Add user mapping data model objects.

2025-09-08 06:01:22 +00:00 · 2012-12-24 18:13:27 -08:00
parent baa982daf1
commit 22386faa62
2 changed files with 306 additions and 0 deletions
--- a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/auth/Authorization.java
+++ b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/auth/Authorization.java
@@ -0,0 +1,247 @@
 package net.sourceforge.guacamole.net.basic.auth;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.Map;
 import java.util.TreeMap;
 import net.sourceforge.guacamole.protocol.GuacamoleConfiguration;
 /*
 *  Guacamole - Clientless Remote Desktop
 *  Copyright (C) 2010  Michael Jumper
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU Affero General Public License as published by
 *  the Free Software Foundation, either version 3 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Affero General Public License for more details.
 *
 *  You should have received a copy of the GNU Affero General Public License
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 /**
 * Mapping of username/password pair to configuration set. In addition to basic
 * storage of the username, password, and configurations, this class also
 * provides password validation functions.
 * 
 * @author Mike Jumper
 */
 public class Authorization {
    /**
     * All supported password encodings.
     */
    public static enum Encoding {
        /**
         * Plain-text password (not hashed at all).
         */
        PLAIN_TEXT,
        /**
         * Password hashed with MD5.
         */
        MD5
    }
    /**
     * The username being authorized.
     */
    private String username;
    /**
     * The password corresponding to the username being authorized, which may
     * be hashed.
     */
    private String password;
    /**
     * The encoding used when the password was hashed.
     */
    private Encoding encoding = Encoding.PLAIN_TEXT;
    /**
     * Map of all authorized configurations, indexed by configuration name.
     */
    private Map<String, GuacamoleConfiguration> configs = new
            TreeMap<String, GuacamoleConfiguration>();
    /**
     * Lookup table of hex bytes characters by value.
     */
    private static final char HEX_CHARS[] = {
        '0', '1', '2', '3', '4', '5', '6', '7',
        '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
    };
    /**
     * Produces a String containing the bytes provided in hexadecimal notation.
     * 
     * @param bytes The bytes to convert into hex.
     * @return A String containing the hex representation of the given bytes.
     */
    private static String getHexString(byte[] bytes) {
        // If null byte array given, return null
        if (bytes == null)
            return null;
        // Create string builder for holding the hex representation,
        // pre-calculating the exact length
        StringBuilder hex = new StringBuilder(2 * bytes.length);
        // Convert each byte into a pair of hex digits
        for (byte b : bytes) {
            hex.append(HEX_CHARS[(b & 0xF0) >> 4])
               .append(HEX_CHARS[(b & 0x0F)     ]);
        }
        // Return the string produced
        return hex.toString();
    }
    /**
     * Returns the username associated with this authorization.
     * 
     * @return The username associated with this authorization.
     */
    public String getUsername() {
        return username;
    }
    /**
     * Sets the username associated with this authorization.
     * 
     * @param username The username to associate with this authorization.
     */
    public void setUsername(String username) {
        this.username = username;
    }
    /**
     * Returns the password associated with this authorization, which may be
     * encoded or hashed.
     * 
     * @return The password associated with this authorization.
     */
    public String getPassword() {
        return password;
    }
    /**
     * Sets the password associated with this authorization, which must be
     * encoded using the encoding specified with setEncoding(). By default,
     * passwords are plain text.
     * 
     * @param password Sets the password associated with this authorization.
     */
    public void setPassword(String password) {
        this.password = password;
    }
    /**
     * Returns the encoding used to hash the password, if any.
     * 
     * @return The encoding used to hash the password.
     */
    public Encoding getEncoding() {
        return encoding;
    }
    /**
     * Sets the encoding which will be used to hash the password or when
     * comparing a given password for validation.
     * 
     * @param encoding The encoding to use for password hashing.
     */
    public void setEncoding(Encoding encoding) {
        this.encoding = encoding;
    }
    /**
     * Returns whether a given username/password pair is authorized based on
     * the stored username and password. The password given must be plain text.
     * It will be hashed as necessary to perform the validation.
     * 
     * @param username The username to validate.
     * @param password The password to validate.
     * @return true if the username/password pair given is authorized, false
     *         otherwise.
     */
    public boolean validate(String username, String password) {
        // If username matches
        if (username != null && password != null
                && username.equals(this.username)) {
            switch (encoding) {
                // If plain text, just compare
                case PLAIN_TEXT:
                    // Compare plaintext
                    return password.equals(this.password);
                // If hased with MD5, hash password and compare
                case MD5:
                    // Compare hashed password
                    try {
                        MessageDigest digest = MessageDigest.getInstance("MD5");
                        String hashedPassword = getHexString(digest.digest(password.getBytes()));
                        return hashedPassword.equals(this.password.toUpperCase());
                    }
                    catch (NoSuchAlgorithmException e) {
                        throw new UnsupportedOperationException("Unexpected lack of MD5 support.", e);
                    }
            }
        } // end validation check
        return false;
    }
    /**
     * Returns the GuacamoleConfiguration having the given name and associated
     * with the username/password pair stored within this authorization.
     * 
     * @param name The name of the GuacamoleConfiguration to return.
     * @return The GuacamoleConfiguration having the given name, or null if no
     *         such GuacamoleConfiguration exists.
     */
    public GuacamoleConfiguration getConfiguration(String name) {
        return configs.get(name);
    }
    /**
     * Adds the given GuacamoleConfiguration to the set of stored configurations
     * under the given name.
     * 
     * @param name The name to associate this GuacamoleConfiguration with.
     * @param config The GuacamoleConfiguration to store.
     */
    public void addConfiguration(String name, GuacamoleConfiguration config) {
        configs.put(name, config);
    }
    /**
     * Returns a Map of all stored GuacamoleConfigurations associated with the
     * username/password pair stored within this authorization, indexed by
     * configuration name.
     * 
     * @return A Map of all stored GuacamoleConfigurations.
     */
    public Map<String, GuacamoleConfiguration> getConfigurations() {
        return configs;
    }
 }
--- a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/auth/UserMapping.java
+++ b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/auth/UserMapping.java
@@ -0,0 +1,59 @@
 package net.sourceforge.guacamole.net.basic.auth;
 import java.util.HashMap;
 import java.util.Map;
 /*
 *  Guacamole - Clientless Remote Desktop
 *  Copyright (C) 2010  Michael Jumper
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU Affero General Public License as published by
 *  the Free Software Foundation, either version 3 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Affero General Public License for more details.
 *
 *  You should have received a copy of the GNU Affero General Public License
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 /**
 * Mapping of all usernames to corresponding authorizations.
 * 
 * @author Mike Jumper
 */
 public class UserMapping {
    /**
     * All authorizations, indexed by username.
     */
    private Map<String, Authorization> authorizations =
            new HashMap<String, Authorization>();
    /**
     * Adds the given authorization to the user mapping.
     * 
     * @param authorization The authorization to add to the user mapping.
     */
    public void addAuthorization(Authorization authorization) {
        authorizations.put(authorization.getUsername(), authorization);
    }
    /**
     * Returns the authorization corresponding to the user having the given
     * username, if any.
     * 
     * @param username The username to find the authorization for.
     * @return The authorization corresponding to the user having the given
     *         username, or null if no such authorization exists.
     */
    public Authorization getAuthorization(String username) {
        return authorizations.get(username);
    }
 }