Permalink
Browse files

Commit #1: The Gate One beta is about to go public.

  • Loading branch information...
0 parents commit 04f2eabdda56315b7723fe8db400167c9d89fa61 @liftoff liftoff committed Oct 13, 2011
Showing with 35,150 additions and 0 deletions.
  1. +661 −0 AGPLv3.txt
  2. +18 −0 LICENSE.txt
  3. +40 −0 README
  4. +216 −0 gateone/auth.py
  5. +130 −0 gateone/docs/Makefile
  6. BIN gateone/docs/build/doctrees/About/index.doctree
  7. BIN gateone/docs/build/doctrees/Developer/auth.doctree
  8. BIN gateone/docs/build/doctrees/Developer/gateone.doctree
  9. BIN gateone/docs/build/doctrees/Developer/index.doctree
  10. BIN gateone/docs/build/doctrees/Developer/js_gateone.doctree
  11. BIN gateone/docs/build/doctrees/Developer/js_go_process.doctree
  12. BIN gateone/docs/build/doctrees/Developer/logviewer.doctree
  13. BIN gateone/docs/build/doctrees/Developer/plugin_bookmarks.doctree
  14. BIN gateone/docs/build/doctrees/Developer/plugin_help.doctree
  15. BIN gateone/docs/build/doctrees/Developer/plugin_logging.doctree
  16. BIN gateone/docs/build/doctrees/Developer/plugin_playback.doctree
  17. BIN gateone/docs/build/doctrees/Developer/plugin_ssh.doctree
  18. BIN gateone/docs/build/doctrees/Developer/sso.doctree
  19. BIN gateone/docs/build/doctrees/Developer/terminal.doctree
  20. BIN gateone/docs/build/doctrees/Developer/termio.doctree
  21. BIN gateone/docs/build/doctrees/Developer/utils.doctree
  22. BIN gateone/docs/build/doctrees/UserGuide/index.doctree
  23. BIN gateone/docs/build/doctrees/environment.pickle
  24. BIN gateone/docs/build/doctrees/index.doctree
  25. +4 −0 gateone/docs/build/html/.buildinfo
  26. +723 −0 gateone/docs/build/html/About/index.html
  27. +261 −0 gateone/docs/build/html/Developer/auth.html
  28. +431 −0 gateone/docs/build/html/Developer/gateone.html
  29. +263 −0 gateone/docs/build/html/Developer/index.html
  30. +2,676 −0 gateone/docs/build/html/Developer/js_gateone.html
  31. +119 −0 gateone/docs/build/html/Developer/js_go_process.html
  32. +236 −0 gateone/docs/build/html/Developer/logviewer.html
  33. +119 −0 gateone/docs/build/html/Developer/plugin_bookmarks.html
  34. +119 −0 gateone/docs/build/html/Developer/plugin_help.html
  35. +119 −0 gateone/docs/build/html/Developer/plugin_logging.html
  36. +119 −0 gateone/docs/build/html/Developer/plugin_playback.html
  37. +109 −0 gateone/docs/build/html/Developer/plugin_ssh.html
  38. +255 −0 gateone/docs/build/html/Developer/sso.html
  39. +661 −0 gateone/docs/build/html/Developer/terminal.html
  40. +304 −0 gateone/docs/build/html/Developer/termio.html
  41. +416 −0 gateone/docs/build/html/Developer/utils.html
  42. +382 −0 gateone/docs/build/html/UserGuide/index.html
  43. BIN gateone/docs/build/html/_images/gateone_bellaction.png
  44. BIN gateone/docs/build/html/_images/gateone_bookmarks_empty.png
  45. BIN gateone/docs/build/html/_images/gateone_displaymessage.png
  46. BIN gateone/docs/build/html/_images/gateone_displayterminfo.png
  47. BIN gateone/docs/build/html/_images/gateone_grid_view.png
  48. BIN gateone/docs/build/html/_images/gateone_infopanel.png
  49. BIN gateone/docs/build/html/_images/gateone_login.png
  50. BIN gateone/docs/build/html/_images/gateone_login_explained.png
  51. BIN gateone/docs/build/html/_images/gateone_new_bookmark1.png
