Mike Bland
37f287bef4
Calculate cookie expiration from encoded timestamp
...
Found out the hard way that _incoming_ cookies do _not_ have their expiration
timestamps encoded. To perform auto-refresh based on expiration time, we have
to recalculate it from the time encoded in the cookie value.
2015-05-10 00:11:26 -04:00
Mike Bland
41b21dd0b1
Enforce that cookie_refresh < cookie_expire
2015-05-09 17:37:33 -04:00
Mike Bland
8ec967ac32
Check cookie_secret size when cookie_refresh set
2015-05-09 17:37:33 -04:00
Mike Bland
082b7c0ec8
Set cookie-refresh flag = 0; update README, config
2015-05-09 17:36:17 -04:00
Mike Bland
84190ab19a
Validate user during cookie refresh
2015-05-09 16:54:27 -04:00
Mike Bland
610341a068
Make ProcessCookie() fail when cookie parse fails
2015-05-09 16:54:27 -04:00
Mike Bland
bd4eae8fec
Store access token when cookie-refresh is set
...
cookie-refresh now no longer requires pass-access-token in order to work.
2015-05-09 16:54:27 -04:00
Mike Bland
b6e07d51b2
Validate access_token when auto-refreshing cookie
2015-05-09 15:09:31 -04:00
Mike Bland
25372567ac
ValidateToken() to check access_token validity
2015-05-09 13:17:37 -04:00
Mike Bland
72857018ee
Introduce validate-url
flag/config
2015-05-08 17:13:35 -04:00
Mike Bland
8e2d83600c
Implement cookie auto-refresh
...
The intention is to refresh the cookie whenever the user accesses an
authenticated service with less than `cookie-refresh` time to go before the
cookie expires.
2015-05-08 14:05:09 -04:00
Mike Bland
5cbdb74518
Add ProcessCookie() test
2015-05-08 14:05:09 -04:00
Mike Bland
f554f99abd
Ensure all errors are logged in ProcessCookie()
2015-05-08 14:05:09 -04:00
Mike Bland
beed9fb9a2
Extract MakeCookie()
2015-05-08 14:05:09 -04:00
Mike Bland
1bd90cefe7
Extract ProcessCookie() from ServeHTTP()
2015-05-08 12:41:22 -04:00
Jehiah Czebotar
26170c56af
Merge pull request #84 from balshor/master
...
Add LinkedIn provider
2015-04-17 23:40:23 -04:00
Darren Lee
5bc77b0ee8
LinkedIn OAuth support.
2015-04-17 17:35:40 -07:00
Jehiah Czebotar
78e080ec46
Merge pull request #83 from 18F/case-insensitive-comparisons
...
Make address/domain comparisons case-insensitive
2015-04-17 20:01:47 -04:00
Mike Bland
781f34e817
Make address/domain comparisons case-insensitive
2015-04-07 17:25:46 -04:00
Jehiah Czebotar
9534808a0d
Merge pull request #81 from 18F/access-token-refactor
...
Refactor pass_access_token changes from #80
2015-04-07 16:48:07 -04:00
Mike Bland
83ad43a571
Make proper PassAccessTokenTest methods
2015-04-07 10:11:35 -04:00
Mike Bland
9887ac3be5
Refactor cookie building and parsing
...
Extracts buildCookieValue() and parseCookieValue() from OauthProxy.ServeHTTP()
and adds tests for both.
2015-04-07 05:53:41 -04:00
Mike Bland
cf79fd9e4c
Refactor pass_access_token+cookie_secret check
...
Moves the check from NewOauthProxy() to Options.Validate() and adds a test.
2015-04-07 05:53:40 -04:00
Mike Bland
ca32394c6f
Add vim .swp files to gitignore
2015-04-07 05:53:40 -04:00
Jehiah Czebotar
b0f0409f2b
Merge pull request #82 from 18F/sign-in-redirect
...
Redirect to / when /oauth2/sign_in accessed
2015-04-06 23:20:26 -04:00
Mike Bland
5f747bb768
Redirect to / when /oauth2/sign_in accessed
...
