From 37f1da9f1f9e58f2a9abaf18f7b65bfb2d37aaf7 Mon Sep 17 00:00:00 2001 From: Virtually Nick Date: Thu, 21 Feb 2019 17:09:44 -0500 Subject: [PATCH] GUACAMOLE-736: Replace JAXB DatatypeConverter with Guava BaseEncoding. --- extensions/guacamole-auth-cas/pom.xml | 14 ++++++------- .../cas/ticket/TicketValidationService.java | 4 ++-- extensions/guacamole-auth-duo/pom.xml | 14 ++++++------- .../guacamole/auth/duo/api/DuoCookie.java | 6 +++--- .../auth/duo/api/SignedDuoCookie.java | 4 ++-- .../modules/guacamole-auth-jdbc-base/pom.xml | 9 +------- .../SHA256PasswordEncryptionService.java | 4 ++-- extensions/guacamole-auth-radius/pom.xml | 14 ++++++------- .../radius/AuthenticationProviderService.java | 8 +++---- extensions/guacamole-auth-totp/pom.xml | 21 +++++++------------ .../totp/form/AuthenticationCodeField.java | 3 +-- guacamole/pom.xml | 7 +++++++ .../auth/SecureRandomAuthTokenGenerator.java | 4 ++-- .../guacamole/rest/auth/TokenRESTService.java | 5 +++-- .../tunnel/InputStreamInterceptingFilter.java | 4 ++-- .../OutputStreamInterceptingFilter.java | 4 ++-- 16 files changed, 58 insertions(+), 67 deletions(-) diff --git a/extensions/guacamole-auth-cas/pom.xml b/extensions/guacamole-auth-cas/pom.xml index 908e461ed..60d1df300 100644 --- a/extensions/guacamole-auth-cas/pom.xml +++ b/extensions/guacamole-auth-cas/pom.xml @@ -234,6 +234,13 @@ + + + + com.google.guava + guava + 27.0.1-jre + @@ -255,13 +262,6 @@ provided - - - javax.xml.bind - jaxb-api - 2.3.1 - - diff --git a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java index bfc3b69fc..b7cf33f0b 100644 --- a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java +++ b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java @@ -19,6 +19,7 @@ package org.apache.guacamole.auth.cas.ticket; +import com.google.common.io.BaseEncoding; import com.google.inject.Inject; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; @@ -28,7 +29,6 @@ import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import java.nio.charset.Charset; -import javax.xml.bind.DatatypeConverter; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.GuacamoleServerException; import org.apache.guacamole.auth.cas.conf.ConfigurationService; @@ -161,7 +161,7 @@ public class TicketValidationService { cipher.init(Cipher.DECRYPT_MODE, clearpassKey); // Decode and decrypt, and return a new string. - final byte[] pass64 = DatatypeConverter.parseBase64Binary(encryptedPassword); + final byte[] pass64 = BaseEncoding.base64().decode(encryptedPassword); final byte[] cipherData = cipher.doFinal(pass64); return new String(cipherData, Charset.forName("UTF-8")); diff --git a/extensions/guacamole-auth-duo/pom.xml b/extensions/guacamole-auth-duo/pom.xml index 2c70895af..8de36e06b 100644 --- a/extensions/guacamole-auth-duo/pom.xml +++ b/extensions/guacamole-auth-duo/pom.xml @@ -216,6 +216,13 @@ 1.1.0 provided + + + + com.google.guava + guava + 27.0.1-jre + @@ -237,13 +244,6 @@ provided - - - javax.xml.bind - jaxb-api - 2.3.1 - - diff --git a/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/api/DuoCookie.java b/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/api/DuoCookie.java index 1de9a672b..6fa2a88c4 100644 --- a/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/api/DuoCookie.java +++ b/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/api/DuoCookie.java @@ -19,10 +19,10 @@ package org.apache.guacamole.auth.duo.api; +import com.google.common.io.BaseEncoding; import java.io.UnsupportedEncodingException; import java.util.regex.Matcher; import java.util.regex.Pattern; -import javax.xml.bind.DatatypeConverter; import org.apache.guacamole.GuacamoleClientException; import org.apache.guacamole.GuacamoleException; @@ -171,7 +171,7 @@ public class DuoCookie { // Attempt to decode data as base64 String data; try { - data = new String(DatatypeConverter.parseBase64Binary(str), "UTF-8"); + data = new String(BaseEncoding.base64().decode(str), "UTF-8"); } // Bail if invalid base64 is provided @@ -231,7 +231,7 @@ public class DuoCookie { String data = username + "|" + integrationKey + "|" + expires; // Encode resulting cookie string with base64 - return DatatypeConverter.printBase64Binary(data.getBytes("UTF-8")); + return BaseEncoding.base64().encode(data.getBytes("UTF-8")); } diff --git a/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/api/SignedDuoCookie.java b/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/api/SignedDuoCookie.java index 49fb34b01..f46f416c6 100644 --- a/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/api/SignedDuoCookie.java +++ b/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/api/SignedDuoCookie.java @@ -19,6 +19,7 @@ package org.apache.guacamole.auth.duo.api; +import com.google.common.io.BaseEncoding; import java.io.UnsupportedEncodingException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; @@ -26,7 +27,6 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; import javax.crypto.Mac; import javax.crypto.spec.SecretKeySpec; -import javax.xml.bind.DatatypeConverter; import org.apache.guacamole.GuacamoleClientException; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.GuacamoleServerException; @@ -221,7 +221,7 @@ public class SignedDuoCookie extends DuoCookie { mac.init(new SecretKeySpec(key.getBytes("UTF-8"), SIGNATURE_ALGORITHM)); // Return signature as hex - return DatatypeConverter.printHexBinary(mac.doFinal(data.getBytes("UTF-8"))).toLowerCase(); + return BaseEncoding.base16().encode(mac.doFinal(data.getBytes("UTF-8"))).toLowerCase(); } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/pom.xml b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/pom.xml index 8d83e4ea7..23c374bdf 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/pom.xml +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/pom.xml @@ -98,13 +98,6 @@ provided - - - javax.xml.bind - jaxb-api - 2.3.1 - - org.apache.guacamole @@ -142,7 +135,7 @@ com.google.guava guava - 19.0 + 27.0.1-jre diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/security/SHA256PasswordEncryptionService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/security/SHA256PasswordEncryptionService.java index ebcd1cd0e..83055d9a9 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/security/SHA256PasswordEncryptionService.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/security/SHA256PasswordEncryptionService.java @@ -19,10 +19,10 @@ package org.apache.guacamole.auth.jdbc.security; +import com.google.common.io.BaseEncoding; import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; -import javax.xml.bind.DatatypeConverter; /** * Provides a SHA-256 based implementation of the password encryption @@ -40,7 +40,7 @@ public class SHA256PasswordEncryptionService implements PasswordEncryptionServic builder.append(password); if (salt != null) - builder.append(DatatypeConverter.printHexBinary(salt)); + builder.append(BaseEncoding.base16().encode(salt)); // Hash UTF-8 bytes of possibly-salted password MessageDigest md = MessageDigest.getInstance("SHA-256"); diff --git a/extensions/guacamole-auth-radius/pom.xml b/extensions/guacamole-auth-radius/pom.xml index eaaedd6d1..abdb2d350 100644 --- a/extensions/guacamole-auth-radius/pom.xml +++ b/extensions/guacamole-auth-radius/pom.xml @@ -189,6 +189,13 @@ 1.1.0 provided + + + + com.google.guava + guava + 27.0.1-jre + @@ -210,13 +217,6 @@ provided - - - javax.xml.bind - jaxb-api - 2.3.1 - - net.jradius diff --git