-
-
Notifications
You must be signed in to change notification settings - Fork 242
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is there a way to do step up Auth? #484
Comments
From what I gather from mod_auth_openidc's docs |
thanks @bodewig , apologies if I was not clear enough in my question. I think my question was more around how would I force a redirect back to the OP for a specific path. is there something similar in lua-resty-openidc? |
There is no built-in way to achieve this. as you can not pass custom token validators to authenticate right now. This means you must perform the equivalent of the |
Say for a particular path MFA should be required.
For example if the location is /basic just authentication with username + password is enough but if a user accessed a location such as /special-access force a re authentication with a new redirect to the OP with enough information in the redirect to force a MFA. Once the MFA is complete redirect back to the /special-access location
NOTE: In the case of mod_oidc for apache there is a way with the require claim_expr to be able to do this but unsure of how to do that with lua resty!
The text was updated successfully, but these errors were encountered: