OAuth token validation from HAProxy or Apache mod

I have a microservice deployed on 3 nodes sitting behind a HAProxy load balancer all inside internal network. The services are protected using OAuth2 APIS authorization server. Now, I want to move the HAProxy to DMZ. And I want to reject requests that do not have auth token in the header and also validate the auth token by calling OAuth REST API.

In HAProxy I couldn't find a way to do this. There is an option httpchk which can be used for healthcheck. I'm looking for a similar feature that can be used to validate each incoming request.

Can anyone please help suggest me on how to implement this using HAProxy or Apache mod_proxy?

---

There's the Apache module mod_auth_openidc that would allow you to validate OAuth 2.0 tokens against an Authorization Server, see: https://github.com/pingidentity/mod_auth_openidc. That module can be combined with mod_proxy to achieve what you are looking for.

链接地址: http://www.djcxy.com/p/62732.html

上一篇: 只将一个域的流量重定向到https和其他域

下一篇: 来自HAProxy或Apache mod的OAuth令牌验证