Might there be any way to pass along the OIDC access token that ShinyProxy gets during authentication along to the R Shiny applications launched by that user? E.g. perhaps similar to SHINYPROXY_USERNAME and SHINYPROXY_USERGROUPS environment variables, there could be a SHINYPROXY_OIDC_TOKEN or some such?
We potentially want the R Shiny applications to authenticate against an API using that token.
(edit: earlier I said ID token; I meant the access token.)
Thanks,
Hi @brasie,
Yes, that makes sense. Could you create a feature request on https://github.com/openanalytics/shinyproxy/issues ?
Sure @fmichielssen, here it is: https://github.com/openanalytics/shinyproxy/issues/86
Thanks for considering it!
Hi @brasie,
ShinyProxy 2.0.3 (https://www.shinyproxy.io/downloads/) will make the access token available as an environment variable SHINYPROXY_OIDC_ACCESS_TOKEN.
Thanks again for the suggestion!
Best,
Tobias
Cool! I haven’t gotten a chance to use it yet, but I’ll let you know.
Thanks again,
@brasie Could you please share an example of how you used the OIDC token. I’m also interested in fulling the profile of the user from the shiny app.
We have now successfully used the passed token to authenticate with our local API, so thanks for that!
@gbisschoff Sorry for the slow reply.
I’m afraid there isn’t much to share… at this point it is just adding it as the of a "Authorization: Bearer " header in a curl or httr call within the R code. E.g. for an authenticated call to url:
httr::GET(
url,
httr::add_headers(Authorization = paste("Bearer", Sys.getenv("SHINYPROXY_OIDC_ACCESS_TOKEN")))
)