safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 21:27:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUAC-971: Pull username and password from HTTP "Authorization" header, if present, when username and password are not provided via parameters.

Browse Source
This commit is contained in:
Michael Jumper
2015-01-05 15:37:24 -08:00
parent f1c5adfba8
commit 58f1093c58
2 changed files with 35 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/properties/BasicGuacamoleProperties.java
View File

@@ -49,18 +49,6 @@ public class BasicGuacamoleProperties {
}; };
/**
* Whether HTTP "Authorization" headers should be taken into account when
* authenticating the user. By default, "Authorization" headers are
* ignored.
*/
public static final BooleanGuacamoleProperty ENABLE_HTTP_AUTH = new BooleanGuacamoleProperty() {
@Override
public String getName() { return "enable-http-auth"; }
};
/** /**
* The directory to search for authentication provider classes. * The directory to search for authentication provider classes.
*/ */

36
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/auth/TokenRESTService.java
View File

@@ -23,6 +23,7 @@
package org.glyptodon.guacamole.net.basic.rest.auth; package org.glyptodon.guacamole.net.basic.rest.auth;
import com.google.inject.Inject; import com.google.inject.Inject;
import java.io.UnsupportedEncodingException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam; import javax.ws.rs.FormParam;
@@ -33,6 +34,7 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.Context; import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response.Status; import javax.ws.rs.core.Response.Status;
import javax.xml.bind.DatatypeConverter;
import org.glyptodon.guacamole.GuacamoleException; import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.net.auth.AuthenticationProvider; import org.glyptodon.guacamole.net.auth.AuthenticationProvider;
import org.glyptodon.guacamole.net.auth.Credentials; import org.glyptodon.guacamole.net.auth.Credentials;
@@ -111,6 +113,38 @@ public class TokenRESTService {
else else
existingSession = null; existingSession = null;
// If no username/password given, try Authorization header
if (username == null && password == null) {
String authorization = request.getHeader("Authorization");
if (authorization != null && authorization.startsWith("Basic ")) {
try {
// Decode base64 authorization
String basicBase64 = authorization.substring(6);
String basicCredentials = new String(DatatypeConverter.parseBase64Binary(basicBase64), "UTF-8");
// Pull username/password from auth data
int colon = basicCredentials.indexOf(':');
if (colon != -1) {
username = basicCredentials.substring(0, colon);
password = basicCredentials.substring(colon + 1);
}
else
logger.debug("Invalid HTTP Basic \"Authorization\" header received.");
}
// UTF-8 support is required by the Java specification
catch (UnsupportedEncodingException e) {
throw new UnsupportedOperationException("Unexpected lack of UTF-8 support.", e);
}
}
} // end Authorization header fallback
// Build credentials // Build credentials
Credentials credentials = new Credentials(); Credentials credentials = new Credentials();
credentials.setUsername(username); credentials.setUsername(username);
@@ -155,7 +189,7 @@ public class TokenRESTService {
} }
logger.debug("Login was successful for user \"{}\".", userContext.self().getUsername()); logger.debug("Login was successful for user \"{}\".", userContext.self().getUsername());
return new APIAuthToken(authToken, username); return new APIAuthToken(authToken, userContext.self().getUsername());
} }