safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 05:07:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-641: Remove Azure Key Vault extension until license text can be obtained.

Browse Source
This commit is contained in:
Michael Jumper
2022-01-21 15:23:41 -08:00
parent e89a65586c
commit 979505bb58
59 changed files with 0 additions and 1523 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
extensions/guacamole-vault/modules/guacamole-vault-azure/.ratignore
View File

194
extensions/guacamole-vault/modules/guacamole-vault-azure/pom.xml
View File

@@ -1,194 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.apache.guacamole</groupId>
<artifactId>guacamole-vault-azure</artifactId>
<packaging>jar</packaging>
<version>1.4.0</version>
<name>guacamole-vault-azure</name>
<url>http://guacamole.apache.org/</url>
<properties>
<azure-client-runtimes.version>1.7.4</azure-client-runtimes.version>
<okhttp.version>3.14.7</okhttp.version>
</properties>
<parent>
<groupId>org.apache.guacamole</groupId>
<artifactId>guacamole-vault</artifactId>
<version>1.4.0</version>
<relativePath>../../</relativePath>
</parent>
<build>
<plugins>
<!-- The Azure libraries result in javac outright failing without
any explicit error or warning if "-Werror" is passed -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<failOnWarning>false</failOnWarning>
</configuration>
</plugin>
</plugins>
</build>
<dependencies>
<!-- Guacamole Extension API -->
<dependency>
<groupId>org.apache.guacamole</groupId>
<artifactId>guacamole-ext</artifactId>
<scope>provided</scope>
</dependency>
<!-- Guacamole base key vault support -->
<dependency>
<groupId>org.apache.guacamole</groupId>
<artifactId>guacamole-vault-base</artifactId>
<version>1.4.0</version>
</dependency>
<!-- Azure Key Vault client -->
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-keyvault</artifactId>
<version>1.2.4</version>
<exclusions>
<!-- Already provided within Guacamole webapp environment via
guacamole-ext / guacamole-common -->
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</exclusion>
<!-- Multiple version conflicts between transitive dependencies
of azure-keyvault and adal4j -->
<exclusion>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-client-runtime</artifactId>
</exclusion>
<exclusion>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- Active Directory client (used to authenticate with Azure) -->
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>adal4j</artifactId>
<version>1.6.7</version>
<exclusions>
<!-- Already provided within Guacamole webapp environment via
guacamole-ext / guacamole-common w-->
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</exclusion>
<!-- Multiple version conflicts between transitive dependencies
of azure-keyvault and adal4j -->
<exclusion>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- Explicitly depend on most recent versions of Azure client runtime
compatible with azure-keyvault / adal4j (conflict otherwise) -->
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-client-runtime</artifactId>
<version>${azure-client-runtimes.version}</version>
</dependency>
<dependency>
<groupId>com.microsoft.rest</groupId>
<artifactId>client-runtime</artifactId>
<version>${azure-client-runtimes.version}</version>
<exclusions>
<exclusion>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</exclusion>
<exclusion>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
</exclusion>
<exclusion>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp-urlconnection</artifactId>
</exclusion>
<exclusion>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>logging-interceptor</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- Explicitly depend on most recent versions of dependencies required
by azure-keyvault / adal4j -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.8.1</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.14</version>
</dependency>
<!-- Explicitly depend on most recent version of okhttp required by
transitive dependencies of azure-keyvault -->
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
<version>${okhttp.version}</version>
</dependency>
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp-urlconnection</artifactId>
<version>${okhttp.version}</version>
</dependency>
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>logging-interceptor</artifactId>
<version>${okhttp.version}</version>
</dependency>
</dependencies>
</project>

47
extensions/guacamole-vault/modules/guacamole-vault-azure/src/main/java/org/apache/guacamole/vault/azure/AzureKeyVaultAuthenticationProvider.java
View File

@@ -1,47 +0,0 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.vault.azure;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.vault.VaultAuthenticationProvider;
/**
* VaultAuthenticationProvider implementation which reads secrets from Azure
* Key Vault.
*/
public class AzureKeyVaultAuthenticationProvider extends VaultAuthenticationProvider {
/**
* Creates a new AzureKeyVaultAuthenticationProvider which reads secrets
* from a configured Azure Key Vault.
*
* @throws GuacamoleException
* If configuration details cannot be read from guacamole.properties.
*/
public AzureKeyVaultAuthenticationProvider() throws GuacamoleException {
super(new AzureKeyVaultAuthenticationProviderModule());
}
@Override
public String getIdentifier() {
return "azure-keyvault";
}
}

