GUACAMOLE-579: Parse tokens from attributes provided by the CAS server.

extensions/guacamole-auth-cas/pom.xml

@@ -255,6 +255,14 @@
             <scope>provided</scope>
         </dependency>
         
+        <!-- JUnit -->
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>4.12</version>
+            <scope>test</scope>
+        </dependency>
+
     </dependencies>
 
 </project>

extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java

@@ -22,6 +22,9 @@ package org.apache.guacamole.auth.cas;
 import com.google.inject.Inject;
 import com.google.inject.Provider;
 import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Map.Entry;
 import javax.servlet.http.HttpServletRequest;
 import org.apache.guacamole.form.Field;
 import org.apache.guacamole.GuacamoleException;
@@ -31,7 +34,7 @@ import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsExce
 import org.apache.guacamole.auth.cas.conf.ConfigurationService;
 import org.apache.guacamole.auth.cas.form.CASTicketField;
 import org.apache.guacamole.auth.cas.ticket.TicketValidationService;
-import org.apache.guacamole.auth.cas.user.AuthenticatedUser;
+import org.apache.guacamole.auth.cas.user.CASAuthenticatedUser;
 
 /**
  * Service providing convenience functions for the CAS AuthenticationProvider
@@ -55,7 +58,7 @@ public class AuthenticationProviderService {
      * Provider for AuthenticatedUser objects.
      */
     @Inject
-    private Provider<AuthenticatedUser> authenticatedUserProvider;
+    private Provider<CASAuthenticatedUser> authenticatedUserProvider;
 
     /**
      * Returns an AuthenticatedUser representing the user authenticated by the
@@ -65,14 +68,14 @@ public class AuthenticationProviderService {
      *     The credentials to use for authentication.
      *
      * @return
-     *     An AuthenticatedUser representing the user authenticated by the
+     *     A CASAuthenticatedUser representing the user authenticated by the
      *     given credentials.
      *
      * @throws GuacamoleException
      *     If an error occurs while authenticating the user, or if access is
      *     denied.
      */
-    public AuthenticatedUser authenticateUser(Credentials credentials)
+    public CASAuthenticatedUser authenticateUser(Credentials credentials)
             throws GuacamoleException {
 
         // Pull CAS ticket from request if present
@@ -80,10 +83,11 @@ public class AuthenticationProviderService {
         if (request != null) {
             String ticket = request.getParameter(CASTicketField.PARAMETER_NAME);
             if (ticket != null) {
-                String username = ticketService.validateTicket(ticket, credentials);
+                Map<String, String> tokens = ticketService.validateTicket(ticket, credentials);
+                String username = credentials.getUsername();
                 if (username != null) {
-                    AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
+                    CASAuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
-                    authenticatedUser.init(username, credentials);
+                    authenticatedUser.init(username, credentials, tokens);
                     return authenticatedUser;
                 }
             }

extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/CASAuthenticationProvider.java

@@ -22,9 +22,12 @@ package org.apache.guacamole.auth.cas;
 import com.google.inject.Guice;
 import com.google.inject.Injector;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.cas.user.CASAuthenticatedUser;
 import org.apache.guacamole.net.auth.AbstractAuthenticationProvider;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.TokenInjectingUserContext;
+import org.apache.guacamole.net.auth.UserContext;
 
 /**
  * Guacamole authentication backend which authenticates users using an
@@ -72,4 +75,16 @@ public class CASAuthenticationProvider extends AbstractAuthenticationProvider {
 
     }
     
+    @Override
+    public UserContext decorate(UserContext context,
+            AuthenticatedUser authenticatedUser, Credentials credentials)
+            throws GuacamoleException {
+        
+        if (!(authenticatedUser instanceof CASAuthenticatedUser))
+            return context;
+        
+        return new TokenInjectingUserContext(context,
+                ((CASAuthenticatedUser) authenticatedUser).getTokens());
+    }
+
 }

extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/CASTokenName.java

@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.cas;
+
+import org.apache.guacamole.token.TokenName;
+
+/**
+ * Utility class for generating parameter token names.
+ */
+public class CASTokenName extends TokenName {
+    
+    public static String fromAttribute(String name) {
+        return fromAttribute(name, "CAS_");
+    }
+
+}

extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java

@@ -28,13 +28,15 @@ import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.NoSuchPaddingException;
 import java.nio.charset.Charset;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Map.Entry;
 import javax.xml.bind.DatatypeConverter;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.GuacamoleServerException;
+import org.apache.guacamole.auth.cas.CASTokenName;
 import org.apache.guacamole.auth.cas.conf.ConfigurationService;
 import org.apache.guacamole.net.auth.Credentials;
-import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
-import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
 import org.jasig.cas.client.authentication.AttributePrincipal;
 import org.jasig.cas.client.validation.Assertion;
 import org.jasig.cas.client.validation.Cas20ProxyTicketValidator;
@@ -60,9 +62,9 @@ public class TicketValidationService {
     private ConfigurationService confService;
 
