From a5f96b17547602e0b1226b238278dc97c54c62b6 Mon Sep 17 00:00:00 2001 From: Jehiah Czebotar Date: Sun, 9 Nov 2014 21:48:09 -0500 Subject: [PATCH 1/5] release scripts --- .gitignore | 2 ++ .travis.yml | 13 ++++++++----- Godeps | 4 ++++ dist.sh | 30 ++++++++++++++++++++++++++++++ test.sh | 5 +++++ version.go | 2 +- 6 files changed, 50 insertions(+), 6 deletions(-) create mode 100644 Godeps create mode 100755 dist.sh create mode 100755 test.sh diff --git a/.gitignore b/.gitignore index 24acb6559..50d93ea6e 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,5 @@ _cgo_export.* _testmain.go *.exe +dist +.godeps diff --git a/.travis.yml b/.travis.yml index 468e23c3f..09544e671 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,9 +1,12 @@ language: go -install: - - go get github.com/bmizerany/assert - - go get github.com/bitly/go-simplejson - - go get github.com/mreiferson/go-options - - go get github.com/BurntSushi/toml +go: + - 1.2.2 + - 1.3.3 +script: + - curl -s https://raw.githubusercontent.com/pote/gpm/v1.3.1/bin/gpm > gpm + - chmod +x gpm + - ./gpm install + - ./test.sh notifications: email: false diff --git a/Godeps b/Godeps new file mode 100644 index 000000000..41bef4ce9 --- /dev/null +++ b/Godeps @@ -0,0 +1,4 @@ +github.com/BurntSushi/toml 3883ac1ce943878302255f538fce319d23226223 +github.com/bitly/go-simplejson 3378bdcb5cebedcbf8b5750edee28010f128fe24 +github.com/mreiferson/go-options ee94b57f2fbf116075426f853e5abbcdfeca8b3d +github.com/bmizerany/assert e17e99893cb6509f428e1728281c2ad60a6b31e3 diff --git a/dist.sh b/dist.sh new file mode 100755 index 000000000..184c27b35 --- /dev/null +++ b/dist.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# build binary distributions for linux/amd64 and darwin/amd64 +set -e + +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +echo "working dir $DIR" +mkdir -p $DIR/dist +mkdir -p $DIR/.godeps +export GOPATH=$DIR/.godeps:$GOPATH +gpm install + +os=$(go env GOOS) +arch=$(go env GOARCH) +version=$(cat $DIR/version.go | grep "const VERSION" | awk '{print $NF}' | sed 's/"//g') +goversion=$(go version | awk '{print $3}') + +echo "... running tests" +./test.sh || exit 1 + +for os in linux darwin; do + echo "... building v$version for $os/$arch" + BUILD=$(mktemp -d -t google_auth_proxy) + TARGET="google_auth_proxy-$version.$os-$arch.$goversion" + GOOS=$os GOARCH=$arch CGO_ENABLED=0 go build -o $BUILD/$TARGET/google_auth_proxy || exit 1 + pushd $BUILD + tar czvf $TARGET.tar.gz $TARGET + mv $TARGET.tar.gz $DIR/dist + popd +done diff --git a/test.sh b/test.sh new file mode 100755 index 000000000..683fe8755 --- /dev/null +++ b/test.sh @@ -0,0 +1,5 @@ +#!/bin/bash +set -e + +go test -timeout 60s ./... +GOMAXPROCS=4 go test -timeout 60s -race ./... diff --git a/version.go b/version.go index a44ae0ec7..5f3daee47 100644 --- a/version.go +++ b/version.go @@ -1,3 +1,3 @@ package main -const VERSION = "0.1.0" +const VERSION = "1.0" From a49eadadeb3d347fafd700aa0e7284f883e94223 Mon Sep 17 00:00:00 2001 From: Jehiah Czebotar Date: Sun, 9 Nov 2014 22:01:50 -0500 Subject: [PATCH 2/5] template updates to display version --- oauthproxy.go | 2 ++ templates.go | 20 ++++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/oauthproxy.go b/oauthproxy.go index 73f04faae..15f7b363f 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -229,10 +229,12 @@ func (p *OauthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code SignInMessage string Htpasswd bool Redirect string + Version string }{ SignInMessage: p.SignInMessage, Htpasswd: p.HtpasswdFile != nil, Redirect: req.URL.RequestURI(), + Version: VERSION, } templates.ExecuteTemplate(rw, "sign_in.html", t) } diff --git a/templates.go b/templates.go index 7d29c404a..567086125 100644 --- a/templates.go +++ b/templates.go @@ -76,6 +76,23 @@ func getTemplates() *template.Template { margin:0; box-sizing: border-box; } + footer { + display:block; + font-size:10px; + color:#aaa; + text-align:center; + margin-bottom:10px; + } + footer a { + display:inline-block; + height:25px; + line-height:25px; + color:#aaa; + text-decoration:underline; + } + footer a:hover { + color:#aaa; + } @@ -99,6 +116,9 @@ func getTemplates() *template.Template { {{ end }} + {{end}}`) From ba7aee91d600de87a80653c18bd0eae924698509 Mon Sep 17 00:00:00 2001 From: Jehiah Czebotar Date: Sun, 9 Nov 2014 22:06:40 -0500 Subject: [PATCH 3/5] update install steps; show login img --- README.