61
extensions/guacamole-vault/modules/guacamole-vault-azure/src/main/java/org/apache/guacamole/vault/azure/AzureKeyVaultAuthenticationProviderModule.java
View File

@@ -1,61 +0,0 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.vault.azure;
import com.microsoft.azure.keyvault.authentication.KeyVaultCredentials;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.vault.VaultAuthenticationProviderModule;
import org.apache.guacamole.vault.azure.conf.AzureKeyVaultConfigurationService;
import org.apache.guacamole.vault.azure.conf.AzureKeyVaultCredentials;
import org.apache.guacamole.vault.azure.secret.AzureKeyVaultSecretService;
import org.apache.guacamole.vault.conf.VaultConfigurationService;
import org.apache.guacamole.vault.secret.VaultSecretService;
/**
* Guice module which configures injections specific to Azure Key Vault
* support.
*/
public class AzureKeyVaultAuthenticationProviderModule
extends VaultAuthenticationProviderModule {
/**
* Creates a new AzureKeyVaultAuthenticationProviderModule which
* configures dependency injection for the Azure Key Vault authentication
* provider and related services.
*
* @throws GuacamoleException
* If configuration details in guacamole.properties cannot be parsed.
*/
public AzureKeyVaultAuthenticationProviderModule() throws GuacamoleException {}
@Override
protected void configureVault() {
// Bind services specific to Azure Key Vault
bind(VaultConfigurationService.class).to(AzureKeyVaultConfigurationService.class);
bind(VaultSecretService.class).to(AzureKeyVaultSecretService.class);
// Bind ADAL credentials implementation required for authenticating
// against Azure
bind(KeyVaultCredentials.class).to(AzureKeyVaultCredentials.class);
}
}

57
extensions/guacamole-vault/modules/guacamole-vault-azure/src/main/java/org/apache/guacamole/vault/azure/conf/AzureKeyVaultAuthenticationException.java
View File

@@ -1,57 +0,0 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.vault.azure.conf;
/**
* Unchecked exception thrown by AzureKeyVaultCredentials if an error occurs
* during the authentication process. Note that the base KeyVaultCredentials
* base class does not provide for checked exceptions within the authentication
* process.
*
* @see AzureKeyVaultCredentials#doAuthenticate(java.lang.String, java.lang.String, java.lang.String)
*/
public class AzureKeyVaultAuthenticationException extends RuntimeException {
/**
* Creates a new AzureKeyVaultAuthenticationException having the given
* human-readable message.
*
* @param message
* A human-readable message describing the error that occurred.
*/
public AzureKeyVaultAuthenticationException(String message) {
super(message);
}
/**
* Creates a new AzureKeyVaultAuthenticationException having the given
* human-readable message and cause.
*
* @param message
* A human-readable message describing the error that occurred.
*
* @param cause
* The error that caused this exception.
*/
public AzureKeyVaultAuthenticationException(String message, Throwable cause) {
super(message, cause);
}
}

174
extensions/guacamole-vault/modules/guacamole-vault-azure/src/main/java/org/apache/guacamole/vault/azure/conf/AzureKeyVaultConfigurationService.java
View File

@@ -1,174 +0,0 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.vault.azure.conf;
import com.google.inject.Inject;
import com.google.inject.Singleton;
import com.microsoft.aad.adal4j.ClientCredential;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.environment.Environment;
import org.apache.guacamole.properties.IntegerGuacamoleProperty;
import org.apache.guacamole.properties.StringGuacamoleProperty;
import org.apache.guacamole.vault.conf.VaultConfigurationService;
/**
* Service for retrieving configuration information regarding the Azure Key
* Vault authentication extension.
*/
@Singleton
public class AzureKeyVaultConfigurationService extends VaultConfigurationService {
/**
* The Guacamole server environment.
*/
@Inject
private Environment environment;
/**
* The name of the file which contains the YAML mapping of connection
* parameter token to Azure Key Vault secret name.
*/
private static final String TOKEN_MAPPING_FILENAME = "azure-keyvault-token-mapping.yml";
/**
* The name of the properties file containing Guacamole configuration
* properties whose values are the names of corresponding secrets within
* Azure Key Vault.
*/
private static final String PROPERTIES_FILENAME = "guacamole.properties.azure";
/**
* The number of milliseconds that each retrieved secret should be cached
* for.
*/
private static final IntegerGuacamoleProperty SECRET_TTL = new IntegerGuacamoleProperty() {
@Override
public String getName() {
return "azure-keyvault-secret-ttl";
}
};
/**
* The URL of the Azure Key Vault that should be used to populate token
* values.
*/
private static final StringGuacamoleProperty VAULT_URL = new StringGuacamoleProperty() {
@Override
public String getName() {
return "azure-keyvault-url";
}
};
/**
* The client ID that should be used to authenticate with Azure Key Vault
* using ADAL.
*/
private static final StringGuacamoleProperty CLIENT_ID = new StringGuacamoleProperty() {
@Override
public String getName() {
return "azure-keyvault-client-id";
}
};
/**
* The client key that should be used to authenticate with Azure Key Vault
* using ADAL.
*/
private static final StringGuacamoleProperty CLIENT_KEY = new StringGuacamoleProperty() {
@Override
public String getName() {
return "azure-keyvault-client-key";
}
};
/**
* Creates a new AzureKeyVaultConfigurationService which reads the token
* mapping from "azure-keyvault-token-mapping.yml" and properties from
* "guacamole.properties.azure". The token mapping is a YAML file which
* lists each connection parameter token and the name of the secret from
* which the value for that token should be read, while the properties
* file is an alternative to guacamole.properties where each property
* value is the name of a secret containing the actual value.
*/
public AzureKeyVaultConfigurationService() {
super(TOKEN_MAPPING_FILENAME, PROPERTIES_FILENAME);
}
/**
* Returns the number of milliseconds that each retrieved secret should be
* cached for. By default, secrets are cached for 10 seconds.
*
* @return
* The number of milliseconds to cache each retrieved secret.
*
* @throws GuacamoleException
* If the value specified within guacamole.properties cannot be
* parsed.
*/
public int getSecretTTL() throws GuacamoleException {
return environment.getProperty(SECRET_TTL, 10000);
}
/**
* Returns the base URL of the Azure Key Vault containing the secrets that
* should be retrieved to populate connection parameter tokens. The base
* URL is specified with the "azure-keyvault-url" property.
*
* @return
* The base URL of the Azure Key Vault.
*
* @throws GuacamoleException
* If the base URL is not specified within guacamole.properties.
*/
public String getVaultURL() throws GuacamoleException {
return environment.getRequiredProperty(VAULT_URL);
}
/**
* Returns the credentials that should be used to authenticate with Azure
* Key Vault when retrieving secrets. Azure's "ADAL" authentication will be
* used, requiring a client ID and key. These values are specified with the
* "azure-keyvault-client-id" and "azure-keyvault-client-key" properties
* respectively.
*
* @return
* The credentials that should be used to authenticate with Azure Key
* Vault.
*
* @throws GuacamoleException
* If the client ID or key are not specified within
* guacamole.properties.
*/
public ClientCredential getClientCredentials() throws GuacamoleException {
return new ClientCredential(
environment.getRequiredProperty(CLIENT_ID),
environment.getRequiredProperty(CLIENT_KEY)
);
}
}

115
extensions/guacamole-vault/modules/guacamole-vault-azure/src/main/java/org/apache/guacamole/vault/azure/conf/AzureKeyVaultCredentials.java
View File