  52. BIN gateone/docs/build/html/_images/gateone_new_bookmark2.png
  53. BIN gateone/docs/build/html/_images/gateone_new_bookmark3.png
  54. BIN gateone/docs/build/html/_images/gateone_new_bookmark4.png
  55. BIN gateone/docs/build/html/_images/gateone_opened_via_bookmark.png
  56. BIN gateone/docs/build/html/_images/gateone_second_session_no_password.png
  57. BIN gateone/docs/build/html/_images/gateone_settingspanel.png
  58. +307 −0 gateone/docs/build/html/_modules/auth.html
  59. +1,289 −0 gateone/docs/build/html/_modules/gateone.html
  60. +96 −0 gateone/docs/build/html/_modules/index.html
  61. +387 −0 gateone/docs/build/html/_modules/logviewer.html
  62. +298 −0 gateone/docs/build/html/_modules/sso.html
  63. +1,899 −0 gateone/docs/build/html/_modules/terminal.html
  64. +599 −0 gateone/docs/build/html/_modules/termio.html
  65. +627 −0 gateone/docs/build/html/_modules/utils.html
  66. +466 −0 gateone/docs/build/html/_sources/About/index.txt
  67. +7 −0 gateone/docs/build/html/_sources/Developer/auth.txt
  68. +7 −0 gateone/docs/build/html/_sources/Developer/gateone.txt
  69. +45 −0 gateone/docs/build/html/_sources/Developer/index.txt
  70. +1,765 −0 gateone/docs/build/html/_sources/Developer/js_gateone.txt
  71. +2 −0 gateone/docs/build/html/_sources/Developer/js_go_process.txt
  72. +7 −0 gateone/docs/build/html/_sources/Developer/logviewer.txt
  73. +2 −0 gateone/docs/build/html/_sources/Developer/plugin_bookmarks.txt
  74. +2 −0 gateone/docs/build/html/_sources/Developer/plugin_help.txt
  75. +2 −0 gateone/docs/build/html/_sources/Developer/plugin_logging.txt
  76. +2 −0 gateone/docs/build/html/_sources/Developer/plugin_playback.txt
  77. +2 −0 gateone/docs/build/html/_sources/Developer/plugin_ssh.txt
  78. +7 −0 gateone/docs/build/html/_sources/Developer/sso.txt
  79. +7 −0 gateone/docs/build/html/_sources/Developer/terminal.txt
  80. +7 −0 gateone/docs/build/html/_sources/Developer/termio.txt
  81. +7 −0 gateone/docs/build/html/_sources/Developer/utils.txt
  82. +208 −0 gateone/docs/build/html/_sources/UserGuide/index.txt
  83. +15 −0 gateone/docs/build/html/_sources/index.txt
  84. +74 −0 gateone/docs/build/html/_static/ansi.css
  85. +535 −0 gateone/docs/build/html/_static/basic.css
  86. +288 −0 gateone/docs/build/html/_static/default.css
  87. +247 −0 gateone/docs/build/html/_static/doctools.js
  88. BIN gateone/docs/build/html/_static/file.png
  89. +154 −0 gateone/docs/build/html/_static/jquery.js
  90. BIN gateone/docs/build/html/_static/minus.png
  91. BIN gateone/docs/build/html/_static/plus.png
  92. +62 −0 gateone/docs/build/html/_static/pygments.css
  93. +521 −0 gateone/docs/build/html/_static/searchtools.js
  94. +148 −0 gateone/docs/build/html/_static/sidebar.js
  95. +16 −0 gateone/docs/build/html/_static/underscore.js
  96. +641 −0 gateone/docs/build/html/genindex.html
  97. +145 −0 gateone/docs/build/html/index.html
  98. BIN gateone/docs/build/html/objects.inv
  99. +162 −0 gateone/docs/build/html/py-modindex.html
  100. +103 −0 gateone/docs/build/html/search.html
  101. +1 −0 gateone/docs/build/html/searchindex.js
  102. +1 −0 gateone/docs/html
  103. +466 −0 gateone/docs/source/About/index.rst
  104. +7 −0 gateone/docs/source/Developer/auth.rst
  105. +7 −0 gateone/docs/source/Developer/gateone.rst
  106. +45 −0 gateone/docs/source/Developer/index.rst
  107. +1,765 −0 gateone/docs/source/Developer/js_gateone.rst
  108. +2 −0 gateone/docs/source/Developer/js_go_process.rst
  109. +7 −0 gateone/docs/source/Developer/logviewer.rst
  110. +2 −0 gateone/docs/source/Developer/plugin_bookmarks.rst
  111. +2 −0 gateone/docs/source/Developer/plugin_help.rst
  112. +2 −0 gateone/docs/source/Developer/plugin_logging.rst
  113. +2 −0 gateone/docs/source/Developer/plugin_playback.rst
  114. +2 −0 gateone/docs/source/Developer/plugin_ssh.rst
  115. BIN gateone/docs/source/Developer/screenshots/gateone_bellaction.png
  116. BIN gateone/docs/source/Developer/screenshots/gateone_displaymessage.png
  117. BIN gateone/docs/source/Developer/screenshots/gateone_displayterminfo.png
  118. +7 −0 gateone/docs/source/Developer/sso.rst
  119. +7 −0 gateone/docs/source/Developer/terminal.rst
  120. +7 −0 gateone/docs/source/Developer/termio.rst
  121. +7 −0 gateone/docs/source/Developer/utils.rst
  122. +208 −0 gateone/docs/source/UserGuide/index.rst
  123. BIN gateone/docs/source/UserGuide/screenshots/gateone_bookmarks_empty.png
  124. BIN gateone/docs/source/UserGuide/screenshots/gateone_grid_view.png
  125. BIN gateone/docs/source/UserGuide/screenshots/gateone_infopanel.png
  126. BIN gateone/docs/source/UserGuide/screenshots/gateone_login.png
  127. BIN gateone/docs/source/UserGuide/screenshots/gateone_login_explained.png
  128. BIN gateone/docs/source/UserGuide/screenshots/gateone_new_bookmark1.png
  129. BIN gateone/docs/source/UserGuide/screenshots/gateone_new_bookmark2.png
  130. BIN gateone/docs/source/UserGuide/screenshots/gateone_new_bookmark3.png
  131. BIN gateone/docs/source/UserGuide/screenshots/gateone_new_bookmark4.png
  132. BIN gateone/docs/source/UserGuide/screenshots/gateone_opened_via_bookmark.png
  133. BIN gateone/docs/source/UserGuide/screenshots/gateone_second_session_no_password.png
  134. BIN gateone/docs/source/UserGuide/screenshots/gateone_settingspanel.png
  135. +74 −0 gateone/docs/source/_static/ansi.css
  136. +535 −0 gateone/docs/source/_static/basic.css
  137. +288 −0 gateone/docs/source/_static/default.css
  138. +276 −0 gateone/docs/source/conf.py
  139. +15 −0 gateone/docs/source/index.rst
  140. +1,199 −0 gateone/gateone.py
  141. +297 −0 gateone/logviewer.py
  142. +559 −0 gateone/plugins/bookmarks/static/bookmarks.js
  143. +133 −0 gateone/plugins/help/static/help.js
  144. +390 −0 gateone/plugins/logging/static/logging.js
  145. +209 −0 gateone/plugins/playback/static/playback.js
  146. +239 −0 gateone/plugins/ssh/scripts/ssh_connect.py
  147. +124 −0 gateone/plugins/ssh/ssh.py
  148. +177 −0 gateone/plugins/ssh/static/ssh.js
  149. +207 −0 gateone/sso.py
  150. +31 −0 gateone/static/about.html
  151. BIN gateone/static/bell.ogg
  152. BIN gateone/static/dejavusansmono-webfont.eot
  153. +256 −0 gateone/static/dejavusansmono-webfont.svg
  154. BIN gateone/static/dejavusansmono-webfont.ttf
  155. BIN gateone/static/dejavusansmono-webfont.woff
  156. BIN gateone/static/favicon.ico
  157. +34 −0 gateone/static/gateone.css
  158. +2,669 −0 gateone/static/gateone.js
  159. +69 −0 gateone/static/go_process.js
  160. +866 −0 gateone/templates/css_black.css
  161. +849 −0 gateone/templates/css_white.css