     /**
-     * Validates and parses the given ID ticket, returning the username
+     * Validates and parses the given ID ticket, returning a map of all
-     * provided by the CAS server in the ticket.  If the
+     * available tokens for the given user based on attributes provided by the
-     * ticket is invalid an exception is thrown.
+     * CAS server.  If the ticket is invalid an exception is thrown.
      *
      * @param ticket
      *     The ID ticket to validate and parse.
@@ -72,13 +74,15 @@ public class TicketValidationService {
      *     password values in.
      *
      * @return
-     *     The username derived from the ticket.
+     *     A Map all of tokens for the user parsed from attributes returned
+     *     by the CAS server.
      *
      * @throws GuacamoleException
      *     If the ID ticket is not valid or guacamole.properties could
      *     not be parsed.
      */
-    public String validateTicket(String ticket, Credentials credentials) throws GuacamoleException {
+    public Map<String, String> validateTicket(String ticket,
+            Credentials credentials) throws GuacamoleException {
 
         // Retrieve the configured CAS URL, establish a ticket validator,
         // and then attempt to validate the supplied ticket.  If that succeeds,
@@ -88,9 +92,11 @@ public class TicketValidationService {
         validator.setAcceptAnyProxy(true);
         validator.setEncoding("UTF-8");
         try {
+            Map<String, String> tokens = new HashMap<>();
             String confRedirectURI = confService.getRedirectURI();
             Assertion a = validator.validate(ticket, confRedirectURI);
             AttributePrincipal principal =  a.getPrincipal();
+            Map<String, Object> ticketAttrs = principal.getAttributes();
 
             // Retrieve username and set the credentials.
             String username = principal.getName();
@@ -98,23 +104,27 @@ public class TicketValidationService {
                 credentials.setUsername(username);
 
             // Retrieve password, attempt decryption, and set credentials.
-            Object credObj = principal.getAttributes().get("credential");
+            Object credObj = ticketAttrs.remove("credential");
             if (credObj != null) {
                 String clearPass = decryptPassword(credObj.toString());
                 if (clearPass != null && !clearPass.isEmpty())
                     credentials.setPassword(clearPass);
             }
             
-            return username;
+            // Convert remaining attributes that have values to Strings
+            for (Entry attr : ticketAttrs.entrySet()) {
+                String tokenName = CASTokenName.fromAttribute(attr.getKey().toString());
+                Object value = attr.getValue();
+                if (value != null)
+                    tokens.put(tokenName, value.toString());
+            }
+
+            return tokens;
 
         } 
         catch (TicketValidationException e) {
             throw new GuacamoleException("Ticket validation failed.", e);
         }
-        catch (Throwable t) {
-            logger.error("Error validating ticket with CAS server: {}", t.getMessage());
-            throw new GuacamoleInvalidCredentialsException("CAS login failed.", CredentialsInfo.USERNAME_PASSWORD);
-        }
 
     }
 

extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/user/CASAuthenticatedUser.java

@@ -20,6 +20,8 @@
 package org.apache.guacamole.auth.cas.user;
 
 import com.google.inject.Inject;
+import java.util.Collections;
+import java.util.Map;
 import org.apache.guacamole.net.auth.AbstractAuthenticatedUser;
 import org.apache.guacamole.net.auth.AuthenticationProvider;
 import org.apache.guacamole.net.auth.Credentials;
@@ -29,7 +31,7 @@ import org.apache.guacamole.net.auth.Credentials;
  * username and particular set of credentials with the CAS authentication
  * provider.
  */
-public class AuthenticatedUser extends AbstractAuthenticatedUser {
+public class CASAuthenticatedUser extends AbstractAuthenticatedUser {
 
     /**
      * Reference to the authentication provider associated with this
@@ -43,6 +45,11 @@ public class AuthenticatedUser extends AbstractAuthenticatedUser {
      */
     private Credentials credentials;
     
