI to help IT staff more easily manage user permissions. BuzzFeed's sso builds upon oauth2-proxy by separating the domain used for auth from the domain used for the proxy (among several other changes).
-
Introduction to Zero Trust on AWS ECS Fargate
SSO to the rescue!
-
Web proxy (Bastion ?) to access Website in "private" network.
https://github.com/buzzfeed/sso - Google only
oauth2-proxy-blog
-
Add Password Protection to Any Site with OAuth2 Proxy - Plus Social Logins
I forked the oauth2-proxy repository and made a few changes so that you can deploy a working example to Render for free.
What are some alternatives?
vouch-proxy - an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
traefik - The Cloud Native Application Proxy
Pomerium - Pomerium is an identity and context-aware reverse proxy for zero-trust access to web applications and services.
zitadel - Cloud-native Identity & Access Management solution providing a platform for secure authentication, authorization and identity management.
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
Ory Hydra - OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
zitadel - ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
farside - A smart redirecting gateway for various frontend services
express-hello-world - Express Hello World Example on Render https://render.com