  162. +41 −0 gateone/templates/index.html
  163. +488 −0 gateone/templates/self_contained_recording.html
  164. +26 −0 gateone/templates/user_log.html
  165. +1,808 −0 gateone/terminal.py
  166. +508 −0 gateone/termio.py
  167. +62 −0 gateone/tests/test_terminal.py
  168. +536 −0 gateone/utils.py
  169. +12 −0 setup.cfg
  170. +87 −0 setup.py

Large diffs are not rendered by default.

Oops, something went wrong.
@@ -0,0 +1,18 @@
+COPYRIGHT NOTICE
+================
+Gate One and all bundled original code...
+
+ Copyright 2011 Liftoff Software Corporation
+
+Gate One is dual-licensed: AGPLv3 or Proprietary.
+
+Unless you have been granted a license from Liftoff Software, Gate One and all
+bundled software--except where noted--is licensed under the GNU Affero General
+Public License version 3. A copy of the AGPLv3 license should have been
+included with the Gate One software as AGPLv3.txt. If not, a copy may be
+obtained by visiting:
+
+ http://www.gnu.org/licenses/agpl.html
+
+If the terms of the AGPLv3 license do not suit your needs, a proprietary
+license may be purchased from Liftoff Software: http://liftoffsoftware.com/
40 README
@@ -0,0 +1,40 @@
+Gate One is an HTML5 web-based terminal emulator and SSH client. Top features:
+
+ * No browser plugins required!
+ * Supports multiple simultaneous terminal sessions. As many as your
+ hardware can handle.
+ * Users can re-connect to their running terminals whenever they like from
+ anywhere.
+ * Can be embedded into other applications. Add a terminal--running whatever
+ application(s) you want--to your web app! Would be vastly superior to
+ say, a Java-based serial console applet (hint hint).
+ * Includes powerful plugin system that supports plugins written in Python,
+ JavaScript, and even CSS (yes, you can write a CSS-only plugin).
+ * The Gate One server can be stopped & started without users losing their
+ running terminal applications (even SSH sessions stay connected!). In
+ essence, worry-free upgrades!
+ * The SSH plugin allows users to duplicate sessions without having to
+ re-enter their username and password (it re-uses the existing SSH tunnel).
+ * Provides users with the ability to play back and save/share their terminal
+ sessions via a self-contained HTML playback file.
+ * Similarly, supports server-side logging, recording, and video-like
+ playback of user sessions. It can even log to syslog to support
+ whatever centralized logging system you want.
+ * Keberos-based Single Sign-on support is included. It even works with
+ Active Directory. Other authentication options are available as well.
+
+All documentation is in the "gateone/docs" directory. The HTML documentation is
+pre-built and ready-to-read.
+
+IMPORTANT: Gate One is currently IN BETA. Some things may be incomplete or
+buggy. Feel free to open new tickets in the issue tracker!
+
+FYI: Gate One was developed entirely by one guy in his spare time over the
+course of ~9 months. It turned out pretty good so he's looking to start a
+business out of it. What better way to create jobs than to start by creating
+one for yourself? All feedback, tips, and advice is appreciated:
+
+ daniel.mcdougall@liftoffsoftware.com
+
+NOTE: http://liftoffsoftware.com/ hasn't been built yet so links pointing there
+will be dead for a while.
