yegle

Looks like Google's BeyondCorp: https://cloud.google.com/beyondcorp. If you are on GCP, you can already use it https://cloud.google.com/iap to protect your HTTP and TCP backend.

This is not something new. The earliest open source project that I can recall is https://github.com/bitly/oauth2_proxy (albeit it might be missing the part where proxy passing identity to the backend).

Pomerium is another open source project that's actively maintained. I've been using it as a reverse proxy to all my homelab websites (grafana, miniflux etc). I can now safely access all of these internal resources from outside of my home WiFi with automated SSL certificate configuration and renewal.

You can theoretically protect your SSH connection via these IAP proxies, using the Chrome SSH extension and open source SSH relay implementation like https://github.com/zyclonite/nassh-relay (but I personally haven't tried that).

Disclaimer: I work for Google and am a casual contributor to the Pomerium project.

look_lookatme

You can use https://github.com/cloudflare/nginx-google-oauth to do this with nginx too.

tehalex
I've used this before & it was great - however both this and the bitly oauth2 proxy linked about are archived.

https://github.com/oauth2-proxy/oauth2-proxy is a maintained fork.