a/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java b/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java index 852eb7206..4fd37f18a 100644 --- a/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java +++ b/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java @@ -19,13 +19,11 @@ package org.apache.guacamole.auth.radius; +import com.google.common.io.BaseEncoding; import com.google.inject.Inject; import com.google.inject.Provider; -import java.lang.IllegalArgumentException; -import java.nio.charset.Charset; import java.util.Arrays; import javax.servlet.http.HttpServletRequest; -import javax.xml.bind.DatatypeConverter; import org.apache.guacamole.auth.radius.user.AuthenticatedUser; import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField; import org.apache.guacamole.auth.radius.form.RadiusStateField; @@ -100,7 +98,7 @@ public class AuthenticationProviderService { // We have the required attributes - convert to strings and then generate the additional login box/field String replyMsg = replyAttr.toString(); - String radiusState = DatatypeConverter.printHexBinary(stateAttr.getValue().getBytes()); + String radiusState = BaseEncoding.base16().encode(stateAttr.getValue().getBytes()); Field radiusResponseField = new RadiusChallengeResponseField(replyMsg); Field radiusStateField = new RadiusStateField(radiusState); @@ -164,7 +162,7 @@ public class AuthenticationProviderService { throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD); } - byte[] stateBytes = DatatypeConverter.parseHexBinary(stateString); + byte[] stateBytes = BaseEncoding.base16().decode(stateString); radPack = radiusService.sendChallengeResponse(credentials.getUsername(), challengeResponse, stateBytes); diff --git a/extensions/guacamole-auth-totp/pom.xml b/extensions/guacamole-auth-totp/pom.xml index 615f204b9..180cbde8e 100644 --- a/extensions/guacamole-auth-totp/pom.xml +++ b/extensions/guacamole-auth-totp/pom.xml @@ -220,6 +220,13 @@ 1.1.0 provided + + + + com.google.guava + guava + 27.0.1-jre + @@ -241,20 +248,6 @@ provided - - - javax.xml.bind - jaxb-api - 2.3.1 - - - - - com.google.guava - guava - 18.0 - - junit diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java index 1a61e8982..58b6527e4 100644 --- a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java +++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java @@ -30,7 +30,6 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; import java.net.URI; import javax.ws.rs.core.UriBuilder; -import javax.xml.bind.DatatypeConverter; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.auth.totp.user.UserTOTPKey; import org.apache.guacamole.auth.totp.conf.ConfigurationService; @@ -309,7 +308,7 @@ public class AuthenticationCodeField extends Field { // Return data URI for generated image return "data:image/png;base64," - + DatatypeConverter.printBase64Binary(stream.toByteArray()); + + BaseEncoding.base64().encode(stream.toByteArray()); } diff --git a/guacamole/pom.xml b/guacamole/pom.xml index 41114bf72..3834b63ba 100644 --- a/guacamole/pom.xml +++ b/guacamole/pom.xml @@ -493,6 +493,13 @@ + + + + com.google.guava + guava + 27.0.1-jre + diff --git a/guacamole/src/main/java/org/apache/guacamole/rest/auth/SecureRandomAuthTokenGenerator.java b/guacamole/src/main/java/org/apache/guacamole/rest/auth/SecureRandomAuthTokenGenerator.java index ac09ff0c1..09a6340e3 100644 --- a/guacamole/src/main/java/org/apache/guacamole/rest/auth/SecureRandomAuthTokenGenerator.java +++ b/guacamole/src/main/java/org/apache/guacamole/rest/auth/SecureRandomAuthTokenGenerator.java @@ -19,8 +19,8 @@ package org.apache.guacamole.rest.auth; +import com.google.common.io.BaseEncoding; import java.security.SecureRandom; -import javax.xml.bind.DatatypeConverter; /** * An