Commit Graph

192 Commits

Author SHA1 Message Date
Jehiah Czebotar
ba81a0d30a Merge pull request #137 from guotie/master
Update github.go
2015-08-25 12:22:40 -04:00
铁哥
8da7325683 Update github.go 2015-08-26 00:11:24 +08:00
Jehiah Czebotar
7ba51ba9f2 Merge pull request #133 from sricola/master
Google auth configuration screen flow has changed
2015-08-09 15:22:02 -04:00
Srivatsa Ray
85fcd66be6 Google auth configuration screen flow has changed 2015-08-09 12:08:21 -07:00
Jehiah Czebotar
5ff8aa3581 Merge pull request #128 from jehiah/github_debug_128
provider github not work with scope read:org
2015-07-28 07:58:54 -04:00
Jehiah Czebotar
221c99b1ec Merge pull request #130 from mrwacky42/patch-1
Fix spelling
2015-07-24 17:35:26 -04:00
Sharif Nassar
f3353c0eea Fix spelling
*snicker*
*titter*
*giggle*
2015-07-24 14:31:25 -07:00
Jehiah Czebotar
0692c3763f More robust handling for missing email 2015-07-24 16:26:40 -04:00
Jehiah Czebotar
c1bf1ad167 github: better debug output for org/team validation 2015-07-24 16:10:10 -04:00
Jehiah Czebotar
1e48d89e00 clarify required email validation settings 2015-07-24 16:09:33 -04:00
Jehiah Czebotar
c086bddcbe Merge pull request #129 from jburnham/basic_auth_password
Add support for setting the basic auth password.
2015-07-24 11:06:32 -04:00
Justin Burnham
7dd5d299e1 Add support for setting the basic auth password.
For tools that don't like empty passwords, this change allows
one to set a shared secret password for all users.
2015-07-24 09:17:43 +00:00
Jehiah Czebotar
58d2b88406 Merge pull request #126 from mattk42/master
Check email validity on all requests rather than only on login.
2015-07-14 12:04:44 -04:00
mattk42
6cd3e72e09 Check email validity on all requests rather than only on login/refresh 2015-07-14 08:40:59 -06:00
Jehiah Czebotar
3a792555f1 tag v2.0.1 2015-07-02 23:29:25 -04:00
Jehiah Czebotar
51852c045a Doc updates clarifying external Load Balancer config 2015-07-02 23:21:59 -04:00
Jehiah Czebotar
01c9d04feb Merge pull request #117 from jehiah/always_refresh_117
Google - continually use refresh token
2015-07-02 23:14:01 -04:00
Jehiah Czebotar
d49c3e167f SessionState refactoring; improve token renewal and cookie refresh
* New SessionState to consolidate email, access token and refresh token
* split ServeHttp into individual methods
* log on session renewal
* log on access token refresh
* refactor cookie encription/decription and session state serialization
2015-07-02 23:09:11 -04:00
Jehiah Czebotar
b9ae5dc8d7 Merge pull request #116 from jehiah/google_refresh_token_116
Google - use offline access token
2015-06-23 14:01:35 -04:00
Jehiah Czebotar
aa0a725a3a Readme: doc updates 2015-06-23 14:01:05 -04:00
Jehiah Czebotar
8d50b372e4 immediately redeem refresh token for provider==Google 2015-06-23 13:56:14 -04:00
Jehiah Czebotar
ae2a1e55ab Merge pull request #115 from jehiah/cookie_renew_115
Cookie Refresh Improvements
2015-06-23 07:57:07 -04:00
Jehiah Czebotar
e9b5631eed cookie refresh: validation fixes, interval changes
* refresh now calculated as duration from cookie set
2015-06-23 07:51:00 -04:00
Jehiah Czebotar
66a0484721 Merge pull request #111 from jehiah/version_two_111
Release Version Two
2015-06-12 13:12:20 -04:00
Jehiah Czebotar
d78aa13464 v2.0 & cleanup changes
* bump version to 2.0
* remove --cookie-https-only option
* add windows build to dist.sh
* rename --cookie-key to --cookie-name
2015-06-12 13:07:26 -04:00
Jehiah Czebotar
1946739e98 Merge pull request #99 from jehiah/ssl_99
Native SSL support
2015-06-07 23:36:02 -04:00
Jehiah Czebotar
f5b2b20f67 support TLS directly 2015-06-07 23:14:48 -04:00
Jehiah Czebotar
5a5d6dff7e Merge pull request #108 from jehiah/unmarshal_error_108
Page defaults to Google sign in
2015-06-07 21:06:50 -04:00
Jehiah Czebotar
f5db2e1ff7 More complete HTTP error logging 2015-06-07 21:03:53 -04:00
Jehiah Czebotar
13e82923f0 Merge pull request #109 from jehiah/github_org_109
Github provider "Invalid Account"
2015-06-06 14:54:01 -04:00
Jehiah Czebotar
a6694ad3c7 github: handle users part of an Org not on a team 2015-06-06 14:44:42 -04:00
Jehiah Czebotar
b313e99352 Merge pull request #91 from jehiah/email_domain_91
disable email validation
2015-06-06 14:43:48 -04:00
Jehiah Czebotar
56d19b1c84 disable email validation; rename email-domain argument
This adds a "*" option to --email-domain to disable email validation, and this renames `--google-apps-domain` to `--email-domain` for clarity across providers
2015-06-06 14:37:54 -04:00
tonymeng
c5ccd43767 Enable specific oauth2proxy path; change cookie name to _oauth2proxy 2015-06-06 14:21:42 -04:00
Jehiah Czebotar
71b79baf33 Merge pull request #107 from 18F/fix-validator-test
Fix validator_test hang on Solaris, Plan 9
2015-05-31 00:06:45 -04:00
Mike Bland
c3590b5c4c Fix validator_test hang on Solaris, Plan 9
On these platforms, the `done <- true` statement in during TearDown() was
hanging, since the `watcher_unsupported.go` version was never draining the
channel. Also took the opportunity to update the WatchForUpdates() signature
to not return bool anymore.
2015-05-30 22:11:02 -04:00
Jehiah Czebotar
577a3f7f09 Merge pull request #106 from 18F/fix-watcher-build-tags
Fix unsupported WatchForUpdates and build tags
2015-05-30 20:05:40 -04:00
Mike Bland
21f2655280 Fix unsupported WatchForUpdates and build tags
Closes #105.

