mirror of
https://github.com/awslabs/amazon-bedrock-agentcore-samples.git
synced 2025-09-08 20:50:46 +00:00
6b02c0c482
* Update AWS operations agent configuration and documentation - preserve local changes * Update AWS operations agent README.md * Update OKTA OpenID PKCE setup documentation * Update OKTA authentication configuration and nginx setup * Update OKTA OpenID PKCE setup documentation --------- Co-authored-by: name <alias@amazon.com>
72 lines
2.2 KiB
Plaintext
72 lines
2.2 KiB
Plaintext
server {
|
|
listen 8080;
|
|
server_name localhost;
|
|
|
|
# Root set to okta-auth directory to serve iframe-oauth-flow.html
|
|
# UPDATE THIS PATH: Replace with your actual project path + /okta-auth
|
|
root /path/to/your/AWS-operations-agent/okta-auth;
|
|
index iframe-oauth-flow.html;
|
|
|
|
# Security headers for OIDC
|
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
|
add_header X-Content-Type-Options "nosniff" always;
|
|
add_header X-XSS-Protection "1; mode=block" always;
|
|
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
|
|
|
|
# CORS headers for Okta integration
|
|
add_header Access-Control-Allow-Origin "https://*.okta.com" always;
|
|
add_header Access-Control-Allow-Methods "GET, POST, OPTIONS" always;
|
|
add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept" always;
|
|
add_header Access-Control-Allow-Credentials "true" always;
|
|
|
|
# Main location - serve iframe-oauth-flow.html
|
|
location / {
|
|
try_files $uri $uri/ =404;
|
|
|
|
# Cache static assets
|
|
location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg)$ {
|
|
expires 1y;
|
|
add_header Cache-Control "public, immutable";
|
|
}
|
|
}
|
|
|
|
# Location block for okta-auth route
|
|
location /okta-auth {
|
|
# UPDATE THIS PATH: Replace with your actual project path + /okta-auth
|
|
alias /path/to/your/AWS-operations-agent/okta-auth;
|
|
try_files $uri $uri/ /okta-auth/iframe-oauth-flow.html;
|
|
|
|
# Set index for this location
|
|
location = /okta-auth {
|
|
return 301 /okta-auth/;
|
|
}
|
|
|
|
location = /okta-auth/ {
|
|
try_files /iframe-oauth-flow.html =404;
|
|
}
|
|
}
|
|
|
|
# Health check
|
|
location /health {
|
|
access_log off;
|
|
return 200 "healthy\n";
|
|
add_header Content-Type text/plain;
|
|
}
|
|
|
|
# Error pages
|
|
error_page 404 /404.html;
|
|
error_page 500 502 503 504 /50x.html;
|
|
|
|
location = /404.html {
|
|
root /usr/share/nginx/html;
|
|
}
|
|
|
|
location = /50x.html {
|
|
root /usr/share/nginx/html;
|
|
}
|
|
|
|
# Logging
|
|
access_log /var/log/nginx/okta-local.access.log;
|
|
error_log /var/log/nginx/okta-local.error.log;
|
|
}
|