Home: Add a brief description of the behavior (#794)

* Home: Add a brief description of the behavior I could not find this information anywhere and think it is quite important for understanding how to use and configure the proxy for different use cases. (Especially the Ajax part is not mentioned anywhere else I believe.) I tried to keep it general enough so that it won't need updating often yet useful enough to have good value :) * Update docs/0_index.md Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-10-05 11:34:42 +02:00 · 2020-10-05 11:34:42 +02:00 · 3d203a1a03
commit 3d203a1a03
parent dc7dbc5d28
1 changed files with 9 additions and 0 deletions
--- a/docs/0_index.md
+++ b/docs/0_index.md
@ -21,3 +21,12 @@ A list of changes can be seen in the [CHANGELOG]({{ site.gitweb }}/CHANGELOG.md)
 ## Architecture

 ![OAuth2 Proxy Architecture](https://cloud.githubusercontent.com/assets/45028/8027702/bd040b7a-0d6a-11e5-85b9-f8d953d04f39.png)
+
+## Behavior
+
+1. Any request passing through the proxy (and not matched by `--skip-auth-regex`) is checked for the proxy's session cookie (`--cookie-name`) (or, if allowed, a JWT token - see `--skip-jwt-bearer-tokens`). 
+2. If authentication is required but missing then the user is asked to log in and redirected to the authentication provider (unless it is an Ajax request, i.e. one with `Accept: application/json`, in which case 401 Unauthorized is returned)
+3. After returning from the authentication provider, the oauth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set
+4. The request is forwarded to the upstream server with added user info and authentication headers (depending on the configuration)
+
+Notice that the proxy also provides a number of useful [endpoints](/oauth2-proxy/endpoints).