+    /**
+     * Tokens associated with this authenticated user.
+     */
+    private Map<String, String> tokens;
+
     /**
      * Initializes this AuthenticatedUser using the given username and
      * credentials.
@@ -52,12 +59,30 @@ public class AuthenticatedUser extends AbstractAuthenticatedUser {
      *
      * @param credentials
      *     The credentials provided when this user was authenticated.
+     * 
+     * @param tokens
+     *     A map of all the name/value pairs that should be available
+     *     as tokens when connections are established with this user.
      */
-    public void init(String username, Credentials credentials) {
+    public void init(String username, Credentials credentials,
+            Map<String, String> tokens) {
         this.credentials = credentials;
+        this.tokens = Collections.unmodifiableMap(tokens);
         setIdentifier(username.toLowerCase());
     }
 
+    /**
+     * Returns a Map containing the name/value pairs that can be applied
+     * as parameter tokens when connections are established by the user.
+     * 
+     * @return
+     *     A Map containing all of the name/value pairs that can be
+     *     used as parameter tokens by this user.
+     */
+    public Map<String, String> getTokens() {
+        return tokens;
+    }
+
     @Override
     public AuthenticationProvider getAuthenticationProvider() {
         return authProvider;

extensions/guacamole-auth-cas/src/test/java/org/apache/guacamole/auth/cas/CASTokenNameTest.java

@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.cas;
+
+import static org.junit.Assert.assertEquals;
+import org.junit.Test;
+
+/**
+ * Test which verifies automatic generation of LDAP-specific connection
+ * parameter token names.
+ */
+public class CASTokenNameTest {
+
+    /**
+     * Verifies that TokenName.fromAttribute() generates token names as
+     * specified, regardless of the naming convention of the attribute.
+     */
+    @Test
+    public void testFromAttribute() {
+        assertEquals("CAS_A", CASTokenName.fromAttribute("a"));
+        assertEquals("CAS_B", CASTokenName.fromAttribute("b"));
+        assertEquals("CAS_1", CASTokenName.fromAttribute("1"));
+        assertEquals("CAS_SOME_URL", CASTokenName.fromAttribute("someURL"));
+        assertEquals("CAS_LOWERCASE_WITH_DASHES", CASTokenName.fromAttribute("lowercase-with-dashes"));
+        assertEquals("CAS_HEADLESS_CAMEL_CASE", CASTokenName.fromAttribute("headlessCamelCase"));
+        assertEquals("CAS_CAMEL_CASE", CASTokenName.fromAttribute("CamelCase"));
+        assertEquals("CAS_CAMEL_CASE", CASTokenName.fromAttribute("CamelCase"));
+        assertEquals("CAS_LOWERCASE_WITH_UNDERSCORES", CASTokenName.fromAttribute("lowercase_with_underscores"));
+        assertEquals("CAS_UPPERCASE_WITH_UNDERSCORES", CASTokenName.fromAttribute("UPPERCASE_WITH_UNDERSCORES"));
+        assertEquals("CAS_A_VERY_INCONSISTENT_MIX_OF_ALL_STYLES", CASTokenName.fromAttribute("aVery-INCONSISTENTMix_ofAllStyles"));
+        assertEquals("CAS_ABC_123_DEF_456", CASTokenName.fromAttribute("abc123def456"));
+        assertEquals("CAS_ABC_123_DEF_456", CASTokenName.fromAttribute("ABC123DEF456"));
+        assertEquals("CAS_WORD_A_WORD_AB_WORD_ABC_WORD", CASTokenName.fromAttribute("WordAWordABWordABCWord"));
+    }
+
+}

extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/AuthenticationProviderService.java

@@ -309,7 +309,7 @@ public class AuthenticationProviderService {
             // Convert each retrieved attribute into a corresponding token
             for (Object attrObj : attrSet) {
                 LDAPAttribute attr = (LDAPAttribute)attrObj;
-                tokens.put(TokenName.fromAttribute(attr.getName()), attr.getStringValue());
+                tokens.put(LDAPTokenName.fromAttribute(attr.getName()), attr.getStringValue());
             }
 
         }

extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPTokenName.java

@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.ldap;
+
+import org.apache.guacamole.token.TokenName;
+
+/**
+ * Utility class for generating parameter token names.
+ */
+public class LDAPTokenName extends TokenName {
+
+    public static String fromAttribute(String name) {
+        return fromAttribute(name, "LDAP_");
+    }
+
+}

extensions/guacamole-auth-ldap/src/test/java/org/apache/guacamole/auth/ldap/LDAPTokenNameTest.java

@@ -26,7 +26,7 @@ import org.junit.Test;
  * Test which verifies automatic generation of LDAP-specific connection
  * parameter token names.
  */
-public class TokenNameTest {
+public class LDAPTokenNameTest {
 
