CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-18 23:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

connect

Browse Source
This commit is contained in:
Jason Ertel
2024-10-24 15:45:18 -04:00
parent d9273ec369
commit d503c09ef2
2 changed files with 35 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/nginx/etc/nginx.conf
View File

@@ -220,8 +220,7 @@ http {
}
{% if 'api' in salt['pillar.get']('features', []) %}
location /connect/token {
rewrite /connect/token(.*) /oauth2/token$1 break;
location ~* (^/oauth2/token.*|^.well-known/jwks.json|^.well-known/openid-configuration) {
limit_req zone=auth_throttle burst={{ NGINXMERGED.config.throttle_login_burst }} nodelay;
limit_req_status 429;
proxy_pass http://{{ GLOBALS.manager }}:4444;
@@ -234,10 +233,11 @@ http {
proxy_set_header X-Forwarded-Proto $scheme;
}
location /connect/api {
location /connect/ {
if ($http_authorization !~ "Bearer .*") {
return 403;
}
rewrite /connect/(.*) /api/$1 break;
proxy_pass http://{{ GLOBALS.manager }}:9822/;
proxy_read_timeout 300;
proxy_connect_timeout 300;