| It is more difficult and potentially not possible in OSD due to permissions to validate a OAuth session in another pod. It requires the auth-delegator role binding which requires cluster level permissions to add. If our server, serves the UI, the UI and server will be on the same host and the OAuth proxy sidecar will automatically work for the API routes as the session cookie from UI login will be sent on the HTTP requests to our API. This means we will no be creating a new repo for the UI and it will be added and served from our Go server. All of this was based on this readme - https://github.com/openshift/oauth-proxy#delegate-authentication-and-authorization-to-openshift-for-infrastructure and conversations with both Peter Braun and David Martin. |