Rather than directly fetching and verifying OAuth assertions, assume
that the app is running behind an authenticating proxy, and trust
headers that are set by the proxy.
- add config support for an "authbackend" directive, supporting either
"oauth" or "proxy" as values; the "proxy" setting selects our new codepath
- add initProxyAuth and proxyAuthMiddleware methods to the Handler struct
- rename authMiddleWare to oAuthMiddleware in the Handler struct
- construct a faked auth.JWTClaims object when in proxy mode
- update Handler.handleAuthCheck() to return useful info in proxy mode
- add a fallback user icon for proxy mode
- implement check for proxy mode in index.js
See for example and reference:
https://cloud.google.com/iap/docs/identity-howtohttps://cloud.google.com/beyondcorp/
- add a redis store implementing stores.Storage
- add config file support to pick a storage backend
- add config file support to set redis host:port and password
- add docker_releases to .gitignore
- update README to mention redis support
- update example config.yaml
memory