From 806ec964ff9570f3f9071d436fd88d44c722e27e Mon Sep 17 00:00:00 2001 From: Virtually Nick Date: Tue, 23 Jun 2020 13:53:10 -0400 Subject: [PATCH] GUACAMOLE-103: License cleanup, fix comments, and minor code tweaks. Includes implementation of executor shutdown, and correctly removing items from the shared response map. --- .../guacamole-auth-saml/src/licenses/LICENSE | 57 ++++- .../bundled/apache-commons-codec-1.12/LICENSE | 202 ++++++++++++++++++ .../bundled/apache-commons-lang-3.4/LICENSE | 202 ++++++++++++++++++ .../bundled/apache-santuario-2.1.4/LICENSE | 202 ++++++++++++++++++ .../LICENSE | 0 .../licenses/bundled/joda-time-2.10.3/LICENSE | 202 ++++++++++++++++++ .../bundled/woodstox-core-5.0.3/LICENSE | 202 ++++++++++++++++++ .../bundled/woodstox-stax2-api-3.1.4/LICENSE | 22 ++ .../saml/AuthenticationProviderService.java | 63 ++++-- .../auth/saml/SAMLAuthenticationProvider.java | 5 + .../SAMLAuthenticationProviderResource.java | 2 +- .../guacamole/auth/saml/SAMLResponseMap.java | 18 +- .../auth/saml/conf/ConfigurationService.java | 101 ++++----- .../auth/saml/form/SAMLRedirectField.java | 66 ------ .../auth/saml/user/SAMLAuthenticatedUser.java | 2 +- .../src/main/resources/translations/en.json | 4 +- 16 files changed, 1199 insertions(+), 151 deletions(-) create mode 100644 extensions/guacamole-auth-saml/src/licenses/bundled/apache-commons-codec-1.12/LICENSE create mode 100644 extensions/guacamole-auth-saml/src/licenses/bundled/apache-commons-lang-3.4/LICENSE create mode 100644 extensions/guacamole-auth-saml/src/licenses/bundled/apache-santuario-2.1.4/LICENSE rename extensions/guacamole-auth-saml/src/licenses/bundled/{java-saml-2.2.0 => java-saml-2.5.0}/LICENSE (100%) create mode 100644 extensions/guacamole-auth-saml/src/licenses/bundled/joda-time-2.10.3/LICENSE create mode 100644 extensions/guacamole-auth-saml/src/licenses/bundled/woodstox-core-5.0.3/LICENSE create mode 100644 extensions/guacamole-auth-saml/src/licenses/bundled/woodstox-stax2-api-3.1.4/LICENSE delete mode 100644 extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/form/SAMLRedirectField.java diff --git a/extensions/guacamole-auth-saml/src/licenses/LICENSE b/extensions/guacamole-auth-saml/src/licenses/LICENSE index 77bf5f6c4..fed687e8c 100644 --- a/extensions/guacamole-auth-saml/src/licenses/LICENSE +++ b/extensions/guacamole-auth-saml/src/licenses/LICENSE @@ -220,6 +220,33 @@ AOP Alliance (http://aopalliance.sourceforge.net/) Public Domain (bundled/aopalliance-1.0/LICENSE) +Apache Commons Codec (http://commons.apache.org/proper/commons-codec/) +----------------------------------------------------------------------- + + Version: 1.12 + From: 'Apache Software Foundation' (http://www.apache.org) + License(s): + Apache v2.0 (bundled/apache-commons-codec-1.12/LICENSE) + + +Apache Commons Lang (http://commons.apache.org/proper/commons-lang/) +--------------------------------------------------------------------- + + Version: 3.4 + From: 'Apache Software Foundation' (http://www.apache.org) + License(s): + Apache v2.0 (bundled/apache-commons-lang-3.4/LICENSE) + + +Apache Santuario (https://santuario.apache.org/) +------------------------------------------------- + + Version: 2.1.4 + From: 'Apache Software Foundation' (http://www.apache.org) + License(s): + Apache v2.0 (bundled/apache-santuario-2.1.4/LICENSE) + + Google Guice (https://github.com/google/guice) ---------------------------------------------- @@ -229,6 +256,15 @@ Google Guice (https://github.com/google/guice) Apache v2.0 (bundled/guice-3.0/COPYING) +Joda-Time (https://www.joda.org/joda-time/) +---------------------------------------------- + + Version: 2.10.3 + From: 'Joda.org' (https://www.joda.org/) + License(s): + Apache v2.0 (bundled/joda-time-2.10.3/COPYING) + + jose.4.j (https://bitbucket.org/b_c/jose4j/) -------------------------------------------- @@ -250,8 +286,25 @@ JSR-330 / Dependency Injection for Java (http://code.google.com/p/atinject/) Onelogin Java SAML Client (https://github.com/onelogin/java-saml) ------------------------------------------------------------------------ - Version: 2.2.0 + Version: 2.5.0 From: 'OneLogin' (https://www.onelogin.com) License(s): - MIT License (bundled/java-saml-2.2.0/LICENSE) + MIT License (bundled/java-saml-2.5.0/LICENSE) + +Woodstox Core (https://github.com/FasterXML/woodstox) +------------------------------------------------------ + + Version: 5.0.3 + From: 'FasterXML, LLC' (http://fasterxml.com/) + License(s): + Apache