GUACAMOLE-96: Migrate to TOTP-specific field type for authentication code.

extensions/guacamole-auth-totp/pom.xml

@@ -53,6 +53,85 @@
                 </configuration>
             </plugin>
 
+            <!-- Pre-cache Angular templates with maven-angular-plugin -->
+            <plugin>
+                <groupId>com.keithbranton.mojo</groupId>
+                <artifactId>angular-maven-plugin</artifactId>
+                <version>0.3.2</version>
+                <executions>
+                    <execution>
+                        <phase>generate-resources</phase>
+                        <goals>
+                            <goal>html2js</goal>
+                        </goals>
+                    </execution>
+                </executions>
+                <configuration>
+                    <sourceDir>${basedir}/src/main/resources</sourceDir>
+                    <include>**/*.html</include>
+                    <target>${basedir}/src/main/resources/generated/templates-main/templates.js</target>
+                    <prefix>app/ext/totp</prefix>
+                </configuration>
+            </plugin>
+
+            <!-- JS/CSS Minification Plugin -->
+            <plugin>
+                <groupId>com.samaxes.maven</groupId>
+                <artifactId>minify-maven-plugin</artifactId>
+                <version>1.7.5</version>
+                <executions>
+                    <execution>
+                        <id>default-cli</id>
+                        <configuration>
+                            <charset>UTF-8</charset>
+
+                            <webappSourceDir>${basedir}/src/main/resources</webappSourceDir>
+                            <webappTargetDir>${project.build.directory}/classes</webappTargetDir>
+
+                            <cssSourceDir>/</cssSourceDir>
+                            <cssTargetDir>/</cssTargetDir>
+                            <cssFinalFile>totp.css</cssFinalFile>
+
+                            <cssSourceFiles>
+                                <cssSourceFile>license.txt</cssSourceFile>
+                            </cssSourceFiles>
+
+                            <cssSourceIncludes>
+                                <cssSourceInclude>**/*.css</cssSourceInclude>
+                            </cssSourceIncludes>
+
+                            <jsSourceDir>/</jsSourceDir>
+                            <jsTargetDir>/</jsTargetDir>
+                            <jsFinalFile>totp.js</jsFinalFile>
+
+                            <jsSourceFiles>
+                                <jsSourceFile>license.txt</jsSourceFile>
+                            </jsSourceFiles>
+
+                            <jsSourceIncludes>
+                                <jsSourceInclude>**/*.js</jsSourceInclude>
+                            </jsSourceIncludes>
+
+                            <!-- Do not minify and include tests -->
+                            <jsSourceExcludes>
+                                <jsSourceExclude>**/*.test.js</jsSourceExclude>
+                            </jsSourceExcludes>
+                            <jsEngine>CLOSURE</jsEngine>
+
+                            <!-- Disable warnings for JSDoc annotations -->
+                            <closureWarningLevels>
+                                <misplacedTypeAnnotation>OFF</misplacedTypeAnnotation>
+                                <nonStandardJsDocs>OFF</nonStandardJsDocs>
+                            </closureWarningLevels>
+
+                        </configuration>
+                        <goals>
+                            <goal>minify</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+
             <!-- Assembly plugin - for easy distribution -->
             <plugin>
                 <artifactId>maven-assembly-plugin</artifactId>
@@ -105,6 +184,7 @@
                     <excludes>
                         <exclude>**/*.json</exclude>
                         <exclude>src/licenses/**/*</exclude>
+                        <exclude>src/main/resources/templates/*.html</exclude>
                     </excludes>
                 </configuration>
 

extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java

@@ -28,8 +28,8 @@ import javax.servlet.http.HttpServletRequest;
 import org.apache.guacamole.GuacamoleClientException;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.auth.totp.form.AuthenticationCodeField;
 import org.apache.guacamole.form.Field;
-import org.apache.guacamole.form.TextField;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.Credentials;
 import org.apache.guacamole.net.auth.User;
@@ -61,26 +61,6 @@ public class UserVerificationService {
      */
     private static final String TOTP_KEY_CONFIRMED_ATTRIBUTE_NAME = "guac-totp-key-confirmed";
 