@@ -0,0 +1,216 @@
+# -*- coding: utf-8 -*-
+#
+# Copyright 2011 Liftoff Software Corporation
+#
+
+# Meta
+__version__ = '0.9'
+__license__ = "AGPLv3 or Proprietary (see LICENSE.txt)"
+__version_info__ = (0, 9)
+__author__ = 'Dan McDougall <daniel.mcdougall@liftoffsoftware.com>'
+
+__doc__ = """\
+Authentication
+==============
+This module contains Gate One's authentication classes. They map to Gate One's
+--auth configuration option like so:
+
+=============== ===================
+--auth=none NullAuthHandler
+--auth=kerberos KerberosAuthHandler
+--auth=google GoogleAuthHandler
+=============== ===================
+
+None or Anonymous
+-----------------
+By default Gate One will not authenticate users. This means that user sessions
+will be tied to their browser cookie and users will not be able to resume their
+sessions from another computer/browser. Most useful for situations where
+session persistence and logging aren't important.
+
+*All* users will show up as %anonymous using this authentication type.
+
+.. note:: The % is there to avoid name conflicts.
+
+Kerberos
+--------
+Kerberos authentication utilizes GSSAPI for Single Sign-on (SSO) but will fall
+back to HTTP Basic authentication if GSSAPI auth fails. This authentication
+type can be integrated into any Kerberos infrastructure including Windows
+Active Directory.
+
+It is great for both transparent authentication and being able to tie sessions
+and logs to specific users within your organization (compliance).
+
+.. note:: The sso.py module itself has extensive documentation on this authentication type.
+
+Google Authentication
+---------------------
+If you want persistent user sessions but don't care to run your own
+authentication infrastructure this authentication type is for you. Assuming,
+of course, that your Gate One server and clients will have access to the
+Internet.
+
+.. note:: This authentication type is perfect if you're using Chromebooks (Chrome OS devices).
+
+Docstrings
+==========
+"""
+
+# Import stdlib stuff
+import os
+import logging
+
+# Import our own stuff
+from utils import mkdir_p, generate_session_id
+
+# 3rd party imports
+import tornado.web
+import tornado.auth
+import tornado.escape
+
+class BaseAuthHandler(tornado.web.RequestHandler):
+ """The base class for all Gate One authentication handlers."""
+ def get_current_user(self):
+ """Tornado standard method--implemented our way."""
+ user_json = self.get_secure_cookie("user")
+ if not user_json: return None
+ return tornado.escape.json_decode(user_json)
+
+ def user_login(self, user):
+ """
+ Called immediately after a user authenticates successfully. Saves
+ session information in the user's directory. Expects *user* to be a
+ string containing the username or userPrincipalName. e.g. 'user@REALM'
+ or just 'someuser'.
+ """
+ # Make a directory to store this user's settings/files/logs/etc
+ user_dir = self.settings['user_dir'] + "/" + user
+ logging.info("Creating user directory: %s" % user_dir)
+ mkdir_p(user_dir)
+ os.chmod(user_dir, 0700)
+ session_file = user_dir + '/session'
+ if os.path.exists(session_file):
+ session_data = open(session_file).read()
+ session_info = tornado.escape.json_decode(session_data)
+ else:
+ with open(session_file, 'w') as f:
+ # Save it so we can keep track across multiple clients
+ session_info = {
+ 'go_upn': user, # FYI: UPN == userPrincipalName
+ 'go_session': generate_session_id()
+ }
+ session_info_json = tornado.escape.json_encode(session_info)
+ f.write(session_info_json)
+ self.set_secure_cookie("user", tornado.escape.json_encode(session_info))
+
+ def user_logout(self, user):
+ """
+ Called immediately after a user logs out. Doesn't actually do
+ anything. Just potential future use at this point.
