Commit Graph

805 Commits

Author SHA1 Message Date
Mike Bland
21f2655280 Fix unsupported WatchForUpdates and build tags
Closes #105.

The `go1.1` constraint has been updated to `!go1.3` per
https://golang.org/pkg/go/build/#hdr-Build_Constraints and
https://github.com/go-fsnotify/fsnotify. Also, the existing call signature for
`WatchForUpdates()` in `watcher_unsupported.go` was stale.
2015-05-30 13:44:18 -04:00
Jehiah Czebotar
c6946893e0 example config updates 2015-05-26 09:18:03 -04:00
Jehiah Czebotar
442be96039 Merge pull request #102 from pidah/fix/oauth2_example_filename
rename example file which is referenced in the README
2015-05-26 07:23:41 -04:00
Peter Idah
68618a9107 rename example file which is referenced in the README 2015-05-26 12:00:27 +01:00
Jehiah Czebotar
a80aad04f7 Readme Updates 2015-05-21 09:54:21 -04:00
Jehiah Czebotar
4d3b1c4e29 Merge pull request #85 from jehiah/oauth2_proxy_85
Naming Is Hard - project name change
2015-05-21 02:57:51 -04:00
Jehiah Czebotar
b96a078839 Project Rename -> oauth2_proxy 2015-05-21 02:55:04 -04:00
Jehiah Czebotar
4de133a016 Merge pull request #98 from jehiah/github_provider_98
Add Github Provider
2015-05-21 02:36:11 -04:00
Jehiah Czebotar
37b38dd2f4 Github provider 2015-05-21 02:21:19 -04:00
Mike Bland
8471f972e1 Move ValidateToken() to Provider 2015-05-21 02:06:23 -04:00
Jehiah Czebotar
aca1fe81f4 Merge pull request #93 from 18F/watcher-done
Provide graceful shutdown of file watcher in tests
2015-05-18 17:16:57 -04:00
Mike Bland
020a35e85f Remove file watch upon interruption
TestValidatorOverwriteEmailListViaRenameAndReplace was deadlocking on
Windows because, on Windows, fsnotify.Watcher will continue to watch a
renamed file using its new name. On other systems, it appears the watch on
a file is removed after a rename.

The fix is to explicitly remove the watch to ensure the watch is resumed
under the original name.
2015-05-14 07:57:30 -04:00
Mike Bland
5f2df7167a Ensure watcher tests don't block during shutdown
These test failures from #93 inspired this change:
https://travis-ci.org/bitly/google_auth_proxy/jobs/62474406
https://travis-ci.org/bitly/google_auth_proxy/jobs/62474407

Both tests exhibited this pattern:
2015/05/13 22:10:54 validating: is xyzzy@example.com valid? false
2015/05/13 22:10:54 watching interrupted on event: "/tmp/test_auth_emails_300880185": CHMOD
2015/05/13 22:10:54 watching resumed for /tmp/test_auth_emails_300880185
2015/05/13 22:10:54 reloading after event: "/tmp/test_auth_emails_300880185": CHMOD
panic: test timed out after 1m0s

[snip]

goroutine 175 [chan send]:
github.com/bitly/google_auth_proxy.(*ValidatorTest).TearDown(0xc2080bc330)
        /home/travis/gopath/src/github.com/bitly/google_auth_proxy/validator_test.go:27 +0x43
github.com/bitly/google_auth_proxy.TestValidatorOverwriteEmailListViaRenameAndReplace(0xc2080f2480)
        /home/travis/gopath/src/github.com/bitly/google_auth_proxy/validator_watcher_test.go:103 +0x3b9

[snip]

goroutine 177 [chan send]:
github.com/bitly/google_auth_proxy.func·017()
        /home/travis/gopath/src/github.com/bitly/google_auth_proxy/validator_test.go:34 +0x41

I realized that the spurious CHMOD events were causing calls to
`func() { updated <- true }` (from validator_test.go:34), which caused
the goroutine running the watcher to block. At the same time,
ValidatorTest.TearDown was blocked by trying to send into the `done` channel.
The solution was to create a flag that ensured only one value was ever sent
into the update channel.
2015-05-13 18:48:39 -04:00
Mike Bland
6a0f119fc2 Provide graceful shutdown of file watcher in tests
This test failure from #92 inspired this change:
https://travis-ci.org/bitly/google_auth_proxy/jobs/62425336