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 959463778..1e5d280de 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,8 @@ individual accounts, or a whole google apps domain. [![Build Status](https://secure.travis-ci.org/bitly/google_auth_proxy.png?branch=master)](http://travis-ci.org/bitly/google_auth_proxy) +![sign_in_page](https://cloud.githubusercontent.com/assets/45028/4970624/7feb7dd8-6886-11e4-93e0-c9904af44ea8.png) + ## Architecture ``` @@ -22,8 +24,10 @@ individual accounts, or a whole google apps domain. ## Installation -1. [Install Go](http://golang.org/doc/install) -2. `$ go get github.com/bitly/google_auth_proxy`. This should put the binary in `$GOROOT/bin` +1. Download [Prebuilt Binary](https://github.com/bitly/google_auth_proxy/releases) or build from `master` with `$ go get github.com/bitly/google_auth_proxy` which should put the binary in `$GOROOT/bin` +2. Register an OAuth Application with Google +3. Configure Google Auth Proxy using config file, command line options, or environment variables +4. Deploy behind a SSL endpoint (example provided for Nginx) ## OAuth Configuration From 1f515eba3ca73bdb7ff9a365fdd4ce73e9213f7f Mon Sep 17 00:00:00 2001 From: Jehiah Czebotar Date: Sun, 9 Nov 2014 22:21:46 -0500 Subject: [PATCH 4/5] options bug fixes; set https cookies on by default --- main.go | 2 +- oauthproxy.go | 5 +++++ options.go | 7 ++++++- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/main.go b/main.go index 17d4adb52..3f910965e 100644 --- a/main.go +++ b/main.go @@ -37,7 +37,7 @@ func main() { flagSet.String("cookie-secret", "", "the seed string for secure cookies") flagSet.String("cookie-domain", "", "an optional cookie domain to force cookies to (ie: .yourcompany.com)*") flagSet.Duration("cookie-expire", time.Duration(168)*time.Hour, "expire timeframe for cookie") - flagSet.Bool("cookie-https-only", false, "set HTTPS only cookie") + flagSet.Bool("cookie-https-only", true, "set HTTPS only cookie") flagSet.Parse(os.Args[1:]) diff --git a/oauthproxy.go b/oauthproxy.go index 15f7b363f..aa4f63404 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -55,6 +55,11 @@ func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy { redirectUrl.Path = oauthCallbackPath log.Printf("OauthProxy configured for %s", opts.ClientID) + domain := opts.CookieDomain + if domain == "" { + domain = "" + } + log.Printf("Cookie settings: https_only: %v expiry: %s domain:%s", opts.CookieHttpsOnly, opts.CookieExpire, domain) return &OauthProxy{ CookieKey: "_oauthproxy", CookieSeed: opts.CookieSecret, diff --git a/options.go b/options.go index 2d829695d..010f366b5 100644 --- a/options.go +++ b/options.go @@ -29,7 +29,12 @@ type Options struct { } func NewOptions() *Options { - return &Options{} + return &Options{ + HttpAddress: "127.0.0.1:4180", + CookieHttpsOnly: true, + PassBasicAuth: true, + CookieExpire: time.Duration(168) * time.Hour, + } } func (o *Options) Validate() error { From 1fa1494e0e1b573b0eaaa28cb503d10447f97614 Mon Sep 17 00:00:00 2001 From: Jehiah Czebotar Date: Sun, 9 Nov 2014 23:45:59 -0500 Subject: [PATCH 5/5] fix default in config to match --- contrib/google_auth_proxy.cfg.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contrib/google_auth_proxy.cfg.example b/contrib/google_auth_proxy.cfg.example index fc7f88368..1f4adedc4 100644 --- a/contrib/google_auth_proxy.cfg.example +++ b/contrib/google_auth_proxy.cfg.example @@ -41,4 +41,4 @@ # cookie_secret = "" # cookie_domain = "" # cookie_expire = "168h" -# cookie_https_only = false +# cookie_https_only = true