Aaron Parecki

57°F

Jesse Cooke https://twitter.com/jc00ke • Jul 23
I used https://github.com/oauth2-proxy/oauth2-proxy in front of S3 years ago, worked quite well.

I just found a tutorial on deploying that on Heroku which is currently at the top of my list!

Portland, Oregon • 83°F

2 likes 1 reply

Fri, Jul 23, 2021 3:48pm -07:00
Jason Lengstorf https://twitter.com/jlengstorf • Jul 23
can you say more about what the ideal workflow is? if you can set a cookie, you can allow/deny access based on cookie presence https://docs.netlify.com/routing/redirects/redirect-options/#redirect-by-cookie-presence

I followed a few links from there and it looks like possibly this is the answer?

https://docs.netlify.com/visitor-access/role-based-access-control/#external-providers

Portland, Oregon • 83°F

3 replies

Fri, Jul 23, 2021 3:40pm -07:00
Jo Wouters https://twitter.com/jowouters • Jul 23
Have you tried Snippet Injection? https://docs.netlify.com/site-deploys/post-processing/snippet-injection/ You could inject the Identity code in your static code https://identity.netlify.com/

That won't work, I need to prevent access to the files entirely if the user isn't logged in.

Portland, Oregon • 83°F

1 like 3 replies

Fri, Jul 23, 2021 3:37pm -07:00
Jason Lengstorf https://twitter.com/jlengstorf • Jul 23
can you say more about what the ideal workflow is? if you can set a cookie, you can allow/deny access based on cookie presence https://docs.netlify.com/routing/redirects/redirect-options/#redirect-by-cookie-presence

Ideally I'd have something like a Netlify function run on every incoming request to check the presence of a cookie, validate it, and based on the result, either send an HTTP redirect to start an OIDC flow, or return the static file requested.

Portland, Oregon • 83°F

5 replies

Fri, Jul 23, 2021 3:32pm -07:00
Bertrand Carlier https://twitter.com/bertrandcarlier • Jul 23
mod_auth_openidc for Apache or nginx equivalent by the excellent @hanszandbelt?

Those and https://github.com/vouch/vouch-proxy are on my list, but require that I run an nginx/Apache server somewhere, and ideally I'd be able to deploy this on something that doesn't require a full VM. That's my backup plan tho.

Portland, Oregon • 83°F

2 likes

Fri, Jul 23, 2021 3:30pm -07:00
Jeremy Fiel https://twitter.com/jeremyfiel • Jul 23
If you can't modify it, how do you have access to deploy it somewhere else?

It's a static site, so it's a pile of files. I can push those files around as much as I want, but changing them is not really feasible

Portland, Oregon • 83°F

Fri, Jul 23, 2021 3:29pm -07:00
Jeremy Fiel https://twitter.com/jeremyfiel • Jul 23
Netlify @cassidoo @jlengstorf can help

I have spent no joke like 4 hours trying to do this on @netlify already today and cannot for the life of me figure it out

Portland, Oregon • 83°F

1 like 17 replies

Fri, Jul 23, 2021 3:21pm -07:00
certified post-corporate hellscape solutions https://twitter.com/4c4d • Jul 23
Google, Azure, AWS all have the concept of the identity aware proxy, which is something that inspects the jwt/token and denies access if it's not valid. I've used GCP's, and it's pretty well featured, but the other providers should be reasonable as well (it's a common feature)

That's exactly what I want, but is there anything lighter weight than those platforms? It feels way overkill. I can't find a corresponding feature in Netlify or Heroku for example though.

Portland, Oregon • 83°F

8 replies

Fri, Jul 23, 2021 3:20pm -07:00
okay Internet, I need your suggestions:

I have a static website that I can't modify, and I want to host it on some platform that I can tie to an arbitrary OpenID Connect provider so that only certain people can access it.

What's the easiest way to do this?

