diff --git a/.gitignore b/.gitignore index 24acb65..50d93ea 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,5 @@ _cgo_export.* _testmain.go *.exe +dist +.godeps diff --git a/.travis.yml b/.travis.yml index 468e23c..09544e6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,9 +1,12 @@ language: go -install: - - go get github.com/bmizerany/assert - - go get github.com/bitly/go-simplejson - - go get github.com/mreiferson/go-options - - go get github.com/BurntSushi/toml +go: + - 1.2.2 + - 1.3.3 +script: + - curl -s https://raw.githubusercontent.com/pote/gpm/v1.3.1/bin/gpm > gpm + - chmod +x gpm + - ./gpm install + - ./test.sh notifications: email: false diff --git a/Godeps b/Godeps new file mode 100644 index 0000000..41bef4c --- /dev/null +++ b/Godeps @@ -0,0 +1,4 @@ +github.com/BurntSushi/toml 3883ac1ce943878302255f538fce319d23226223 +github.com/bitly/go-simplejson 3378bdcb5cebedcbf8b5750edee28010f128fe24 +github.com/mreiferson/go-options ee94b57f2fbf116075426f853e5abbcdfeca8b3d +github.com/bmizerany/assert e17e99893cb6509f428e1728281c2ad60a6b31e3 diff --git a/README.md b/README.md index 9594637..1e5d280 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,8 @@ individual accounts, or a whole google apps domain. [![Build Status](https://secure.travis-ci.org/bitly/google_auth_proxy.png?branch=master)](http://travis-ci.org/bitly/google_auth_proxy) +![sign_in_page](https://cloud.githubusercontent.com/assets/45028/4970624/7feb7dd8-6886-11e4-93e0-c9904af44ea8.png) + ## Architecture ``` @@ -22,8 +24,10 @@ individual accounts, or a whole google apps domain. ## Installation -1. [Install Go](http://golang.org/doc/install) -2. `$ go get github.com/bitly/google_auth_proxy`. This should put the binary in `$GOROOT/bin` +1. Download [Prebuilt Binary](https://github.com/bitly/google_auth_proxy/releases) or build from `master` with `$ go get github.com/bitly/google_auth_proxy` which should put the binary in `$GOROOT/bin` +2. Register an OAuth Application with Google +3. Configure Google Auth Proxy using config file, command line options, or environment variables +4. Deploy behind a SSL endpoint (example provided for Nginx) ## OAuth Configuration diff --git a/contrib/google_auth_proxy.cfg.example b/contrib/google_auth_proxy.cfg.example index fc7f883..1f4aded 100644 --- a/contrib/google_auth_proxy.cfg.example +++ b/contrib/google_auth_proxy.cfg.example @@ -41,4 +41,4 @@ # cookie_secret = "" # cookie_domain = "" # cookie_expire = "168h" -# cookie_https_only = false +# cookie_https_only = true diff --git a/dist.sh b/dist.sh new file mode 100755 index 0000000..184c27b --- /dev/null +++ b/dist.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# build binary distributions for linux/amd64 and darwin/amd64 +set -e + +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +echo "working dir $DIR" +mkdir -p $DIR/dist +mkdir -p $DIR/.godeps +export GOPATH=$DIR/.godeps:$GOPATH +gpm install + +os=$(go env GOOS) +arch=$(go env GOARCH) +version=$(cat $DIR/version.go | grep "const VERSION" | awk '{print $NF}' | sed 's/"//g') +goversion=$(go version | awk '{print $3}') + +echo "... running tests" +./test.sh || exit 1 + +for os in linux darwin; do + echo "... building v$version for $os/$arch" + BUILD=$(mktemp -d -t google_auth_proxy) + TARGET="google_auth_proxy-$version.$os-$arch.$goversion" + GOOS=$os GOARCH=$arch CGO_ENABLED=0 go build -o $BUILD/$TARGET/google_auth_proxy || exit 1 + pushd $BUILD + tar czvf $TARGET.tar.gz $TARGET + mv $TARGET.tar.gz $DIR/dist + popd +done diff --git a/main.go b/main.go index 17d4adb..3f91096 100644 --- a/main.go +++ b/main.go @@ -37,7 +37,7 @@ func main() { flagSet.String("cookie-secret", "", "the seed string for secure cookies") flagSet.String("cookie-domain", "", "an optional cookie domain to force cookies to (ie: .yourcompany.com)*") flagSet.Duration("cookie-expire", time.Duration(168)*time.Hour, "expire timeframe for cookie") - flagSet.Bool("cookie-https-only", false, "set HTTPS only cookie") + flagSet.Bool("cookie-https-only", true, "set HTTPS only cookie") flagSet.Parse(os.Args[1:]) diff --git a/oauthproxy.go b/oauthproxy.go index 73f04fa..aa4f634 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -55,6 +55,11 @@ func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy { redirectUrl.Path = oauthCallbackPath log.Printf("OauthProxy configured for %s", opts.ClientID) + domain := opts.CookieDomain + if domain == "" { + domain = "" + } + log.Printf("Cookie settings: https_only: %v expiry: %s domain:%s", opts.CookieHttpsOnly, opts.CookieExpire, domain) return &OauthProxy{ CookieKey: "_oauthproxy", CookieSeed: opts.CookieSecret, @@ -229,10 +234,12 @@ func (p *OauthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code SignInMessage string Htpasswd bool Redirect string + Version string }{ SignInMessage: p.SignInMessage, Htpasswd: p.HtpasswdFile != nil, Redirect: req.URL.RequestURI(), + Version: VERSION, } templates.ExecuteTemplate(rw, "sign_in.html", t) } diff --git a/options.go b/options.go index 2d82969..010f366 100644 --- a/options.go +++ b/options.go @@ -29,7 +29,12 @@ type Options struct { } func NewOptions() *Options { - return &Options{} + return &Options{ + HttpAddress: "127.0.0.1:4180", + CookieHttpsOnly: true, + PassBasicAuth: true, + CookieExpire: time.Duration(168) * time.Hour, + } } func (o *Options) Validate() error { diff --git a/templates.go b/templates.go index 7d29c40..5670861 100644 --- a/templates.go +++ b/templates.go @@ -76,6 +76,23 @@ func getTemplates() *template.Template { margin:0; box-sizing: border-box; } + footer { + display:block; + font-size:10px; + color:#aaa; + text-align:center; + margin-bottom:10px; + } + footer a { + display:inline-block; + height:25px; + line-height:25px; + color:#aaa; + text-decoration:underline; + } + footer a:hover { + color:#aaa; + } @@ -99,6 +116,9 @@ func getTemplates() *template.Template { {{ end }} + {{end}}`) diff --git a/test.sh b/test.sh new file mode 100755 index 0000000..683fe87 --- /dev/null +++ b/test.sh @@ -0,0 +1,5 @@ +#!/bin/bash +set -e + +go test -timeout 60s ./... +GOMAXPROCS=4 go test -timeout 60s -race ./... diff --git a/version.go b/version.go index a44ae0e..5f3daee 100644 --- a/version.go +++ b/version.go @@ -1,3 +1,3 @@ package main -const VERSION = "0.1.0" +const VERSION = "1.0"