     /**
      * Verifies that TokenName.fromAttribute() generates token names as
@@ -34,20 +34,20 @@ public class TokenNameTest {
      */
     @Test
     public void testFromAttribute() {
-        assertEquals("LDAP_A", TokenName.fromAttribute("a"));
+        assertEquals("LDAP_A", LDAPTokenName.fromAttribute("a"));
-        assertEquals("LDAP_B", TokenName.fromAttribute("b"));
+        assertEquals("LDAP_B", LDAPTokenName.fromAttribute("b"));
-        assertEquals("LDAP_1", TokenName.fromAttribute("1"));
+        assertEquals("LDAP_1", LDAPTokenName.fromAttribute("1"));
-        assertEquals("LDAP_SOME_URL", TokenName.fromAttribute("someURL"));
+        assertEquals("LDAP_SOME_URL", LDAPTokenName.fromAttribute("someURL"));
-        assertEquals("LDAP_LOWERCASE_WITH_DASHES", TokenName.fromAttribute("lowercase-with-dashes"));
+        assertEquals("LDAP_LOWERCASE_WITH_DASHES", LDAPTokenName.fromAttribute("lowercase-with-dashes"));
-        assertEquals("LDAP_HEADLESS_CAMEL_CASE", TokenName.fromAttribute("headlessCamelCase"));
+        assertEquals("LDAP_HEADLESS_CAMEL_CASE", LDAPTokenName.fromAttribute("headlessCamelCase"));
-        assertEquals("LDAP_CAMEL_CASE", TokenName.fromAttribute("CamelCase"));
+        assertEquals("LDAP_CAMEL_CASE", LDAPTokenName.fromAttribute("CamelCase"));
-        assertEquals("LDAP_CAMEL_CASE", TokenName.fromAttribute("CamelCase"));
+        assertEquals("LDAP_CAMEL_CASE", LDAPTokenName.fromAttribute("CamelCase"));
-        assertEquals("LDAP_LOWERCASE_WITH_UNDERSCORES", TokenName.fromAttribute("lowercase_with_underscores"));
+        assertEquals("LDAP_LOWERCASE_WITH_UNDERSCORES", LDAPTokenName.fromAttribute("lowercase_with_underscores"));
-        assertEquals("LDAP_UPPERCASE_WITH_UNDERSCORES", TokenName.fromAttribute("UPPERCASE_WITH_UNDERSCORES"));
+        assertEquals("LDAP_UPPERCASE_WITH_UNDERSCORES", LDAPTokenName.fromAttribute("UPPERCASE_WITH_UNDERSCORES"));
-        assertEquals("LDAP_A_VERY_INCONSISTENT_MIX_OF_ALL_STYLES", TokenName.fromAttribute("aVery-INCONSISTENTMix_ofAllStyles"));
+        assertEquals("LDAP_A_VERY_INCONSISTENT_MIX_OF_ALL_STYLES", LDAPTokenName.fromAttribute("aVery-INCONSISTENTMix_ofAllStyles"));
-        assertEquals("LDAP_ABC_123_DEF_456", TokenName.fromAttribute("abc123def456"));
+        assertEquals("LDAP_ABC_123_DEF_456", LDAPTokenName.fromAttribute("abc123def456"));
-        assertEquals("LDAP_ABC_123_DEF_456", TokenName.fromAttribute("ABC123DEF456"));
+        assertEquals("LDAP_ABC_123_DEF_456", LDAPTokenName.fromAttribute("ABC123DEF456"));
-        assertEquals("LDAP_WORD_A_WORD_AB_WORD_ABC_WORD", TokenName.fromAttribute("WordAWordABWordABCWord"));
+        assertEquals("LDAP_WORD_A_WORD_AB_WORD_ABC_WORD", LDAPTokenName.fromAttribute("WordAWordABWordABCWord"));
     }
 
 }

guacamole-ext/src/main/java/org/apache/guacamole/token/TokenName.java

@@ -17,7 +17,7 @@
  * under the License.
  */
 
-package org.apache.guacamole.auth.ldap;
+package org.apache.guacamole.token;
 
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
@@ -25,22 +25,16 @@ import java.util.regex.Pattern;
 /**
  * Utility class for generating parameter token names.
  */
-public class TokenName {
+public abstract class TokenName {
 
     /**
-     * The prefix string to add to each parameter token generated from an LDAP
+     * Pattern which matches logical groupings of words within an
-     * attribute name.
-     */
-    private static final String LDAP_ATTRIBUTE_TOKEN_PREFIX = "LDAP_";
-
-    /**
-     * Pattern which matches logical groupings of words within an LDAP
      * attribute name. This pattern is intended to match logical groupings
      * regardless of the naming convention used: "CamelCase",
      * "headlessCamelCase", "lowercase_with_underscores",
      * "lowercase-with-dashes" or even "aVery-INCONSISTENTMix_ofAllStyles".
      */
-    private static final Pattern LDAP_ATTRIBUTE_NAME_GROUPING = Pattern.compile(
+    private static final Pattern ATTRIBUTE_NAME_GROUPING = Pattern.compile(
 