v2.0 (bundled/woodstox-core-5.0.3/LICENSE) + + +Woodstox Stax2-API (https://github.com/FasterXML/stax2-api) +------------------------------------------------------------ + + Version: 3.1.4 + From: 'FasterXML, LLC' (http://fasterxml.com/) + License(s): + BSD Simplified (bundled/woodstox-stax2-api-3.1.4/LICENSE) \ No newline at end of file diff --git a/extensions/guacamole-auth-saml/src/licenses/bundled/apache-commons-codec-1.12/LICENSE b/extensions/guacamole-auth-saml/src/licenses/bundled/apache-commons-codec-1.12/LICENSE new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/extensions/guacamole-auth-saml/src/licenses/bundled/apache-commons-codec-1.12/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/extensions/guacamole-auth-saml/src/licenses/bundled/apache-commons-lang-3.4/LICENSE b/extensions/guacamole-auth-saml/src/licenses/bundled/apache-commons-lang-3.4/LICENSE new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/extensions/guacamole-auth-saml/src/licenses/bundled/apache-commons-lang-3.4/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/extensions/guacamole-auth-saml/src/licenses/bundled/apache-santuario-2.1.4/LICENSE b/extensions/guacamole-auth-saml/src/licenses/bundled/apache-santuario-2.1.4/LICENSE new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/extensions/guacamole-auth-saml/src/licenses/bundled/apache-santuario-2.1.4/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/extensions/guacamole-auth-saml/src/licenses/bundled/java-saml-2.2.0/LICENSE b/extensions/guacamole-auth-saml/src/licenses/bundled/java-saml-2.5.0/LICENSE similarity index 100% rename from extensions/guacamole-auth-saml/src/licenses/bundled/java-saml-2.2.0/LICENSE rename to extensions/guacamole-auth-saml/src/licenses/bundled/java-saml-2.5.0/LICENSE diff --git a/extensions/guacamole-auth-saml/src/licenses/bundled/joda-time-2.10.3/LICENSE b/extensions/guacamole-auth-saml/src/licenses/bundled/joda-time-2.10.3/LICENSE new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/extensions/guacamole-auth-saml/src/licenses/bundled/joda-time-2.10.3/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/extensions/guacamole-auth-saml/src/licenses/bundled/woodstox-core-5.0.3/LICENSE b/extensions/guacamole-auth-saml/src/licenses/bundled/woodstox-core-5.0.3/LICENSE new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/extensions/guacamole-auth-saml/src/licenses/bundled/woodstox-core-5.0.3/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/extensions/guacamole-auth-saml/src/licenses/bundled/woodstox-stax2-api-3.1.4/LICENSE b/extensions/guacamole-auth-saml/src/licenses/bundled/woodstox-stax2-api-3.1.4/LICENSE new file mode 100644 index 000000000..19cbb6b58 --- /dev/null +++ b/extensions/guacamole-auth-saml/src/licenses/bundled/woodstox-stax2-api-3.1.4/LICENSE @@ -0,0 +1,22 @@ +Copyright 2008 FasterXML LLC + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this +list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, +this list of conditions and the following disclaimer in the documentation +and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR +ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON +ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/AuthenticationProviderService.java b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/AuthenticationProviderService.java index 74b98bcbb..b7cde8244 100644 --- a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/AuthenticationProviderService.java +++ b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/AuthenticationProviderService.java @@ -28,7 +28,8 @@ import com.onelogin.saml2.exception.ValidationError; import com.onelogin.saml2.settings.Saml2Settings; import com.onelogin.saml2.util.Util; import java.io.IOException; -import java.util.ArrayList; +import java.net.URI; +import java.net.URISyntaxException; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; @@ -41,10 +42,11 @@ import javax.servlet.http.HttpServletRequest; import javax.xml.parsers.ParserConfigurationException; import javax.xml.xpath.XPathExpressionException; import org.apache.guacamole.auth.saml.conf.ConfigurationService; -import org.apache.guacamole.auth.saml.form.SAMLRedirectField; import org.apache.guacamole.auth.saml.user.SAMLAuthenticatedUser; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.form.Field; +import org.apache.guacamole.form.RedirectField; +import org.apache.guacamole.language.TranslatableMessage; import org.apache.guacamole.net.auth.AuthenticatedUser; import org.apache.guacamole.net.auth.Credentials; import org.apache.guacamole.net.auth.credentials.CredentialsInfo; @@ -130,12 +132,9 @@ public class AuthenticationProviderService { throw new GuacamoleInvalidCredentialsException("Error during SAML login.", CredentialsInfo.USERNAME_PASSWORD); } - if (!samlResponse.validateTimestamps()) { - logger.warn("SAML response timestamps were invalid."); - logger.debug("validateTimestamps returned false."); - throw new GuacamoleInvalidCredentialsException("Error during SAML login.", - CredentialsInfo.USERNAME_PASSWORD); - } + + // Validate timestamps, generating ValidationException if this fails. + samlResponse.validateTimestamps(); // Grab the username, and, if present, finish authentication. String username = samlResponse.getNameId().toLowerCase(); @@ -208,10 +207,10 @@ public class AuthenticationProviderService { // No SAML Response is present, so generate a request. AuthnRequest samlReq = new AuthnRequest(samlSettings); - String reqString; + URI authUri; try { - reqString = samlSettings.getIdpSingleSignOnServiceUrl() + "?SAMLRequest=" + - Util.urlEncoder(samlReq.getEncodedAuthnRequest()); + authUri = new URI(samlSettings.getIdpSingleSignOnServiceUrl() + "?SAMLRequest=" + + Util.urlEncoder(samlReq.getEncodedAuthnRequest())); } catch (IOException e) { logger.error("Error encoding authentication request to string: {}", e.getMessage()); @@ -219,18 +218,37 @@ public class AuthenticationProviderService { throw new GuacamoleInvalidCredentialsException("Error during SAML login.", CredentialsInfo.USERNAME_PASSWORD); } + catch(URISyntaxException e) { + logger.error("Error generating URI for authentication redirect: {}", e.getMessage()); + logger.debug("Got URISyntaxException generating authentication URI", e); + throw new GuacamoleInvalidCredentialsException("Error during SAML login.", + CredentialsInfo.USERNAME_PASSWORD); + } // Redirect to SAML Identity Provider (IdP) throw new GuacamoleInsufficientCredentialsException("Redirecting to SAML IdP.", new CredentialsInfo(Arrays.asList(new Field[] { - new RedirectField("samlRedirect", reqString, "LOGIN.REDIRECT_PENDING") + new RedirectField("samlRedirect", authUri, new TranslatableMessage("LOGIN.INFO_SAML_REDIRECT_PENDING")) })) ); } - private Map parseTokens(Map> attributes) - throws GuacamoleException { + /** + * Generates Map of tokens that can be substituted within Guacamole + * parameters given a Map containing a List of attributes from the SAML IdP. + * Attributes that have multiple values will be reduced to a single value, + * taking the first available value and discarding the remaining values. + * + * @param attributes + * The Map containing the attributes retrieved from the SAML IdP. + * + * @return + * A Map of key and single value pairs that can be used as parameter + * tokens. + */ + private Map parseTokens(Map> attributes) { Map tokens = new HashMap<>(); for (Entry> entry : attributes.entrySet()) { @@ -244,7 +262,22 @@ public class AuthenticationProviderService { } - private Set parseGroups(Map> attributes, String groupAttribute) throws GuacamoleException { + /** + * Returns a list of groups found in the provided Map of attributes returned + * by the SAML IdP by searching the map for the provided group attribute. + * + * @param attributes + * The Map of attributes provided by the SAML IdP. + * + * @param groupAttribute + * The name of the attribute that may be present in the Map that + * will be used to parse group membership for the authenticated user. + * + * @return + * A Set of groups of which the user is a member. + */ + private Set parseGroups(Map> attributes, + String groupAttribute) { List samlGroups = attributes.get(groupAttribute); if (samlGroups != null && !samlGroups.isEmpty()) diff --git a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLAuthenticationProvider.java b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLAuthenticationProvider.java index a51d1050d..eb173d814 100644 --- a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLAuthenticationProvider.java +++ b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLAuthenticationProvider.java @@ -77,5 +77,10 @@ public class SAMLAuthenticationProvider extends AbstractAuthenticationProvider { return authProviderService.authenticateUser(credentials); } + + @Override + public void shutdown() { + injector.getInstance(SAMLResponseMap.class).shutdown(); + } } diff --git a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLAuthenticationProviderResource.java b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLAuthenticationProviderResource.java index 8ed52cd83..4a1e52199 100644 --- a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLAuthenticationProviderResource.java +++ b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLAuthenticationProviderResource.java @@ -145,7 +145,7 @@ public class SAMLAuthenticationProviderResource { } /** - * This is a utility method designed to generate a SHA-256 has for the + * This is a utility method designed to generate a SHA-256 hash for the * given string representation of the SAMLResponse, throwing an exception * if, for some reason, the Java implementation in use doesn't support * SHA-256, and returning a hex-formatted hash value. diff --git a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLResponseMap.java b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLResponseMap.java index 588811a99..392b8a13b 100644 --- a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLResponseMap.java +++ b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/SAMLResponseMap.java @@ -22,7 +22,7 @@ package org.apache.guacamole.auth.saml; import com.google.inject.Singleton; import com.onelogin.saml2.authn.SamlResponse; import com.onelogin.saml2.exception.ValidationError; -import java.util.Map.Entry; +import java.util.Collection; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentMap; import java.util.concurrent.Executors; @@ -107,12 +107,13 @@ public class SAMLResponseMap { public void run() { // Loop through responses in map and remove ones that are no longer valid. - for (Entry entry : samlResponseMap.entrySet()) { + Collection samlResponses = samlResponseMap.values(); + for (SamlResponse value : samlResponses) { try { - entry.getValue().validateTimestamps(); + value.validateTimestamps(); } catch (ValidationError e) { - samlResponseMap.remove(entry.getKey()); + samlResponses.remove(value); } } @@ -120,4 +121,13 @@ public class SAMLResponseMap { } + /** + * Shut down the executor service that periodically cleans out the + * SamlResponse Map. This must be invoked during webapp shutdown in order + * to avoid resource leaks. + */ + public void shutdown() { + executor.shutdownNow(); + } + } diff --git a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/conf/ConfigurationService.java b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/conf/ConfigurationService.java index e216ccbca..f55d7b8ce 100644 --- a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/conf/ConfigurationService.java +++ b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/conf/ConfigurationService.java @@ -77,7 +77,8 @@ public class ConfigurationService { /** * The callback URL to use for SAML IdP, normally the base - * of the Guacamole install. + * of the Guacamole install. The SAML extensions callback + * endpoint will be appended to this value. */ private static final URIGuacamoleProperty SAML_CALLBACK_URL = new URIGuacamoleProperty() { @@ -86,17 +87,6 @@ public class ConfigurationService { public String getName() { return "saml-callback-url"; } }; - - /** - * The single logout redirect URL. - */ - private static final URIGuacamoleProperty SAML_LOGOUT_URL = - new URIGuacamoleProperty() { - - @Override - public String getName() { return "saml-logout-url"; } - - }; /** * Whether or not debugging should be enabled in the SAML library to help @@ -111,7 +101,7 @@ public class ConfigurationService { }; /** - * Whether or not to enabled compression for the SAML request. + * Whether or not to enable compression for the SAML request. */ private static final BooleanGuacamoleProperty SAML_COMPRESS_REQUEST = new BooleanGuacamoleProperty() { @@ -122,7 +112,7 @@ public class ConfigurationService { }; /** - * Whether or not to enabled compression for the SAML response. + * Whether or not to enable compression for the SAML response. */ private static final BooleanGuacamoleProperty SAML_COMPRESS_RESPONSE = new BooleanGuacamoleProperty() { @@ -162,13 +152,11 @@ public class ConfigurationService { private Environment environment; /** - * Returns the URL to be used as the client ID which will be - * submitted to the SAML IdP as configured in - * guacamole.properties. + * Returns the URL to be submitted as the client ID to the SAML IdP, as + * configured in guacamole.properties. * * @return - * The URL to be used as the client ID sent to the - * SAML IdP. + * The URL to send to the SAML IdP as the Client Identifier. * * @throws