fix: add .well-known endpoints to envoy config (#1255)

* fix: add .well-known endpoints to envoy config * fix: add ./well-known endpoints to aio kong * chore: fix formatting * fix: increase max_program_size for regex
supabase · Oct 3, 2024 · 7295fc0 · 7295fc0
1 parent 9b64ef3
commit 7295fc0
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/ansible/files/envoy_config/lds.yaml b/ansible/files/envoy_config/lds.yaml
@@ -254,8 +254,10 @@ resources:
                               type.googleapis.com/envoy.extensions.filters.http.rbac.v3.RBACPerRoute
                       - match:
                           safe_regex:
+                            google_re2:
+                              max_program_size: 150
                             regex: >-
-                              /auth/v1/(verify|callback|authorize|sso/saml/(acs|metadata|slo))
+                              /auth/v1/(verify|callback|authorize|sso/saml/(acs|metadata|slo)|\.well-known/(openid-configuration|jwks\.json))
                         route:
                           cluster: gotrue
                           regex_rewrite:

diff --git a/docker/all-in-one/etc/kong/kong.yml b/docker/all-in-one/etc/kong/kong.yml
@@ -27,6 +27,12 @@ services:
       routes: [{ name: auth-v1-open-saml, strip_path: true, paths: [/auth/v1/sso/saml/] }],
       plugins: [{ name: cors }],
     }
+  - {
+      name: auth-v1-open-well-known,
+      url: 'http://localhost:9999/.well-known/',
+      routes: [{ name: auth-v1-open-well-known, strip_path: true, paths: [/auth/v1/.well-known/] }],
+      plugins: [{ name: cors }],
+    }
   - {
       name: auth-v1,
       url: 'http://localhost:9999/',