I'm facing an issue with oauth2 proxy and Ingress Nginx (with the latest versions) in a Kubernetes cluster where the X-Auth-Request headers are not being passed through to the client during the standard oauth authentication flow. I'm specifically using Azure as the auth provider.
Here's the relevant portion of my oauth Proxy configuration:
pass_access_token = true
pass_authorization_header = true
pass_user_headers = true
set_xauthrequest = true
When I explicitly call /oauth2/auth, I get the headers as expected. However, during the standard OAuth2 auth flow, none of the headers are returned with any request.
This situation is somewhat similar to another question here: Oauth2-Proxy do not pass X-Auth-Request-Groups header, but in my case, I'm not receiving any of the X-Auth-Request headers, except when I call /oauth2/auth directly.
I've also tried adding the following snippet to my application Ingress configuration with no luck:
nginx.ingress.kubernetes.io/configuration-snippet: |
auth_request_set $email $upstream_http_x_auth_request_email;
access_by_lua_block {
if ngx.var.email ~= "" then
ngx.req.set_header("X-Auth-Request-Email", ngx.var.email)
end
}
I've gone through multiple configurations, read numerous blog posts, and scoured GitHub issues, but haven't been able to resolve this issue. Does anyone have any insights into what could be causing this behavior?