OIDC authentication

[lovasoa]

Feature Request: implement signin using an external OIDC (oauth) povider such as Google, Microsoft, Apple, Auth0, keycloak...

keyword: SSO, single-sign-on

This is a follow-up on #12

[lovasoa]

OIDC is still not available natively, but since sqlpage.fetch is available, it is possible to implement it manually in SQLPage. I wrote a demo here: https://github.com/lovasoa/SQLpage/tree/main/examples/single%20sign%20on

[accforgithubtest]

If I have an LDAP solution (LLDAP) and SSO (Authelia) running, using a reverse proxy that is doing forward_auth, is it possible for me to capture the headers that the reverse proxy sends after authentication is successfully completed ?

I tried to capture the headers Remote-User, Remote-Groups, Remote-Name, Remote-Email by adding below sample to index.sql (of an already working sqlpage set up, but without any authentication)

select 'cookie' as component,
	'userEmail' as name,
	coalesce(sqlpage.header('Remote-Email'), '') as value;

But this doesn't seem to capture the information from the headers.
Can you pls guide / provide hints as to how I might be able to proceed ?

My current state is that LLDAP, Authelia are set up and working.
SQLPage has been working without any login/auth using caddy reverse proxy.

[Apologies if I am missing something simple, I am not a developer but just learning docker based set up for self-hosting as I go along]

[lovasoa]

Hi @accforgithubtest ! I think your problem comes from capitalizing the headers. sqlpage.header currently expects lower-case headers:

[accforgithubtest]

thanks for the reply @lovasoa !

Is there any specific reason sqlpage expects them to be lower case ?
Can this be enhanced to be case insensitive ?

Reason I ask is most examples I comes across online seem to be using a mix of all caps, mixed case, etc as well.
It would be good if case sensitivity was not an issue foe sqlpage headers ?

[lovasoa]

Yes, I just pushed a change to the header function. The next version won't require you to lower case the header name!

[accforgithubtest]

That is awesome ! thank you so much @lovasoa