GUAC-971: Allow existing sessions/tokens to be updated through the login process.

guacamole/src/main/java/org/glyptodon/guacamole/net/basic/GuacamoleSession.java

@@ -53,12 +53,12 @@ public class GuacamoleSession {
     /**
      * The credentials provided when the user logged in.
      */
-    private final Credentials credentials;
+    private Credentials credentials;
     
     /**
      * The user context associated with this session.
      */
-    private final UserContext userContext;
+    private UserContext userContext;
 
     /**
      * Collection of all event listeners configured in guacamole.properties.
@@ -148,6 +148,17 @@ public class GuacamoleSession {
         return credentials;
     }
 
+    /**
+     * Replaces the credentials associated with this session with the given
+     * credentials.
+     *
+     * @param credentials
+     *     The credentials to associate with this session.
+     */
+    public void setCredentials(Credentials credentials) {
+        this.credentials = credentials;
+    }
+    
     /**
      * Returns the UserContext associated with this session.
      *
@@ -157,6 +168,17 @@ public class GuacamoleSession {
         return userContext;
     }
 
+    /**
+     * Replaces the user context associated with this session with the given
+     * user context.
+     *
+     * @param userContext
+     *     The user context to associate with this session.
+     */
+    public void setUserContext(UserContext userContext) {
+        this.userContext = userContext;
+    }
+    
     /**
      * Returns the ClipboardState associated with this session.
      *

guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/auth/TokenRESTService.java

@@ -77,11 +77,23 @@ public class TokenRESTService {
     
     /**
      * Authenticates a user, generates an auth token, associates that auth token
-     * with the user's UserContext for use by further requests.
+     * with the user's UserContext for use by further requests. If an existing
+     * token is provided, the authentication procedure will attempt to update
+     * or reuse the provided token.
+     * 
+     * @param username
+     *     The username of the user who is to be authenticated.
+     *
+     * @param password
+     *     The password of the user who is to be authenticated.
+     *
+     * @param token
+     *     An optional existing auth token for the user who is to be
+     *     authenticated.
+     *
+     * @param request
+     *     The HttpServletRequest associated with the login attempt.
      *
-     * @param username The username of the user who is to be authenticated.
-     * @param password The password of the user who is to be authenticated.
-     * @param request The HttpServletRequest associated with the login attempt.
      * @return The auth token for the newly logged-in user.
      * @throws GuacamoleException If an error prevents successful login.
      */
@@ -89,8 +101,17 @@ public class TokenRESTService {
     @AuthProviderRESTExposure
     public APIAuthToken createToken(@FormParam("username") String username,
             @FormParam("password") String password,
+            @FormParam("token") String token,
             @Context HttpServletRequest request) throws GuacamoleException {
 
+        // Pull existing session if token provided
+        GuacamoleSession existingSession;
+        if (token != null)
+            existingSession = tokenSessionMap.get(token);
+        else
+            existingSession = null;
+
+        // Build credentials
         Credentials credentials = new Credentials();
         credentials.setUsername(username);
         credentials.setPassword(password);
@@ -99,7 +120,15 @@ public class TokenRESTService {
         
         UserContext userContext;
         try {
-            userContext = authProvider.getUserContext(credentials);
+
+            // Update existing user context if session already exists
+            if (existingSession != null)
+                userContext = authProvider.updateUserContext(existingSession.getUserContext(), credentials);
+
+            /// Otherwise, generate a new user context
+            else
+                userContext = authProvider.getUserContext(credentials);
+
         }
         catch(GuacamoleException e) {
             logger.error("Exception caught while authenticating user.", e);
@@ -111,9 +140,19 @@ public class TokenRESTService {
         if (userContext == null)
             throw new HTTPException(Status.UNAUTHORIZED, "Permission Denied.");
 
-        String authToken = authTokenGenerator.getToken();
+        // Update existing session, if it exists
+        String authToken;
+        if (existingSession != null) {
+            authToken = token;
+            existingSession.setCredentials(credentials);
+            existingSession.setUserContext(userContext);
+        }
 
-        tokenSessionMap.put(authToken, new GuacamoleSession(credentials, userContext));
+        // If no existing session, generate a new token/session pair
+        else {
+            authToken = authTokenGenerator.getToken();
+            tokenSessionMap.put(authToken, new GuacamoleSession(credentials, userContext));
+        }
         
         logger.debug("Login was successful for user \"{}\".", userContext.self().getUsername());
         return new APIAuthToken(authToken, username);