auth_request /oauth2/auth;
error_page 401 = /oauth2/sign_in;

auth_request_set $user $upstream_http_x_auth_request_user;
auth_request_set $email $upstream_http_x_auth_request_email;
auth_request_set $auth_cookie $upstream_http_set_cookie;
proxy_set_header remote_user $email;
proxy_set_header X-User $email;
proxy_set_header X-Email $email;

add_header Set-Cookie $auth_cookie;

proxy_intercept_errors on;