sequenceDiagram
participant User
participant Proxy
participant GitHub
participant App
User->>Proxy: Visits protected URL
Proxy->>User: 302 Redirect to GitHub login
User->>GitHub: GET /login
Note right of User: Includes headers:
Note right of User: - Accept: text/html
Note right of User: - Cookie: <github_cookies>
GitHub->>User: 200 OK with GitHub login page
User->>GitHub: POST /login with credentials
Note right of User: Includes headers:
Note right of User: - Content-Type: application/x-www-form-urlencoded
Note right of User: - Referer: https://github.com/login
GitHub->>User: 302 Redirect to OAuth2 Proxy
Note right of User: Includes headers:
Note right of User: - Location: https://proxy.example.com/oauth/callback
Note right of User: - Set-Cookie: <github_session_cookie>
User->>Proxy: GET /oauth/callback with code parameter
Note right of User: Includes headers:
Note right of User: - Cookie: <github_session_cookie>
Proxy->>GitHub: POST /login/oauth/access_token
Note right of Proxy: Includes headers:
Note right of Proxy: - Content-Type: application/x-www-form-urlencoded
Note right of Proxy: - Authorization: Basic <client_id:client_secret>
GitHub->>Proxy: 200 OK with access_token
Proxy->>App: GET /protected/resource
Note right of Proxy: Includes headers:
Note right of Proxy: - Authorization: Bearer <access_token>
Created
November 14, 2024 17:55
-
-
Save revolunet/7cb1ff6756d2d463d7cb1681301797c2 to your computer and use it in GitHub Desktop.
oauth2-proxy diagram
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment