From 77e714b0e15dcbdaa5a0afc261e9a3592a8ee494 Mon Sep 17 00:00:00 2001
From: Michael Jumper <mjumper@apache.org>
Date: Sat, 2 Jan 2016 00:36:12 -0800
Subject: [PATCH] GUACAMOLE-210: Stub out authentication (recognize but do not
 actually use code).

---
 extensions/guacamole-auth-openid/pom.xml      |  8 +++
 .../oauth/AuthenticationProviderService.java  | 24 ++++++-
 .../guacamole/auth/oauth/OAuthCodeField.java  |  4 +-
 .../auth/oauth/user/AuthenticatedUser.java    | 71 +++++++++++++++++++
 4 files changed, 104 insertions(+), 3 deletions(-)
 create mode 100644 extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/user/AuthenticatedUser.java

diff --git a/extensions/guacamole-auth-openid/pom.xml b/extensions/guacamole-auth-openid/pom.xml
index bc62695b8..9ec561c81 100644
--- a/extensions/guacamole-auth-openid/pom.xml
+++ b/extensions/guacamole-auth-openid/pom.xml
@@ -79,6 +79,14 @@
             <version>3.0</version>
         </dependency>
 
+        <!-- Java servlet API -->
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>servlet-api</artifactId>
+            <version>2.5</version>
+            <scope>provided</scope>
+        </dependency>
+
     </dependencies>
 
 </project>
diff --git a/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/AuthenticationProviderService.java b/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/AuthenticationProviderService.java
index c07a78cd4..a183889b3 100644
--- a/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/AuthenticationProviderService.java
+++ b/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/AuthenticationProviderService.java
@@ -20,10 +20,12 @@
 package org.apache.guacamole.auth.oauth;
 
 import com.google.inject.Inject;
+import com.google.inject.Provider;
 import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.oauth.user.AuthenticatedUser;
 import org.glyptodon.guacamole.GuacamoleException;
 import org.glyptodon.guacamole.form.Field;
-import org.glyptodon.guacamole.net.auth.AuthenticatedUser;
 import org.glyptodon.guacamole.net.auth.Credentials;
 import org.glyptodon.guacamole.net.auth.credentials.CredentialsInfo;
 import org.glyptodon.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
@@ -47,6 +49,12 @@ public class AuthenticationProviderService {
     @Inject
     private ConfigurationService confService;
 
+    /**
+     * Provider for AuthenticatedUser objects.
+     */
+    @Inject
+    private Provider<AuthenticatedUser> authenticatedUserProvider;
+
     /**
      * Returns an AuthenticatedUser representing the user authenticated by the
      * given credentials.
@@ -65,6 +73,20 @@ public class AuthenticationProviderService {
     public AuthenticatedUser authenticateUser(Credentials credentials)
             throws GuacamoleException {
 
+        String code = null;
+
+        // Pull OAuth code from request if present
+        HttpServletRequest request = credentials.getRequest();
+        if (request != null)
+            code = request.getParameter(OAuthCodeField.PARAMETER_NAME);
+
+        // TODO: Actually complete authentication using received code
+        if (code != null) {
+            AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
+            authenticatedUser.init("STUB", credentials);
+            return authenticatedUser;
+        }
+
         // Request auth code
         throw new GuacamoleInvalidCredentialsException("Invalid login.",
             new CredentialsInfo(Arrays.asList(new Field[] {
diff --git a/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/OAuthCodeField.java b/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/OAuthCodeField.java
index bdf16c850..35ae5ebef 100644
--- a/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/OAuthCodeField.java
+++ b/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/OAuthCodeField.java
@@ -34,7 +34,7 @@ public class OAuthCodeField extends Field {
      * The standard HTTP parameter which will be included within the URL by all
      * OAuth services upon successful authentication and redirect.
      */
-    private static final String OAUTH_CODE_PARAMETER_NAME = "code";
+    public static final String PARAMETER_NAME = "code";
 
     /**
      * The full URI which the field should link to.
@@ -65,7 +65,7 @@ public class OAuthCodeField extends Field {
             String redirectURI) {
 
         // Init base field properties
-        super(OAUTH_CODE_PARAMETER_NAME, "GUAC_OAUTH_CODE");
+        super(PARAMETER_NAME, "GUAC_OAUTH_CODE");
 
         // Build authorization URI from given values
         try {
diff --git a/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/user/AuthenticatedUser.java b/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/user/AuthenticatedUser.java
new file mode 100644
index 000000000..935c27070
--- /dev/null
+++ b/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/oauth/user/AuthenticatedUser.java
@@ -0,0 +1,71 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.oauth.user;
+
+import com.google.inject.Inject;
+import org.glyptodon.guacamole.net.auth.AbstractAuthenticatedUser;
+import org.glyptodon.guacamole.net.auth.AuthenticationProvider;
+import org.glyptodon.guacamole.net.auth.Credentials;
+
+/**
+ * An OAuth-specific implementation of AuthenticatedUser, associating a
+ * username and particular set of credentials with the OAuth authentication
+ * provider.
+ */
+public class AuthenticatedUser extends AbstractAuthenticatedUser {
+
+    /**
+     * Reference to the authentication provider associated with this
+     * authenticated user.
+     */
+    @Inject
+    private AuthenticationProvider authProvider;
+
+    /**
+     * The credentials provided when this user was authenticated.
+     */
+    private Credentials credentials;
+
+    /**
+     * Initializes this AuthenticatedUser using the given username and
+     * credentials.
+     *
+     * @param username
+     *     The username of the user that was authenticated.
+     *
+     * @param credentials
+     *     The credentials provided when this user was authenticated.
+     */
+    public void init(String username, Credentials credentials) {
+        this.credentials = credentials;
+        setIdentifier(username);
+    }
+
+    @Override
+    public AuthenticationProvider getAuthenticationProvider() {
+        return authProvider;
+    }
+
+    @Override
+    public Credentials getCredentials() {
+        return credentials;
+    }
+
+}