Using Custom OAuth Client iRules

Question

How do I use iRules with OAuth Server Profile?  What are the valid events that will fire to trigger execution.  Products docs just say "attach and iRule if you want customization".&nbsp;
https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-sso-13-1-0/37.html
Under heading "Configuring OAuth servers for APM as a client"&nbsp;

nikoolayy1 · Answer

Good question that still does not have an answer 🙂
&nbsp;

john · Answer

So, we noticed that the oAuth server calls out to check token with the provider didn't include SNI in the clienthello in TLS handshake.&nbsp; There is an option of course on the oAuth server to select a serverside ssl profile where we can set SNI, but we wanted it to be dynamic.&nbsp; We already use a SNI inject irule (https://my.f5.com/manage/s/article/K41600007), so just tried applying that iRule to the oAuth server and found it works!&nbsp; So the HTTP_REQUEST and&nbsp;SERVERSSL_CLIENTHELLO_SEND are valid.

Forum Discussion

Using Custom OAuth Client iRules

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

iRule for custom traffic flow

iRule to hide URI from client side

Using iRule to prompt for Client SSL Cert

Custom error page iRule with IP address filtering

Custom Header Monitor UDP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS