go 버전업 && ory 설정파일들 자동 생성 스크립트 추가

docker/ory/oathkeeper/oathkeeper.yml.template

@@ -0,0 +1,69 @@
+serve:
+  proxy:
+    port: 4455
+  api:
+    port: 4456
+
+log:
+  level: info
+  format: json
+
+errors:
+  fallback:
+    - json
+
+access_rules:
+  repositories:
+    - file:///tmp/oathkeeper/rules.active.json
+
+authenticators:
+  noop:
+    enabled: true
+  cookie_session:
+    enabled: true
+    config:
+      check_session_url: http://kratos:4433/sessions/whoami
+      preserve_path: true
+      extra_from: "@this"
+      subject_from: "identity.id"
+  oauth2_introspection:
+    enabled: true
+    config:
+      introspection_url: http://hydra:4444/oauth2/introspect
+      pre_authorization:
+        enabled: true
+        client_id: ${OATHKEEPER_INTROSPECT_CLIENT_ID:-oathkeeper-introspect}
+        client_secret: ${OATHKEEPER_INTROSPECT_CLIENT_SECRET:-oathkeeper-secret}
+        token_url: http://hydra:4444/oauth2/token
+  jwt:
+    enabled: true
+    config:
+      jwks_urls:
+        - http://hydra:4444/.well-known/jwks.json
+      trusted_issuers:
+        - http://hydra:4444/
+      scope_strategy: none
+
+authorizers:
+  allow:
+    enabled: true
+  remote_json:
+    enabled: true
+    config:
+      remote: http://keto:4466/check
+      payload: |
+        {
+          "namespace": "permissions",
+          "object": "{{ print .Request.URL.Path }}",
+          "relation": "access",
+          "subject_id": "{{ print .Subject }}"
+        }
+
+mutators:
+  noop:
+    enabled: true
+  id_token:
+    enabled: true
+    config:
+      issuer_url: http://127.0.0.1:4456/
+      jwks_url: file:///etc/config/oathkeeper/jwks.json