NGINX return 403 for sign_in (#2322) (#2323)

Co-authored-by: Sven Ertel <sven.ertel@bayernwerk.de>

contrib/local-environment/nginx.conf

@@ -20,7 +20,7 @@ server {
 
   # If the auth_request denies the request (401), redirect to the sign_in page
   # and include the final rd URL back to the user's original request.
-  error_page 401 = http://oauth2-proxy.oauth2-proxy.localhost/oauth2/sign_in?rd=$scheme://$host$request_uri;
+  error_page 401 =403 http://oauth2-proxy.oauth2-proxy.localhost/oauth2/sign_in?rd=$scheme://$host$request_uri;
 
   # Alternatively send the request to `start` to skip the provider button
   # error_page 401 = http://oauth2-proxy.oauth2-proxy.localhost/oauth2/start?rd=$scheme://$host$request_uri;
@@ -54,7 +54,7 @@ server {
 
     # If the auth_request denies the request (401), redirect to the sign_in page
     # and include the final rd URL back to the user's original request.
-    error_page 401 = http://oauth2-proxy.oauth2-proxy.localhost/oauth2/sign_in?rd=$scheme://$host$request_uri;
+    error_page 401 =403 http://oauth2-proxy.oauth2-proxy.localhost/oauth2/sign_in?rd=$scheme://$host$request_uri;
 
     # Alternatively send the request to `start` to skip the provider button
     # error_page 401 = http://oauth2-proxy.oauth2-proxy.localhost/oauth2/start?rd=$scheme://$host$request_uri;

docs/docs/configuration/overview.md

@@ -371,7 +371,7 @@ server {
 
   location / {
     auth_request /oauth2/auth;
-    error_page 401 = /oauth2/sign_in;
+    error_page 401 =403 /oauth2/sign_in;
 
     # pass information via X-User and X-Email headers to backend,
     # requires running with --set-xauthrequest flag

docs/versioned_docs/version-7.5.x/configuration/overview.md

@@ -370,7 +370,7 @@ server {
 
   location / {
     auth_request /oauth2/auth;
-    error_page 401 = /oauth2/sign_in;
+    error_page 401 =403 /oauth2/sign_in;
 
     # pass information via X-User and X-Email headers to backend,
     # requires running with --set-xauthrequest flag