GUACAMOLE-641: Read token/secret mapping from YAML instead of JSON.

2025-09-06 05:07:41 +00:00 · 2022-01-21 15:23:41 -08:00
parent b57578ad8e
commit 5aba0cd09d
3 changed files with 18 additions and 13 deletions
--- a/extensions/guacamole-vault/modules/guacamole-vault-azure/src/main/java/org/apache/guacamole/vault/azure/conf/AzureKeyVaultConfigurationService.java
+++ b/extensions/guacamole-vault/modules/guacamole-vault-azure/src/main/java/org/apache/guacamole/vault/azure/conf/AzureKeyVaultConfigurationService.java
@@ -42,10 +42,10 @@ public class AzureKeyVaultConfigurationService extends VaultConfigurationService
    private Environment environment;

    /**
-     * The name of the file which contains the JSON mapping of connection
+     * The name of the file which contains the YAML mapping of connection
     * parameter token to Azure Key Vault secret name.
     */
-    private static final String TOKEN_MAPPING_FILENAME = "azure-keyvault-token-mapping.json";
+    private static final String TOKEN_MAPPING_FILENAME = "azure-keyvault-token-mapping.yml";

    /**
     * The number of milliseconds that each retrieved secret should be cached
@@ -101,8 +101,8 @@ public class AzureKeyVaultConfigurationService extends VaultConfigurationService

    /**
     * Creates a new AzureKeyVaultConfigurationService which reads the token
-     * mapping from "azure-keyvault-token-mapping.json". The token mapping is
-     * a JSON file which lists each connection parameter token and the name of
+     * mapping from "azure-keyvault-token-mapping.yml". The token mapping is a
+     * YAML file which lists each connection parameter token and the name of
     * the secret from which the value for that token should be read.
     */
    public AzureKeyVaultConfigurationService() {
--- a/extensions/guacamole-vault/modules/guacamole-vault-base/pom.xml
+++ b/extensions/guacamole-vault/modules/guacamole-vault-base/pom.xml
@@ -49,11 +49,15 @@
            <scope>provided</scope>
        </dependency>

-        <!-- Jackson for JSON support -->
+        <!-- Jackson for YAML support -->
        <dependency>
            <groupId>com.fasterxml.jackson.core</groupId>
            <artifactId>jackson-databind</artifactId>
        </dependency>
+        <dependency>
+            <groupId>com.fasterxml.jackson.dataformat</groupId>
+            <artifactId>jackson-dataformat-yaml</artifactId>
+        </dependency>

        <!-- Guice -->
        <dependency>
--- a/extensions/guacamole-vault/modules/guacamole-vault-base/src/main/java/org/apache/guacamole/vault/conf/VaultConfigurationService.java
+++ b/extensions/guacamole-vault/modules/guacamole-vault-base/src/main/java/org/apache/guacamole/vault/conf/VaultConfigurationService.java
@@ -21,6 +21,7 @@ package org.apache.guacamole.vault.conf;

 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
 import com.google.inject.Inject;
 import java.io.File;
 import java.io.IOException;
@@ -46,22 +47,22 @@ public abstract class VaultConfigurationService {
    private Environment environment;

    /**
-     * ObjectMapper for deserializing JSON.
+     * ObjectMapper for deserializing YAML.
     */
-    private static final ObjectMapper mapper = new ObjectMapper();
+    private final ObjectMapper mapper = new ObjectMapper(new YAMLFactory());

    /**
-     * The name of the file containing a JSON mapping of Guacamole parameter
+     * The name of the file containing a YAML mapping of Guacamole parameter
     * token to vault secret name.
     */
    private final String tokenMappingFilename;

    /**
     * Creates a new VaultConfigurationService which retrieves the token/secret
-     * mapping from a JSON file having the given name.
+     * mapping from a YAML file having the given name.
     *
     * @param tokenMappingFilename
-     *     The name of the JSON file containing the token/secret mapping.
+     *     The name of the YAML file containing the token/secret mapping.
     */
    protected VaultConfigurationService(String tokenMappingFilename) {
        this.tokenMappingFilename = tokenMappingFilename;
@@ -84,19 +85,19 @@ public abstract class VaultConfigurationService {
     *     parameter token.
     *
     * @throws GuacamoleException
-     *     If the JSON file defining the token/secret mapping cannot be read.
+     *     If the YAML file defining the token/secret mapping cannot be read.
     */
    public Map<String, String> getTokenMapping() throws GuacamoleException {

        // Get configuration file from GUACAMOLE_HOME
        File confFile = new File(environment.getGuacamoleHome(), tokenMappingFilename);

-        // Deserialize token mapping from JSON
+        // Deserialize token mapping from YAML
        try {
            return mapper.readValue(confFile, new TypeReference<Map<String, String>>() {});
        }

-        // Fail if JSON is invalid/unreadable
+        // Fail if YAML is invalid/unreadable
        catch (IOException e) {
            throw new GuacamoleServerException("Unable to read token mapping "
                    + "configuration file \"" + tokenMappingFilename + "\".", e);