         // "Camel" word groups
         "\\p{javaUpperCase}\\p{javaLowerCase}+"
@@ -63,35 +57,38 @@ public class TokenName {
     /**
      * This utility class should not be instantiated.
      */
-    private TokenName() {}
+    protected TokenName() {}
 
     /**
      * Generates the name of the parameter token that should be populated with
-     * the value of the given LDAP attribute. The name of the LDAP attribute
+     * the value of the given attribute. The name of the attribute will
-     * will automatically be transformed from "CamelCase", "headlessCamelCase",
+     * automatically be transformed from "CamelCase", "headlessCamelCase",
      * "lowercase_with_underscores", and "mixes_ofBoth_Styles" to consistent
      * "UPPERCASE_WITH_UNDERSCORES". Each returned attribute will be prefixed
      * with "LDAP_".
      *
      * @param name
-     *     The name of the LDAP attribute to use to generate the token name.
+     *     The name of the attribute to use to generate the token name.
+     * 
+     * @param prefix
+     *     The prefix to prepend to the generated token name.
      *
      * @return
      *     The name of the parameter token that should be populated with the
-     *     value of the LDAP attribute having the given name.
+     *     value of the attribute having the given name.
      */
-    public static String fromAttribute(String name) {
+    public static String fromAttribute(final String name, final String prefix) {
 
         // If even one logical word grouping cannot be found, default to
         // simply converting the attribute to uppercase and adding the
         // prefix
-        Matcher groupMatcher = LDAP_ATTRIBUTE_NAME_GROUPING.matcher(name);
+        Matcher groupMatcher = ATTRIBUTE_NAME_GROUPING.matcher(name);
         if (!groupMatcher.find())
-            return LDAP_ATTRIBUTE_TOKEN_PREFIX + name.toUpperCase();
+            return prefix + name.toUpperCase();
 
         // Split the given name into logical word groups, separated by
         // underscores and converted to uppercase
-        StringBuilder builder = new StringBuilder(LDAP_ATTRIBUTE_TOKEN_PREFIX);
+        StringBuilder builder = new StringBuilder(prefix);
         builder.append(groupMatcher.group(0).toUpperCase());
 
         while (groupMatcher.find()) {

guacamole-ext/src/test/java/org/apache/guacamole/token/TokenNameTest.java

@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.token;
+
+import static org.junit.Assert.assertEquals;
+import org.junit.Test;
+
+/**
+ * Test which verifies automatic generation of LDAP-specific connection
+ * parameter token names.
+ */
+public class TokenNameTest {
+
+    /**
+     * Verifies that TokenName.fromAttribute() generates token names as
+     * specified, regardless of the naming convention of the attribute.
+     */
+    @Test
+    public void testFromAttribute() {
+        assertEquals("A", TokenName.fromAttribute("a", ""));
+        assertEquals("B", TokenName.fromAttribute("b", ""));
+        assertEquals("1", TokenName.fromAttribute("1", ""));
+        assertEquals("SOME_URL", TokenName.fromAttribute("someURL", ""));
+        assertEquals("LOWERCASE_WITH_DASHES", TokenName.fromAttribute("lowercase-with-dashes", ""));
+        assertEquals("HEADLESS_CAMEL_CASE", TokenName.fromAttribute("headlessCamelCase", ""));
+        assertEquals("CAMEL_CASE", TokenName.fromAttribute("CamelCase", ""));
+        assertEquals("CAMEL_CASE", TokenName.fromAttribute("CamelCase", ""));
+        assertEquals("LOWERCASE_WITH_UNDERSCORES", TokenName.fromAttribute("lowercase_with_underscores", ""));
+        assertEquals("UPPERCASE_WITH_UNDERSCORES", TokenName.fromAttribute("UPPERCASE_WITH_UNDERSCORES", ""));
+        assertEquals("A_VERY_INCONSISTENT_MIX_OF_ALL_STYLES", TokenName.fromAttribute("aVery-INCONSISTENTMix_ofAllStyles", ""));
+        assertEquals("ABC_123_DEF_456", TokenName.fromAttribute("abc123def456", ""));
+        assertEquals("ABC_123_DEF_456", TokenName.fromAttribute("ABC123DEF456", ""));
+        assertEquals("WORD_A_WORD_AB_WORD_ABC_WORD", TokenName.fromAttribute("WordAWordABWordABCWord", ""));
+    }
+
+}