diff --git a/extensions/guacamole-auth-totp/pom.xml b/extensions/guacamole-auth-totp/pom.xml index 5b421d72b..17aff05dd 100644 --- a/extensions/guacamole-auth-totp/pom.xml +++ b/extensions/guacamole-auth-totp/pom.xml @@ -53,6 +53,85 @@ + + + com.keithbranton.mojo + angular-maven-plugin + 0.3.2 + + + generate-resources + + html2js + + + + + ${basedir}/src/main/resources + **/*.html + ${basedir}/src/main/resources/generated/templates-main/templates.js + app/ext/totp + + + + + + com.samaxes.maven + minify-maven-plugin + 1.7.5 + + + default-cli + + UTF-8 + + ${basedir}/src/main/resources + ${project.build.directory}/classes + + / + / + totp.css + + + license.txt + + + + **/*.css + + + / + / + totp.js + + + license.txt + + + + **/*.js + + + + + **/*.test.js + + CLOSURE + + + + OFF + OFF + + + + + minify + + + + + maven-assembly-plugin @@ -105,6 +184,7 @@ **/*.json src/licenses/**/* + src/main/resources/templates/*.html diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java index d694c5e90..da24995a6 100644 --- a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java +++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java @@ -28,8 +28,8 @@ import javax.servlet.http.HttpServletRequest; import org.apache.guacamole.GuacamoleClientException; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.GuacamoleUnsupportedException; +import org.apache.guacamole.auth.totp.form.AuthenticationCodeField; import org.apache.guacamole.form.Field; -import org.apache.guacamole.form.TextField; import org.apache.guacamole.net.auth.AuthenticatedUser; import org.apache.guacamole.net.auth.Credentials; import org.apache.guacamole.net.auth.User; @@ -61,26 +61,6 @@ public class UserVerificationService { */ private static final String TOTP_KEY_CONFIRMED_ATTRIBUTE_NAME = "guac-totp-key-confirmed"; - /** - * The name of the HTTP parameter which will contain the TOTP code provided - * by the user to verify their identity. - */ - private static final String TOTP_PARAMETER_NAME = "guac-totp"; - - /** - * The field which should be exposed to the user to request that they - * provide their TOTP code. - */ - private static final Field TOTP_FIELD = new TextField(TOTP_PARAMETER_NAME); - - /** - * CredentialsInfo object describing the credentials expected for a user - * who has verified their identity with TOTP. - */ - private static final CredentialsInfo TOTP_CREDENTIALS = new CredentialsInfo( - Collections.singletonList(TOTP_FIELD) - ); - /** * BaseEncoding instance which decoded/encodes base32. */ @@ -234,14 +214,16 @@ public class UserVerificationService { HttpServletRequest request = credentials.getRequest(); // Retrieve TOTP from request - String code = request.getParameter(TOTP_PARAMETER_NAME); + String code = request.getParameter(AuthenticationCodeField.PARAMETER_NAME); // If no TOTP provided, request one if (code == null) { // FIXME: Handle key.isConfirmed() for initial prompt throw new GuacamoleInsufficientCredentialsException( - "LOGIN.INFO_TOTP_REQUIRED", TOTP_CREDENTIALS); + "LOGIN.INFO_TOTP_REQUIRED", new CredentialsInfo( + Collections.singletonList(new AuthenticationCodeField()) + )); } diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java new file mode 100644 index 000000000..8119657a6 --- /dev/null +++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java @@ -0,0 +1,48 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.totp.form; + +import org.apache.guacamole.form.Field; + +/** + * Field which prompts the user for an authentication code generated via TOTP. + */ +public class AuthenticationCodeField extends Field { + + /** + * The name of the HTTP parameter which will contain the TOTP code provided + * by the user to verify their identity. + */ + public static final String PARAMETER_NAME = "guac-totp"; + + /** + * The unique name associated with this field type. + */ + private static final String FIELD_TYPE_NAME = "GUAC_TOTP_CODE"; + + /** + * Creates a new field which prompts the user for an authentication code + * generated via TOTP. + */ + public AuthenticationCodeField() { + super(PARAMETER_NAME, FIELD_TYPE_NAME); + } + +} diff --git a/extensions/guacamole-auth-totp/src/main/resources/config/totpConfig.js b/extensions/guacamole-auth-totp/src/main/resources/config/totpConfig.js new file mode 100644 index 000000000..54bb56c08 --- /dev/null +++ b/extensions/guacamole-auth-totp/src/main/resources/config/totpConfig.js @@ -0,0 +1,33 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +/** + * Config block which registers TOTP-specific field types. + */ +angular.module('guacTOTP').config(['formServiceProvider', + function guacTOTPConfig(formServiceProvider) { + + // Define field for the TOTP code provided by the user + formServiceProvider.registerFieldType('GUAC_TOTP_CODE', { + module : 'guacTOTP', + controller : 'authenticationCodeFieldController', + templateUrl : 'app/ext/totp/templates/authenticationCodeField.html' + }); + +}]); diff --git a/extensions/guacamole-auth-totp/src/main/resources/controllers/authenticationCodeFieldController.js b/extensions/guacamole-auth-totp/src/main/resources/controllers/authenticationCodeFieldController.js new file mode 100644 index 000000000..c9cecc68d --- /dev/null +++ b/extensions/guacamole-auth-totp/src/main/resources/controllers/authenticationCodeFieldController.js @@ -0,0 +1,29 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +/** + * Controller for the "GUAC_TOTP_CODE" field which prompts the user to enter + * the code generated by their authentication device. + */ +angular.module('guacTOTP').controller('authenticationCodeFieldController', ['$scope', '$element', + function authenticationCodeFieldController($scope, $element) { + + // STUB + +}]); diff --git a/extensions/guacamole-auth-totp/src/main/resources/guac-manifest.json b/extensions/guacamole-auth-totp/src/main/resources/guac-manifest.json index 539562ccf..dee829170 100644 --- a/extensions/guacamole-auth-totp/src/main/resources/guac-manifest.json +++ b/extensions/guacamole-auth-totp/src/main/resources/guac-manifest.json @@ -11,6 +11,18 @@ "translations" : [ "translations/en.json" - ] + ], + + "js" : [ + "totp.min.js" + ], + + "css" : [ + "totp.min.css" + ], + + "resources" : { + "templates/authenticationCodeField.html" : "text/html" + } } diff --git a/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css b/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css new file mode 100644 index 000000000..8181e2ccd --- /dev/null +++ b/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +/* STUB */ diff --git a/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html b/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html new file mode 100644 index 000000000..4e7fb0f8c --- /dev/null +++ b/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html @@ -0,0 +1,3 @@ +
+ +
diff --git a/extensions/guacamole-auth-totp/src/main/resources/totpModule.js b/extensions/guacamole-auth-totp/src/main/resources/totpModule.js new file mode 100644 index 000000000..c6a0c7ea4 --- /dev/null +++ b/extensions/guacamole-auth-totp/src/main/resources/totpModule.js @@ -0,0 +1,28 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +/** + * Module which provides handling for TOTP multi-factor authentication. + */ +angular.module('guacTOTP', [ + 'form' +]); + +// Ensure the guacTOTP module is loaded along with the rest of the app +angular.module('index').requires.push('guacTOTP');