+ """
+ pass # Nothing here yet but someone might want to override it
+
+class NullAuthHandler(BaseAuthHandler):
+ """
+ A handler for when no authentication method is chosen (i.e. --auth=none).
+ """
+ def get(self):
+ """
+ Sets the 'user' cookie with a new random session ID (*go_session*) and
+ sets *go_upn* to '%anonymous'.
+ """
+ # % is valid on the filesystem but invalid for an actual username.
+ # This ensures we won't have a conflict at some point with an actual
+ # user.
+ user = r'%anonymous'
+ self.user_login(user) # Takes care of the user's settings dir
+ user_cookie = {
+ 'go_upn': user,
+ 'go_session': generate_session_id()
+ }
+ self.set_secure_cookie("user", tornado.escape.json_encode(user_cookie))
+ next_url = self.get_argument("next", None)
+ if next_url:
+ self.redirect(next_url)
+ else:
+ self.redirect("/")
+
+class GoogleAuthHandler(BaseAuthHandler, tornado.auth.GoogleMixin):
+ """
+ Google authentication handler.
+ """
+ @tornado.web.asynchronous
+ def get(self):
+ """
+ Sets the 'user' cookie with an appropriate *go_upn* and *go_session*.
+ """
+ if self.get_argument("openid.mode", None):
+ self.get_authenticated_user(self._on_auth)
+ return
+ self.authenticate_redirect(
+ ax_attrs=["name","email","language","username"])
+
+ def _on_auth(self, user):
+ """
+ Just a continuation of the get() method (the final step where it
+ actually sets the cookie).
+ """
+ if not user:
+ raise tornado.web.HTTPError(500, "Google auth failed")
+ print("GoogleAuthLoginHandler user: %s" % user)
+ # NOTE: Google auth 'user' will be a dict like so:
+ # user: {
+ # 'locale': u'en-us',
+ # 'first_name': u'Dan',
+ # 'last_name': u'McDougall',
+ # 'name': u'Dan McDougall',
+ # 'email': u'riskable@gmail.com'}
+ # Named these 'go_<whatever>' since that is less likely to conflict with
+ # anything in the future (should some auth mechanism start returning
+ # session IDs of some sort).
+ self.user_login(user) # This takes care of the user's settings dir
+ user_cookie = { # Don't need all that other stuff
+ 'go_session': generate_session_id(),
+ 'go_upn': user['email'] # Just an equivalent for standardization
+ }
+ self.set_secure_cookie("user", tornado.escape.json_encode(user_cookie))
+ next_url = self.get_argument("next", None)
+ if next_url:
+ self.redirect(next_url)
+ else:
+ self.redirect("/")
+
+# Add our KerberosAuthHandler if sso is available
+KerberosAuthHandler = None
+try:
+ from sso import KerberosAuthMixin
+ class KerberosAuthHandler(BaseAuthHandler, KerberosAuthMixin):
+ """
+ Handles authenticating users via Kerberos/GSSAPI/SSO.
+ """
+ def get(self):
+ """
+ Checks the user's request header for the proper Authorization data. If
+ it checks out the user will be logged in via _on_auth(). If not, the
+ browser will be redirected to login.
+ """
+ auth_header = self.request.headers.get('Authorization')
+ if auth_header:
+ self.get_authenticated_user(self._on_auth)
+ return
+ self.authenticate_redirect()
+
+ def _on_auth(self, user):
+ if not user:
+ raise tornado.web.HTTPError(500, "Kerberos auth failed")
+ self.user_login(user) # This takes care of the user's settings dir
+ # TODO: Add some LDAP or local DB lookups here to add more detail to user objects
+ logging.debug("KerberosAuthHandler user: %s" % user)
+ next_url = self.get_argument("next", None)
+ if next_url:
+ self.redirect(next_url)
+ else:
+ self.redirect("/")
+except ImportError:
+ pass # No SSO available.
Oops, something went wrong.

0 comments on commit 04f2eab

Please sign in to comment.