AuthProxy - An Authenticating Gateway, written in Go.
What is AuthProxy?
AuthProxy started as a side of desk project, implementing two-legged OAuth 2.0 support for AD FS, but quickly grew
to be much more than that. The AuthProxy is an attempt to implement something similar to Google’s BeyondCorp, which
is covered by three papers here [add papers].
Ater the initial OAuth 2.0 development, it quickly transpired that BeyondCorp prescribes awareness of much more than
user identity alone. It prescribes a secure Transport Layer Security implementation, as well as device authentication
(even basic mutual TLS auth) was also required. Ideally though the device authentication is backed by some device
directory which stores lots of information about the devices and their level of trust.
Installation and Configuration
For Installation and Configuration notes for running authproxy in production, please see our wiki