The other day at work I had a prospect asking about a reverse proxy they could set up for a POC. One of the use cases was to protect a legacy application that couldn’t be updated.

To make it easy for them I set up a Dockerfile and config for use with OpenResty, connection to Auth0 with OIDC. The following is based on the guidance in this post as well as the lua-resty-openidc docs.

Here’s an example that proxies requests to a server while requiring authentication through Auth0:

Testing With Docker

Using the above files you can test proxying an application through Auth0. Clients connect through the proxy and are redirected to Auth0 to complete the authentication process if they aren’t already authenticated.

Modify the nginx configuration

After setting up the application to proxy to in Auth0, update the nginx.conf with the following:

  • <AUTH0_TENANT_DOMAIN> - your Auth0 tenant’s domain (found in tenant settings)
  • <AUTH0_CLIENT_ID> - the client ID of the application in Auth0
  • <AUTH0_CLIENT_SECRET> - the client secret of the application in Auth0
  • <URL_TO_REDIRECT_AFTER_LOGOUT> - URL to redirect to after logging out of Auth0
  • <URI> - the URI of the application you want to proxy to

Build the Docker image

docker build -t authproxy .

Run the Docker image

docker run -d -it -p <LOCAL_PORT>:8080 -v $PWD/:/config -v /:/usr/share/nginx/html authproxy -c /config/nginx.conf

Replace <LOCAL_PORT> with the port on the host your proxy is running on.