GuacamoleException * If guacamole.properties cannot be parsed, or if the @@ -180,7 +168,7 @@ public class ConfigurationService { /** * The file that contains the metadata that the SAML client should - * use to communicate with the SAML IdP. This is generated by the + * use to communicate with the SAML IdP. This is generated by the * SAML IdP and should be uploaded to the system where the Guacamole * client is running. * @@ -197,7 +185,7 @@ public class ConfigurationService { } /** - * Retrieve the URL used to log in to the SAML IdP. + * Return the URL used to log in to the SAML IdP. * * @return * The URL used to log in to the SAML IdP. @@ -225,23 +213,11 @@ public class ConfigurationService { public URI getCallbackUrl() throws GuacamoleException { return environment.getRequiredProperty(SAML_CALLBACK_URL); } - - /** - * Return the URL used to log out from the SAML IdP. - * - * @return - * The URL used to log out from the SAML IdP. - * - * @throws GuacamoleException - * If guacamole.properties cannot be parsed. - */ - private URI getLogoutUrl() throws GuacamoleException { - return environment.getProperty(SAML_LOGOUT_URL); - } /** - * Return true if SAML debugging should be enabled, otherwise false. The - * default is false. + * Return the Boolean value that indicates whether SAML client debugging + * will be enabled, as configured in guacamole.properties. The default is + * false, and debug information will not be generated or logged. * * @return * True if debugging should be enabled in the SAML library, otherwise @@ -250,13 +226,14 @@ public class ConfigurationService { * @throws GuacamoleException * If guacamole.properties cannot be parsed. */ - private Boolean getDebug() throws GuacamoleException { + private boolean getDebug() throws GuacamoleException { return environment.getProperty(SAML_DEBUG, false); } /** - * Return true if compression should be enabled when sending the SAML - * request, otherwise false. The default is to enable compression. + * Return the Boolean value that indicates whether or not compression of + * SAML requests to the IdP should be enabled or not, as configured in + * guacamole.properties. The default is to enable compression. * * @return * True if compression should be enabled when sending the SAML request, @@ -265,14 +242,15 @@ public class ConfigurationService { * @throws GuacamoleException * If guacamole.properties cannot be parsed. */ - private Boolean getCompressRequest() throws GuacamoleException { + private boolean getCompressRequest() throws GuacamoleException { return environment.getProperty(SAML_COMPRESS_REQUEST, true); } /** - * Returns whether or not the SAML login should enforce strict security - * controls. By default this is true, and should be set to true in any - * production environment. + * Return a Boolean value that indicates whether or not the SAML login + * should enforce strict security controls, as configured in + * guacamole.properties. By default this is true, and should be set to + * true in any production environment. * * @return * True if the SAML login should enforce strict security checks, @@ -281,14 +259,15 @@ public class ConfigurationService { * @throws GuacamoleException * If guacamole.properties cannot be parsed. */ - private Boolean getStrict() throws GuacamoleException { + private boolean getStrict() throws GuacamoleException { return environment.getProperty(SAML_STRICT, true); } /** - * Return true if compression should be requested from the server when the - * SAML response is returned, otherwise false. The default is to request - * that the response be compressed. + * Return a Boolean value that indicates whether or not compression should + * be requested from the server when the SAML response is returned, as + * configured in guacamole.properties. The default is to request that the + * response be compressed. * * @return * True if compression should be requested from the server for the SAML @@ -297,7 +276,7 @@ public class ConfigurationService { * @throws GuacamoleException * If guacamole.properties cannot be parsed. */ - private Boolean getCompressResponse() throws GuacamoleException { + private boolean getCompressResponse() throws GuacamoleException { return environment.getProperty(SAML_COMPRESS_RESPONSE, true); } @@ -316,19 +295,18 @@ public class ConfigurationService { } /** - * Returns the collection of SAML settings used to - * initialize the client. + * Returns the collection of SAML settings used to initialize the client. * * @return - * The collection of SAML settings used to - * initialize the SAML client. + * The collection of SAML settings used to initialize the SAML client. * * @throws GuacamoleException - * If guacamole.properties cannot be parsed or - * if parameters are missing. + * If guacamole.properties cannot be parsed or if required parameters + * are missing. */ public Saml2Settings getSamlSettings() throws GuacamoleException { + // Try to get the XML file, first. File idpMetadata = getIdpMetadata(); Map samlMap; if (idpMetadata != null) { @@ -341,20 +319,23 @@ public class ConfigurationService { } } + // If no XML metadata is provided, fall-back to individual values. else { samlMap = new HashMap<>(); - samlMap.put(SettingsBuilder.SP_ENTITYID_PROPERTY_KEY, - getEntityId().toString()); - samlMap.put(SettingsBuilder.SP_ASSERTION_CONSUMER_SERVICE_URL_PROPERTY_KEY, - getCallbackUrl().toString() + "/api/ext/saml/callback"); - samlMap.put(SettingsBuilder.IDP_ENTITYID_PROPERTY_KEY - , getIdpUrl().toString()); + samlMap.put(SettingsBuilder.IDP_ENTITYID_PROPERTY_KEY, + getIdpUrl().toString()); samlMap.put(SettingsBuilder.IDP_SINGLE_SIGN_ON_SERVICE_URL_PROPERTY_KEY, getIdpUrl().toString()); samlMap.put(SettingsBuilder.IDP_SINGLE_SIGN_ON_SERVICE_BINDING_PROPERTY_KEY, Constants.BINDING_HTTP_REDIRECT); } + // Common settings, required with or without metadata file. + samlMap.put(SettingsBuilder.SP_ENTITYID_PROPERTY_KEY, + getEntityId().toString()); + samlMap.put(SettingsBuilder.SP_ASSERTION_CONSUMER_SERVICE_URL_PROPERTY_KEY, + getCallbackUrl().toString() + "/api/ext/saml/callback"); + SettingsBuilder samlBuilder = new SettingsBuilder(); Saml2Settings samlSettings = samlBuilder.fromValues(samlMap).build(); samlSettings.setStrict(getStrict()); diff --git a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/form/SAMLRedirectField.java b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/form/SAMLRedirectField.java deleted file mode 100644 index f979b7805..000000000 --- a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/form/SAMLRedirectField.java +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.guacamole.auth.saml.form; - -import org.apache.guacamole.form.Field; - -/** - * Field definition which represents the data used to do redirects - * during SAML authentication. - */ -public class SAMLRedirectField extends Field { - - /** - * The name of the parameter containing the redirect. - */ - public static final String PARAMETER_NAME = "samlRedirect"; - - /** - * The encoded URI of the redirect. - */ - private final String samlRedirect; - - /** - * Creates a new field which facilitates redirection of the user - * during SAML SSO authentication. - * - * @param samlRedirect - * The URI to which the user should be redirected. - */ - public SAMLRedirectField(String samlRedirect) { - - // Init base field properties - super(PARAMETER_NAME, "GUAC_SAML_REDIRECT"); - - this.samlRedirect = samlRedirect; - - } - - /** - * Returns the URI of the redirect. - * - * @return - * The URI of the redirect. - */ - public String getSamlRedirect() { - return samlRedirect; - } - -} diff --git a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/user/SAMLAuthenticatedUser.java b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/user/SAMLAuthenticatedUser.java index 57c70a365..5228c99a1 100644 --- a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/user/SAMLAuthenticatedUser.java +++ b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/user/SAMLAuthenticatedUser.java @@ -80,7 +80,7 @@ public class SAMLAuthenticatedUser extends AbstractAuthenticatedUser { } /** - * Get the tokens associated with this particular user. + * Returns a Map of tokens associated with this authenticated user. * * @return * A map of token names and values available from this user account. diff --git a/extensions/guacamole-auth-saml/src/main/resources/translations/en.json b/extensions/guacamole-auth-saml/src/main/resources/translations/en.json index 3ba3a85c5..b4f2d910f 100644 --- a/extensions/guacamole-auth-saml/src/main/resources/translations/en.json +++ b/extensions/guacamole-auth-saml/src/main/resources/translations/en.json @@ -1,12 +1,12 @@ { "DATA_SOURCE_SAML" : { - "NAME" : "SAML SSO Backend" + "NAME" : "SAML Authentication Extension" }, "LOGIN" : { "FIELD_HEADER_SAML" : "", - "INFO_SAML_REDIRECT_PENDING" : "Please wait, redirecting for SAML authentication..." + "INFO_SAML_REDIRECT_PENDING" : "Please wait, redirecting to identity provider..." } }