Without this change, clicking the sign-in button on /oauth2/sign_in will
always redirect back to /oauth2/sign_in, essentially creating an infinite
loop.
2015-04-06 22:10:03 -04:00
Jehiah Czebotar
864d4787e9
Merge pull request #80 from 18F/pass-access-token
...
Pass the access token to the upstream server
2015-04-03 15:45:22 -04:00
Mike Bland
ad3c9a886f
Pass the access token to the upstream client
...
This is accomplished by encoding the access_token in the auth cookie and
unpacking it as the X-Forwarded-Access-Token header for upstream requests.
2015-04-03 15:32:01 -04:00
Mike Bland
a9837f90aa
Ensure TestNewReverseProxy() passes when offline
...
This reflects the apparent intent of TestNewReverseProxy(). Without this
change, the test will fail when run without an Internet connection.
2015-04-02 21:38:48 -04:00
Jehiah Czebotar
66d4d72d2e
Merge pull request #79 from 18F/add-myusa-provider
...
Add myusa provider
2015-03-31 15:59:11 -04:00
Mike Bland
291a0b76b9
Add alternate provider information to README
2015-03-31 15:31:22 -04:00
Mike Bland
59c3ba40f6
Add MyUSA provider
2015-03-31 15:17:17 -04:00
Jehiah Czebotar
243dbb77fb
Merge pull request #78 from 18F/generalize-templates
...
Add ProviderName field; use in sign_in template
2015-03-31 13:21:03 -04:00
Mike Bland
666e6ad436
Add ProviderName field; use in sign_in template
2015-03-31 12:59:07 -04:00
Jehiah Czebotar
0136ab01fd
Merge pull request #77 from 18F/extract-providers-package
...
Extract providers package
2015-03-31 10:22:52 -04:00
Mike Bland
d9a945ebc3
Integrate Provider into Options and OauthProxy
2015-03-31 09:34:50 -04:00
Mike Bland
e2931da853
Create providers package with Google default
2015-03-31 09:34:50 -04:00
Jehiah Czebotar
41044ecac0
Merge pull request #76 from 18F/extract-api-package
...
Extract api package
2015-03-30 22:47:16 -04:00
Mike Bland
45286af4a4
s/18F/bitly/ in import path
2015-03-30 11:42:37 -04:00
Mike Bland
9d8f932797
Extract api package
...
This is the first step towards genericizing the google_auth_proxy to support
OAuth2 providers other than Google as discussed in #65 . The `api` package will
enable multiple providers to use the same `api.Request()` implementation.
2015-03-30 10:23:30 -04:00
Jehiah Czebotar
fd74eae9c3
tag 1.1.1
2015-03-23 09:19:24 -04:00
Jehiah Czebotar
e1f4941522
Merge pull request #74 from jehiah/request_path_74
...
request path contains full URL
2015-03-22 07:56:05 -04:00
Jehiah Czebotar
16f2c981f3
fix upstream request path
2015-03-21 15:29:07 -04:00
Jehiah Czebotar
736ec2aa9f
Merge pull request #56 from jehiah/release_56
...
Cut a new release
2015-03-19 23:03:16 -04:00
Jehiah Czebotar
6b771fdd9e
show Go version
2015-03-19 23:03:00 -04:00
Jehiah Czebotar
8751f48a4c
bump to version 1.1
2015-03-19 22:36:04 -04:00
Jehiah Czebotar
eb67be7ea0
Merge pull request #73 from jehiah/logging_73
...
Request Logging:
2015-03-19 22:35:45 -04:00
Jehiah Czebotar
b9b5e817fc
improve request logging (closer to Apache Common Log)
2015-03-19 22:34:01 -04:00
Jehiah Czebotar
c0160c1e4c
Merge pull request #72 from jehiah/cookie_fixes_72
...
clear cookie fix
2015-03-19 16:18:50 -04:00
Jehiah Czebotar
07c74f55c6
improve handling of cookie domains
2015-03-19 16:18:02 -04:00