implementation of the AuthTokenGenerator based around SecureRandom. @@ -37,7 +37,7 @@ public class SecureRandomAuthTokenGenerator implements AuthTokenGenerator { byte[] bytes = new byte[32]; secureRandom.nextBytes(bytes); - return DatatypeConverter.printHexBinary(bytes); + return BaseEncoding.base16().encode(bytes); } } diff --git a/guacamole/src/main/java/org/apache/guacamole/rest/auth/TokenRESTService.java b/guacamole/src/main/java/org/apache/guacamole/rest/auth/TokenRESTService.java index e1ff66fd7..887b4f029 100644 --- a/guacamole/src/main/java/org/apache/guacamole/rest/auth/TokenRESTService.java +++ b/guacamole/src/main/java/org/apache/guacamole/rest/auth/TokenRESTService.java @@ -19,6 +19,7 @@ package org.apache.guacamole.rest.auth; +import com.google.common.io.BaseEncoding; import com.google.inject.Inject; import java.io.UnsupportedEncodingException; import java.util.ArrayList; @@ -33,7 +34,6 @@ import javax.ws.rs.Produces; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; -import javax.xml.bind.DatatypeConverter; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.GuacamoleResourceNotFoundException; import org.apache.guacamole.net.auth.AuthenticatedUser; @@ -94,7 +94,8 @@ public class TokenRESTService { // Decode base64 authorization String basicBase64 = authorization.substring(6); - String basicCredentials = new String(DatatypeConverter.parseBase64Binary(basicBase64), "UTF-8"); + String basicCredentials = new String( + BaseEncoding.base64().decode(basicBase64), "UTF-8"); // Pull username/password from auth data int colon = basicCredentials.indexOf(':'); diff --git a/guacamole/src/main/java/org/apache/guacamole/tunnel/InputStreamInterceptingFilter.java b/guacamole/src/main/java/org/apache/guacamole/tunnel/InputStreamInterceptingFilter.java index 98c15c98a..f8e033416 100644 --- a/guacamole/src/main/java/org/apache/guacamole/tunnel/InputStreamInterceptingFilter.java +++ b/guacamole/src/main/java/org/apache/guacamole/tunnel/InputStreamInterceptingFilter.java @@ -19,11 +19,11 @@ package org.apache.guacamole.tunnel; +import com.google.common.io.BaseEncoding; import java.io.IOException; import java.io.InputStream; import java.util.Arrays; import java.util.List; -import javax.xml.bind.DatatypeConverter; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.net.GuacamoleTunnel; import org.apache.guacamole.protocol.GuacamoleInstruction; @@ -75,7 +75,7 @@ public class InputStreamInterceptingFilter // Send "blob" containing provided data sendInstruction(new GuacamoleInstruction("blob", index, - DatatypeConverter.printBase64Binary(blob))); + BaseEncoding.base64().encode(blob))); } diff --git a/guacamole/src/main/java/org/apache/guacamole/tunnel/OutputStreamInterceptingFilter.java b/guacamole/src/main/java/org/apache/guacamole/tunnel/OutputStreamInterceptingFilter.java index 85ae02c4a..99cf1538f 100644 --- a/guacamole/src/main/java/org/apache/guacamole/tunnel/OutputStreamInterceptingFilter.java +++ b/guacamole/src/main/java/org/apache/guacamole/tunnel/OutputStreamInterceptingFilter.java @@ -19,10 +19,10 @@ package org.apache.guacamole.tunnel; +import com.google.common.io.BaseEncoding; import java.io.IOException; import java.io.OutputStream; import java.util.List; -import javax.xml.bind.DatatypeConverter; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.net.GuacamoleTunnel; import org.apache.guacamole.protocol.GuacamoleInstruction; @@ -127,7 +127,7 @@ public class OutputStreamInterceptingFilter byte[] blob; try { String data = args.get(1); - blob = DatatypeConverter.parseBase64Binary(data); + blob = BaseEncoding.base64().decode(data); } catch (IllegalArgumentException e) { logger.warn("Received base64 data for intercepted stream was invalid.");