proxy: ask for pb_proxy scope, set authorization header if enabled

proxy/pkg/server/api.go

@@ -51,6 +51,7 @@ func getCommonOptions() *options.Options {
 	commonOpts.Logging.SilencePing = true
 	commonOpts.SetXAuthRequest = true
 	commonOpts.SetAuthorization = false
+	commonOpts.Scope = "openid email profile pb_proxy"
 	return commonOpts
 }
 

proxy/pkg/server/api_bundle.go

@@ -125,6 +125,12 @@ func (pb *providerBundle) Build(provider *models.ProxyOutpostConfig) {
 		os.Exit(1)
 	}
 
+	if *&provider.BasicAuthEnabled {
+		oauthproxy.SetBasicAuth = true
+		oauthproxy.BasicAuthUserAttribute = provider.BasicAuthUserAttribute
+		oauthproxy.BasicAuthPasswordAttribute = provider.BasicAuthPasswordAttribute
+	}
+
 	pb.proxy = oauthproxy
 	pb.Handler = chain.Then(oauthproxy)
 }