Portland, Oregon • 83°F

13 likes 7 reposts 47 replies

Fri, Jul 23, 2021 3:16pm -07:00 #oauth #openid
Christina Warren https://twitter.com/film_girl

OK, so this is actually a super interesting article but the first sentence really threw me for a loop. Like it’s *technically* true but…https://engineering.fb.com/2021/07/22/data-infrastructure/mysql/

Portland, Oregon • 77°F

Thu, Jul 22, 2021 6:44pm +00:00 (liked on Thu, Jul 22, 2021 7:20pm -07:00)
Francesco Gabaglio https://twitter.com/fragabaglio

If you've ever listened to a podcast, you've used RSS. Well, except if you use spotify

Portland, Oregon • 79°F

Thu, Jul 22, 2021 8:32pm +00:00 (liked on Thu, Jul 22, 2021 3:53pm -07:00)
Dear Whole Foods aka Amazon. You know my entire grocery shopping history, you know how much tofu I buy, so why on earth would you think it's appropriate to send me ads for ground beef? #vegetarian #ads

Portland, Oregon • 62°F

16 likes 1 repost 7 replies

Thu, Jul 22, 2021 10:23am -07:00 #amazon #vegetarian #ads
Jason Perlow https://twitter.com/jperlow

https://twitter.com/jperlow/status/1416161842280509442

Portland, Oregon • 58°F

Fri, Jul 16, 2021 10:24pm +00:00 (liked on Thu, Jul 22, 2021 8:29am -07:00)
The great thing about 3D modeling on an iPad is that you can go bike up a mountain and sit by the water and put the finishing touches on a design. Thanks @shapr3dapp!

Portland, Oregon

Tue, Jul 20, 2021 9:56pm -07:00
at Mt. Tabor Park

Portland, Oregon • Tue, July 20, 2021 7:38pm

45.512723 -122.59429

Portland, OR, United States • 73°F

anomalily.world

1 like 2 replies 26 Coins

Tue, Jul 20, 2021 7:38pm -07:00 #brompton
Lillian Karabaic https://twitter.com/anomalily

Come for a nice little fancy dress bike picnic tonight on the Odd Tuesday Outing! 3.8 mile ride, ends at Tabor. I'm planning on bringing a campstove to make turkish coffee!
Leaves colonel summers at 6:30 - meet by the water fountains!

Portland, Oregon • 78°F

Tue, Jul 20, 2021 6:46pm +00:00 (liked on Tue, Jul 20, 2021 6:30pm -07:00)
alispivak https://twitter.com/alispivak

Fun fact: since starting at @okta I’ve learned SO much from @aaronpk! His workshops & talks cover really complex topics in a way that makes sense, even to someone like me who (I’m ashamed to admit) barely writes code any more. This is a good intro:

https://www.youtube.com/watch?v=8aCyojTIW6U

Portland, Oregon • 76°F

Tue, Jul 20, 2021 9:23pm +00:00 (liked on Tue, Jul 20, 2021 2:27pm -07:00)
alispivak https://twitter.com/alispivak

OAuth is a foundational technology that is used pretty much everywhere. @aaronpk
& @vibronet will give a don’t-miss talk on OAuth & OpenID Connect.These two are such experts and have a great vibe (check out a OAuth Happy Hour to see what I mean)!

https://www.okta.com/developerday

Portland, Oregon • 64°F

Tue, Jul 20, 2021 5:17pm +00:00 (liked on Tue, Jul 20, 2021 10:21am -07:00)
James Q Quick https://twitter.com/jamesqquick

90% of content creation comes from realizing that people can benefit from the shit that’s in your head

Portland, Oregon • 82°F

Mon, Jul 19, 2021 11:58pm +00:00 (liked on Mon, Jul 19, 2021 7:15pm -07:00)
Shadow of Hal https://twitter.com/SandpiperFax

Lol wat

• 84°F

Mon, Jul 19, 2021 1:31pm +00:00 (liked on Mon, Jul 19, 2021 2:39pm -07:00) #covid #vaccine

older