oidc_frontend_backend.conf

# -----------------------------------------------------------------------------#
#                                                                              #
#               Sample Configuration: Frontend Site, Backend App               #
#                       (for Open ID Connect workflow)                         #
#                                                                              #
# -----------------------------------------------------------------------------#

# Custom log format to include the 'sub' claim in the REMOTE_USER field.
#
log_format oidc_jwt '$remote_addr - $jwt_claim_sub [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" "$http_user_agent" '
                    '"$http_x_forwarded_for"';

# Sample upstream server for the frontend site.
#
upstream my_frontend_site {
    zone my_frontend_site 64k;
    server 127.0.0.1:9091;
}

# Sample upstream server for the backend app.
#
upstream my_backend_app {
    zone my_backend_app 64k;
    server 127.0.0.1:9092;
}

# Sample frontend/api server - to test multi IdPs per server
#
server {
    listen 30443 ssl;
    server_name nginx.oidc-multi-idps.test;

    # sample frontend/backend configuration for OIDC workflow
    include conf.d/oidc_common_frontend_backend.conf;
}

## <LB> ---  dev.xxx.com -> Amozon-cognito
##          prod.xxx.com -> Keycloak

## first proxy: dev server
server {
    listen 31443 ssl;
    server_name dev.xxx.com;

    # sample frontend/backend configuration for OIDC workflow
    include conf.d/oidc_common_frontend_backend.conf;
}

## first proxy: production server
server {
    listen 32443 ssl;
    server_name prod.xxx.com;

    # sample frontend/backend configuration for OIDC workflow
    include conf.d/oidc_common_frontend_backend.conf;
}

# vim: syntax=nginx