authorization access-control social-authentication

What is the simplest way to restrict access to a static website using social auth

I have a static website composed of HTML/CSS/JavaScript files. The website is automatically generated and updated frequently.

Instead of authorizing access to the website with a username/password (basic auth), I would like to have users authenticate using Google Sign-in/openID Connect, and then control access via a whitelist of gmail addresses.

What is the simplest way to set this up?

Solution

I ended up using oauth2_proxy which is exactly what I was looking for.

I configured to do the following:

oauth2_proxy listens on 0.0.0.0:443
When a user connects, the Google sign-in flow is initiated
After sign-in, it validates the user's email address against a whitelist
After successful validation, oauth2_proxy proxies the request to an upstream nginx server listening on 127.0.0.1:8080

User.Identity.IsAuthenticated is false in a non-auth methods after successful login in asp.net core
How to allow multiple accounts on the same browser in flask?
How do I solve audience (aud) invalid claim error for downstream api service?
User not Signed in after SignInManager.PasswordSignInAsync method Call
Proper design for th Keycloak auth with APIs and UI
Blazor Server App error when logging out after adding authorize attribute
Authorize(Roles = ...) not working on ASP.NET Core 6 microservice
Authentication header not reaching server in React & NodeJS app after deploying on server
Jwt priority HttpOnly Cookie versus Authorisation bearer
How to make Amazon AWS API call from Java?
Cant get claims in authorization handler
Role based authorization using Keycloak and .NET core
Login User Data Persistent
Token storage contains no authentication token and denyAccessUnlessGranted()
How can Authorization Code Flow with PKCE be more secure than Authorization Code Flow without client_secret
JWT Token still accepted after expiry Spring Boot 3.2 OAuth2 resource server
How to solve Windows security window prompt for authorization failed in ASP.NET MVC
How to generate access token using refresh token through google drive API?
<AuthorizeView> not recognizing role claim
twitter authorization using php Http_request
Authorize actions in command handler
Listing the Tables in the Storage Account using ADF Web Activity is failed with an authorization error
Magento REST api authentication
ASP.NET 8 Windows Authentication combined with custom policy authorization results in HandleRequirementAsync() being called twice for every request
Issues with Spotify OAuth - not opening auth dialog, instantly redirecting back to my frontend
When authorizing with the Android Authorization API, how can I prevent the permission confirmation popup from appearing every time?
How can I authenticate user token in Angular Guard if I am using Http-Only?
.NET 8 Blazor Server - role authorization with Windows Authentication
Require authenticated user in asp.net core but require custom policy in some actions require custom policy
How to define the basic HTTP authentication using cURL correctly?