-    /**
-     * The name of the HTTP parameter which will contain the TOTP code provided
-     * by the user to verify their identity.
-     */
-    private static final String TOTP_PARAMETER_NAME = "guac-totp";
-
-    /**
-     * The field which should be exposed to the user to request that they
-     * provide their TOTP code.
-     */
-    private static final Field TOTP_FIELD = new TextField(TOTP_PARAMETER_NAME);
-
-    /**
-     * CredentialsInfo object describing the credentials expected for a user
-     * who has verified their identity with TOTP.
-     */
-    private static final CredentialsInfo TOTP_CREDENTIALS = new CredentialsInfo(
-            Collections.singletonList(TOTP_FIELD)
-    );
-
     /**
      * BaseEncoding instance which decoded/encodes base32.
      */
@@ -234,14 +214,16 @@ public class UserVerificationService {
         HttpServletRequest request = credentials.getRequest();
 
         // Retrieve TOTP from request
-        String code = request.getParameter(TOTP_PARAMETER_NAME);
+        String code = request.getParameter(AuthenticationCodeField.PARAMETER_NAME);
 
         // If no TOTP provided, request one
         if (code == null) {
 
             // FIXME: Handle key.isConfirmed() for initial prompt
             throw new GuacamoleInsufficientCredentialsException(
-                    "LOGIN.INFO_TOTP_REQUIRED", TOTP_CREDENTIALS);
+                    "LOGIN.INFO_TOTP_REQUIRED", new CredentialsInfo(
+                        Collections.<Field>singletonList(new AuthenticationCodeField())
+                    ));
 
         }
 

extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java

@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.totp.form;
+
+import org.apache.guacamole.form.Field;
+
+/**
+ * Field which prompts the user for an authentication code generated via TOTP.
+ */
+public class AuthenticationCodeField extends Field {
+
+    /**
+     * The name of the HTTP parameter which will contain the TOTP code provided
+     * by the user to verify their identity.
+     */
+    public static final String PARAMETER_NAME = "guac-totp";
+
+    /**
+     * The unique name associated with this field type.
+     */
+    private static final String FIELD_TYPE_NAME = "GUAC_TOTP_CODE";
+
+    /**
+     * Creates a new field which prompts the user for an authentication code
+     * generated via TOTP.
+     */
+    public AuthenticationCodeField() {
+        super(PARAMETER_NAME, FIELD_TYPE_NAME);
+    }
+
+}

extensions/guacamole-auth-totp/src/main/resources/config/totpConfig.js

@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Config block which registers TOTP-specific field types.
+ */
+angular.module('guacTOTP').config(['formServiceProvider',
+    function guacTOTPConfig(formServiceProvider) {
+
+    // Define field for the TOTP code provided by the user
+    formServiceProvider.registerFieldType('GUAC_TOTP_CODE', {
+        module      : 'guacTOTP',
+        controller  : 'authenticationCodeFieldController',
+        templateUrl : 'app/ext/totp/templates/authenticationCodeField.html'
+    });
+
+}]);

extensions/guacamole-auth-totp/src/main/resources/controllers/authenticationCodeFieldController.js

@@ -0,0 +1,29 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Controller for the "GUAC_TOTP_CODE" field which prompts the user to enter
+ * the code generated by their authentication device.
+ */
+angular.module('guacTOTP').controller('authenticationCodeFieldController', ['$scope', '$element',
+    function authenticationCodeFieldController($scope, $element) {
+
+    // STUB
+
+}]);

extensions/guacamole-auth-totp/src/main/resources/guac-manifest.json

@@ -11,6 +11,18 @@
 
     "translations" : [
         "translations/en.json"
-    ]
+    ],
+
+    "js" : [
+        "totp.min.js"
+    ],
+
+    "css" : [
+        "totp.min.css"
+    ],
+
+    "resources" : {
+        "templates/authenticationCodeField.html" : "text/html"
+    }
 
 }

extensions/guacamole-auth-totp/src/main/resources/styles/totp.css

@@ -0,0 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/* STUB */

extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html

@@ -0,0 +1,3 @@
+<div class="totp-code-field">
+    <input type="text" ng-model="model" autocorrect="off" autocapitalize="off"/>
+</div>

extensions/guacamole-auth-totp/src/main/resources/totpModule.js

@@ -0,0 +1,28 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Module which provides handling for TOTP multi-factor authentication.
+ */
+angular.module('guacTOTP', [
+    'form'
+]);
+
+// Ensure the guacTOTP module is loaded along with the rest of the app
+angular.module('index').requires.push('guacTOTP');