The `go1.1` constraint has been updated to `!go1.3` per
https://golang.org/pkg/go/build/#hdr-Build_Constraints and
https://github.com/go-fsnotify/fsnotify. Also, the existing call signature for
`WatchForUpdates()` in `watcher_unsupported.go` was stale.
2015-05-30 13:44:18 -04:00
Jehiah Czebotar
c6946893e0 example config updates 2015-05-26 09:18:03 -04:00
Jehiah Czebotar
442be96039 Merge pull request #102 from pidah/fix/oauth2_example_filename
rename example file which is referenced in the README
2015-05-26 07:23:41 -04:00
Peter Idah
68618a9107 rename example file which is referenced in the README 2015-05-26 12:00:27 +01:00
Jehiah Czebotar
a80aad04f7 Readme Updates 2015-05-21 09:54:21 -04:00
Jehiah Czebotar
4d3b1c4e29 Merge pull request #85 from jehiah/oauth2_proxy_85
Naming Is Hard - project name change
2015-05-21 02:57:51 -04:00
Jehiah Czebotar
b96a078839 Project Rename -> oauth2_proxy 2015-05-21 02:55:04 -04:00
Jehiah Czebotar
4de133a016 Merge pull request #98 from jehiah/github_provider_98
Add Github Provider
2015-05-21 02:36:11 -04:00
Jehiah Czebotar
37b38dd2f4 Github provider 2015-05-21 02:21:19 -04:00
Mike Bland
8471f972e1 Move ValidateToken() to Provider 2015-05-21 02:06:23 -04:00
Jehiah Czebotar
aca1fe81f4 Merge pull request #93 from 18F/watcher-done
Provide graceful shutdown of file watcher in tests
2015-05-18 17:16:57 -04:00
Mike Bland
020a35e85f Remove file watch upon interruption
TestValidatorOverwriteEmailListViaRenameAndReplace was deadlocking on
Windows because, on Windows, fsnotify.Watcher will continue to watch a
renamed file using its new name. On other systems, it appears the watch on
a file is removed after a rename.

The fix is to explicitly remove the watch to ensure the watch is resumed
under the original name.
2015-05-14 07:57:30 -04:00
Mike Bland
5f2df7167a Ensure watcher tests don't block during shutdown
These test failures from #93 inspired this change:
https://travis-ci.org/bitly/google_auth_proxy/jobs/62474406
https://travis-ci.org/bitly/google_auth_proxy/jobs/62474407

Both tests exhibited this pattern:
2015/05/13 22:10:54 validating: is xyzzy@example.com valid? false
2015/05/13 22:10:54 watching interrupted on event: "/tmp/test_auth_emails_300880185": CHMOD
2015/05/13 22:10:54 watching resumed for /tmp/test_auth_emails_300880185
2015/05/13 22:10:54 reloading after event: "/tmp/test_auth_emails_300880185": CHMOD
panic: test timed out after 1m0s

[snip]

goroutine 175 [chan send]:
github.com/bitly/google_auth_proxy.(*ValidatorTest).TearDown(0xc2080bc330)
        /home/travis/gopath/src/github.com/bitly/google_auth_proxy/validator_test.go:27 +0x43
github.com/bitly/google_auth_proxy.TestValidatorOverwriteEmailListViaRenameAndReplace(0xc2080f2480)
        /home/travis/gopath/src/github.com/bitly/google_auth_proxy/validator_watcher_test.go:103 +0x3b9

[snip]

goroutine 177 [chan send]:
github.com/bitly/google_auth_proxy.func·017()
        /home/travis/gopath/src/github.com/bitly/google_auth_proxy/validator_test.go:34 +0x41

I realized that the spurious CHMOD events were causing calls to
`func() { updated <- true }` (from validator_test.go:34), which caused
the goroutine running the watcher to block. At the same time,
ValidatorTest.TearDown was blocked by trying to send into the `done` channel.
The solution was to create a flag that ensured only one value was ever sent
into the update channel.
2015-05-13 18:48:39 -04:00