2015/05/13 16:27:33 using authenticated emails file /tmp/test_auth_emails_952353477
2015/05/13 16:27:33 watching /tmp/test_auth_emails_952353477 for updates
2015/05/13 16:27:33 validating: is xyzzy@example.com valid? true
2015/05/13 16:27:33 watching interrupted on event: "/tmp/test_auth_emails_952353477": CHMOD
2015/05/13 16:27:33 watching resumed for /tmp/test_auth_emails_952353477
2015/05/13 16:27:33 reloading after event: "/tmp/test_auth_emails_952353477": CHMOD
2015/05/13 16:27:33 watching interrupted on event: "/tmp/test_auth_emails_952353477": REMOVE
2015/05/13 16:27:33 validating: is xyzzy@example.com valid? false
2015/05/13 16:27:33 watching resumed for /tmp/test_auth_emails_952353477
2015/05/13 16:27:33 reloading after event: "/tmp/test_auth_emails_952353477": REMOVE
2015/05/13 16:27:33 failed opening authenticated-emails-file="/tmp/test_auth_emails_952353477", open /tmp/test_auth_emails_952353477: no such file or directory

I believe that what happened was that the call to reload the file after the
second "reloading after event" lost the race when the test shut down and the
file was removed. This change introduces a `done` channel that ensures
outstanding actions complete and the watcher exits before the test removes the
file.
2015-05-13 18:02:22 -04:00
Jehiah Czebotar
254b26d4a0 Merge pull request #89 from 18F/watch-email-file
Reload authenticated-emails-file upon update
2015-05-12 11:08:38 -04:00
Mike Bland
ca91b5eddd Reload authenticated-emails-file upon update
This change extracts the UserMap class from NewValidator() so that its
LoadAuthenticatedEmailsFile() method can be called concurrently. This method
is called by a goroutine containing a fsnotify.Watcher watching the
authenticated emails file.

Watching isn't forever aborted when the authenticated emails file disappears.
The goroutine will call os.Stat() up to twenty times a second if the file is
persistently missing, but that's the pathological case, not the common one.

The common case is that some editors (including Vim) will perform a
rename-and-replace when updating a file, triggering fsnotify.Rename events,
and the file will temporarily disappear. This watcher goroutine handles that
case.

Also, on some platforms (notably Arch Linux), a remove will be preceded by a
fsnotify.Chmod, causing a race between the upcoming fsnotify.Remove and the
call to UserMap.LoadAuthenticatedEmailsFile(). Hence, we treat fsnotify.Chmod
the same as fsnotify.Remove and fsnotify.Rename. There's no significant
penalty to re-adding a file to the watcher.

Also contains the following small changes from the summary of commits below:

- Minor optimization of email domain search
- Fixed api_test.go on Windows
- Add deferred File.Close() calls where needed
- Log error and return if emails file doesn't parse

These are the original commits from #89 squashed into this one:

0c6f2b6 Refactor validator_test to prepare for more tests
e0c792b Add more test cases to validator_test
a9a9d93 Minor optimization of email domain search
b763ea5 Extract LoadAuthenticatedEmailsFile()
8cdaf7f Introduce synchronized UserMap type
1b84eef Add UserMap methods, locking
af15dcf Reload authenticated-emails-file upon update
6d95548 Make UserMap operations lock-free
        Per:
        - http://stackoverflow.com/questions/21447463/is-assigning-a-pointer-atomic-in-golang
        - https://groups.google.com/forum/#!msg/golang-nuts/ueSvaEKgyLY/ZW_74IC4PekJ
75755d5 Fix tests on Windows
d0eab2e Ignore email file watcher Chmod events
0b9798b Fix watcher on Ubuntu 12.04
3a8251a WaitForReplacement() to retry emails file watch
a57fd29 Add deferred File.Close() calls where needed
        Because correctness: Don't leak file handles anywhere, and prepare for
        future panics and early returns.
52ed3fd Log error and return if emails file doesn't parse
40100d4 Add gopkg.in/fsnotify.v1 dependency to Godeps file
17dfbbc Avoid a race when Remove is preceded by Chmod
2015-05-12 10:39:18 -04:00
Jehiah Czebotar
9047920e90 Merge pull request #88 from 18F/auto-refresh
Auto refresh auth token
2015-05-11 22:24:50 -04:00
Mike Bland
2808ba7beb Update cookie-refresh doc string 2015-05-11 09:55:07 -04:00
Jehiah Czebotar
5c03fe3840 Merge pull request #90 from 18F/robots-txt
Provide a robots.txt that denies all crawlers
2015-05-10 16:07:36 -04:00
Mike Bland
5b07d9fcef Provide a robots.txt that denies all crawlers 2015-05-10 15:15:52 -04:00
Mike Bland
37f287bef4 Calculate cookie expiration from encoded timestamp
Found out the hard way that _incoming_ cookies do _not_ have their expiration
timestamps encoded. To perform auto-refresh based on expiration time, we have
to recalculate it from the time encoded in the cookie value.
2015-05-10 00:11:26 -04:00
Mike Bland
41b21dd0b1 Enforce that cookie_refresh < cookie_expire 2015-05-09 17:37:33 -04:00
Mike Bland
8ec967ac32 Check cookie_secret size when cookie_refresh set 2015-05-09 17:37:33 -04:00
Mike Bland
082b7c0ec8 Set cookie-refresh flag = 0; update README, config 2015-05-09 17:36:17 -04:00
Mike Bland
84190ab19a Validate user during cookie refresh 2015-05-09 16:54:27 -04:00
Mike Bland
610341a068 Make ProcessCookie() fail when cookie parse fails 2015-05-09 16:54:27 -04:00
Mike Bland
bd4eae8fec Store access token when cookie-refresh is set
cookie-refresh now no longer requires pass-access-token in order to work.
2015-05-09 16:54:27 -04:00
Mike Bland
b6e07d51b2 Validate access_token when auto-refreshing cookie 2015-05-09 15:09:31 -04:00
Mike Bland
25372567ac ValidateToken() to check access_token validity 2015-05-09 13:17:37 -04:00
Mike Bland
72857018ee Introduce validate-url flag/config 2015-05-08 17:13:35 -04:00
Mike Bland
8e2d83600c Implement cookie auto-refresh
The intention is to refresh the cookie whenever the user accesses an
authenticated service with less than `cookie-refresh` time to go before the
cookie expires.
2015-05-08 14:05:09 -04:00
Mike Bland
5cbdb74518 Add ProcessCookie() test 2015-05-08 14:05:09 -04:00
Mike Bland
f554f99abd Ensure all errors are logged in ProcessCookie() 2015-05-08 14:05:09 -04:00
Mike Bland
beed9fb9a2 Extract MakeCookie() 2015-05-08 14:05:09 -04:00
Mike Bland
1bd90cefe7 Extract ProcessCookie() from ServeHTTP() 2015-05-08 12:41:22 -04:00
Jehiah Czebotar
26170c56af Merge pull request #84 from balshor/master
Add LinkedIn provider
2015-04-17 23:40:23 -04:00
Darren Lee
5bc77b0ee8 LinkedIn OAuth support. 2015-04-17 17:35:40 -07:00
Jehiah Czebotar
78e080ec46 Merge pull request #83 from 18F/case-insensitive-comparisons
Make address/domain comparisons case-insensitive
2015-04-17 20:01:47 -04:00
Mike Bland
781f34e817 Make address/domain comparisons case-insensitive 2015-04-07 17:25:46 -04:00
Jehiah Czebotar
9534808a0d Merge pull request #81 from 18F/access-token-refactor
Refactor pass_access_token changes from #80
2015-04-07 16:48:07 -04:00
Mike Bland
83ad43a571 Make proper PassAccessTokenTest methods 2015-04-07 10:11:35 -04:00
Mike Bland
9887ac3be5 Refactor cookie building and parsing
Extracts buildCookieValue() and parseCookieValue() from OauthProxy.ServeHTTP()
and adds tests for both.
2015-04-07 05:53:41 -04:00
Mike Bland
cf79fd9e4c Refactor pass_access_token+cookie_secret check
Moves the check from NewOauthProxy() to Options.Validate() and adds a test.
2015-04-07 05:53:40 -04:00
Mike Bland
ca32394c6f Add vim .swp files to gitignore 2015-04-07 05:53:40 -04:00
Jehiah Czebotar
b0f0409f2b Merge pull request #82 from 18F/sign-in-redirect
Redirect to / when /oauth2/sign_in accessed
2015-04-06 23:20:26 -04:00
Mike Bland
5f747bb768 Redirect to / when /oauth2/sign_in accessed
Without this change, clicking the sign-in button on /oauth2/sign_in will
always redirect back to /oauth2/sign_in, essentially creating an infinite
loop.
2015-04-06 22:10:03 -04:00
Jehiah Czebotar
864d4787e9 Merge pull request #80 from 18F/pass-access-token
Pass the access token to the upstream server
2015-04-03 15:45:22 -04:00
Mike Bland
ad3c9a886f Pass the access token to the upstream client
This is accomplished by encoding the access_token in the auth cookie and
unpacking it as the X-Forwarded-Access-Token header for upstream requests.
2015-04-03 15:32:01 -04:00
Mike Bland
a9837f90aa Ensure TestNewReverseProxy() passes when offline
This reflects the apparent intent of TestNewReverseProxy(). Without this
change, the test will fail when run without an Internet connection.
2015-04-02 21:38:48 -04:00
Jehiah Czebotar
66d4d72d2e Merge pull request #79 from 18F/add-myusa-provider
Add myusa provider
2015-03-31 15:59:11 -04:00