Description: oauth2_proxy is a reverse proxy with ability to authenticate with IdPs
Impact: streamlining user validation for cloud native infrastructure projects, by authentication support to external identity providers
Scope: User authentication. Overall scope definition need to be established upon further read on the project.
Few things to consider:
TO DO
Alternatives suggested:
https://github.com/buzzfeed/sso
@pragashj what exactly do you mean by "fitment"? Are you asking us to consider whether it should be a CNCF sandbox project (or similar)? Do we have any docs in our repo about us engaging with potential CNCF projects like this one?
I would like us to get clarity on
Allow project to present itself and educate the rest of the team about some of the above questions and anything else project wants to the team to know about.
changed to use-case / presentation for starters... @pragashj want to invite them to present? or also fine if you want to bring up at a meeting to discuss.
Personally, I like the idea of having multiple providers of cloud native authentication systems present. I don't have a good sense of the different projects in the space and would be great to know more. (And probably whatever we can do to map out the space for cloud native community that would likely be helpful!)
Hey, I'm a maintainer of the OAuth2 Proxy! I spoke with @monadic about proposing the project a few weeks back. Pusher adopted the OAuth2 Proxy from Bitly when they archived it about a year ago, always with the intention of attempting to donate it to somewhere that did not have corporate association
Since then we have been trying to improve the project, in particular, around docs and configuration as these were two topics that people were struggling with.
@monadic brought the topic up at a TOC meeting and there was some interest in looking into the project further from what I understand, the next thing I saw was this tweet which got a few responses talking about other projects that could also fit the same space
https://twitter.com/jbeda/status/1180899919130873856
I am happy to answer questions here or jump on one of the community calls (realise there's one on now, oops) to answer any questions about the project, I am keen to find out what we would need to do from a security perspective before we could propose it officially for adoption
Any suggestions on how to move forward appreciated 馃槃
Hey @JoelSpeed I mentioned on the call, and we would like to schedule a presentation at a sig-security meeting.
@justincormack Is there a list anywhere of the things you would like to get out of that presentation? Happy to prepare one if I know roughly what points I need to cover 馃檪
I think it would be helpful to provide at least an outline of some of the key points on our assessment list https://github.com/cncf/sig-security/blob/master/assessments/guide/outline.md as well as an overview of how it relates to other projects in the space (complements/alternatives).
Thanks @justincormack for the info, myself and the other maintainers are planning a meeting in the next couple of weeks so will hopefully prepare a presentation for the new year
CC @syscll @steakunderscore so you're in on this loop
This issue has been automatically marked as inactive because it has not had recent activity.