diff --git a/Dockerfile b/Dockerfile
index 3174dfb825456907152daad63ce85de52f44e4c8..4b60294d239195c251f88481b774cf81313947fb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,3 +1,15 @@
 FROM ubuntu/apache2
-RUN sed -i 's#<Directory /var/www/>#<Directory /var/www/>\n        Header set Access-Control-Allow-Origin "*"#g' /etc/apache2/apache2.conf
+RUN apt update && apt install --no-install-recommends -y libapache2-mod-oauth2 && apt-get clean && rm -rf /var/lib/apt/lists/*
 RUN a2enmod headers
+RUN a2enmod oauth2
+RUN sed -i 's#Require all granted#Require valid-user#g' /etc/apache2/apache2.conf
+RUN sed -i 's#<Directory /var/www/>#<Directory /var/www/>\n        OAuth2TokenVerify introspect \${TOKEN_ENDPOINT} introspect.ssl_verify=false\&introspect.auth=client_secret_basic\&client_id=\${CLIENT_ID}\&client_secret=\${CLIENT_SECRET}#g' /etc/apache2/apache2.conf
+RUN sed -i 's#<Directory /var/www/>#<Directory /var/www/>\n        AuthType oauth2#g' /etc/apache2/apache2.conf
+RUN sed -i 's#<Directory /var/www/>#<Directory /var/www/>\n        Header set Access-Control-Allow-Origin "*"#g' /etc/apache2/apache2.conf
+RUN sed -i 's#<Directory /var/www/>#<Directory /var/www/>\n        SetEnv TOKEN_ENDPOINT ${TOKEN_ENDPOINT}#g' /etc/apache2/apache2.conf
+RUN sed -i 's#<Directory /var/www/>#<Directory /var/www/>\n        SetEnv CLIENT_ID ${CLIENT_ID}#g' /etc/apache2/apache2.conf
+RUN sed -i 's#<Directory /var/www/>#<Directory /var/www/>\n        SetEnv CLIENT_SECRET ${CLIENT_SECRET}#g' /etc/apache2/apache2.conf
+RUN echo 'export TOKEN_ENDPOINT=${TOKEN_ENDPOINT}' >> /etc/environment && \
+    echo 'export CLIENT_ID=${CLIENT_ID}' >> /etc/environment && \
+    echo 'export CLIENT_SECRET=${CLIENT_SECRET}' >> /etc/environment
+RUN echo ". /etc/environment" >> /etc/apache2/envvars
diff --git a/README.md b/README.md
index 2bf02be1129df8760362f298a55607f819f687b4..609ccd50e26bb20b4de0c0dc9de5d58f6dc4bbaf 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,2 @@
-# Apache2 CORS
+# Apache2 CORS + OAuth2