@@ -1,115 +0,0 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.vault.azure.conf;
import com.google.inject.Inject;
import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.AuthenticationResult;
import com.microsoft.aad.adal4j.ClientCredential;
import com.microsoft.azure.keyvault.authentication.KeyVaultCredentials;
import java.net.MalformedURLException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import org.apache.guacamole.GuacamoleException;
/**
* KeyVaultCredentials implementation which retrieves the required client ID
* and key from guacamole.properties. Note that KeyVaultCredentials as
* implemented in the Azure Java SDK is NOT THREADSAFE; it leverages a
* non-concurrent HashMap for authentication result caching and does not
* perform any synchronization.
*/
public class AzureKeyVaultCredentials extends KeyVaultCredentials {
/**
* Service for retrieving configuration information.
*/
@Inject
private AzureKeyVaultConfigurationService confService;
/**
* {@inheritDoc}
*
* @throws AzureKeyVaultAuthenticationException
* If an error occurs preventing successful authentication. Note that
* this exception is unchecked. Uses of this class which need to be
* aware of errors in the authentication process must manually catch
* this exception.
*/
@Override
public String doAuthenticate(String authorization, String resource,
String scope) throws AzureKeyVaultAuthenticationException {
// Read Azure credentials from guacamole.properties
ClientCredential credentials;
try {
credentials = confService.getClientCredentials();
}
catch (GuacamoleException e) {
throw new AzureKeyVaultAuthenticationException("Azure "
+ "credentials could not be read.", e);
}
ExecutorService service = Executors.newFixedThreadPool(1);
try {
// Attempt to aquire authentication token from Azure
AuthenticationContext context = new AuthenticationContext(authorization, false, service);
Future<AuthenticationResult> future = context.acquireToken(resource, credentials, null);
// Wait for response
AuthenticationResult result = future.get();
// The semantics of a null return value are not documented, however
// example code provided with the Azure Java SDK demonstrates that
// a null check is required, albeit without explanation
if (result == null)
throw new AzureKeyVaultAuthenticationException(
"Authentication result from Azure was empty.");
// Return authentication token from successful response
return result.getAccessToken();
}
// Rethrow any errors which occur during the authentication process as
// AzureKeyVaultAuthenticationExceptions
catch (MalformedURLException e) {
throw new AzureKeyVaultAuthenticationException("Azure "
+ "authentication URL is malformed.", e);
}
catch (InterruptedException e) {
throw new AzureKeyVaultAuthenticationException("Azure "
+ "authentication process was interrupted.", e);
}
catch (ExecutionException e) {
throw new AzureKeyVaultAuthenticationException("Authentication "
+ "against Azure failed.", e);
}
finally {
service.shutdown();
}
}
}

132
extensions/guacamole-vault/modules/guacamole-vault-azure/src/main/java/org/apache/guacamole/vault/azure/secret/AzureKeyVaultSecretService.java
View File

@@ -1,132 +0,0 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.vault.azure.secret;
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import com.microsoft.azure.keyvault.KeyVaultClient;
import com.microsoft.azure.keyvault.authentication.KeyVaultCredentials;
import com.microsoft.azure.keyvault.models.SecretBundle;
import com.microsoft.rest.ServiceCallback;
import java.util.Collections;
import java.util.Map;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.Future;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.protocol.GuacamoleConfiguration;
import org.apache.guacamole.token.TokenFilter;
import org.apache.guacamole.vault.azure.conf.AzureKeyVaultAuthenticationException;
import org.apache.guacamole.vault.azure.conf.AzureKeyVaultConfigurationService;
import org.apache.guacamole.vault.secret.CachedVaultSecretService;
/**
* Service which retrieves secrets from Azure Key Vault.
*/
@Singleton
public class AzureKeyVaultSecretService extends CachedVaultSecretService {
/**
* Pattern which matches contiguous groups of characters which are not
* allowed within Azure Key Vault secret names.
*/
private static final Pattern DISALLOWED_CHARACTERS = Pattern.compile("[^a-zA-Z0-9-]+");
/**
* Service for retrieving configuration information.
*/
@Inject
private AzureKeyVaultConfigurationService confService;
/**
* Provider for Azure Key Vault credentials.
*/
@Inject
private Provider<KeyVaultCredentials> credentialProvider;
/**
* {@inheritDoc}
*
* <p>Azure Key Vault allows strictly a-z, A-Z, 0-9, and "-". This
* implementation strips out all contiguous groups of characters which are
* not allowed by Azure Key Vault, replacing them with a single dash.
*/
@Override
public String canonicalize(String nameComponent) {
Matcher disallowed = DISALLOWED_CHARACTERS.matcher(nameComponent);
return disallowed.replaceAll("-");
}
@Override
protected CachedSecret refreshCachedSecret(String name)
throws GuacamoleException {
int ttl = confService.getSecretTTL();
String url = confService.getVaultURL();
CompletableFuture<String> retrievedValue = new CompletableFuture<>();
// getSecretAsync() still blocks for around half a second, despite
// technically being asynchronous
(new Thread() {
@Override
public void run() {
try {
// Retrieve requested secret from Azure Key Vault
KeyVaultClient client = new KeyVaultClient(credentialProvider.get());
client.getSecretAsync(url, name, new ServiceCallback<SecretBundle>() {
@Override
public void failure(Throwable t) {
retrievedValue.completeExceptionally(t);
}
@Override
public void success(SecretBundle secret) {
String value = (secret != null) ? secret.value() : null;
retrievedValue.complete(value);
}
});
}
catch (AzureKeyVaultAuthenticationException e) {
retrievedValue.completeExceptionally(e);
}
}
}).start();
// Cache retrieved value
return new CachedSecret(retrievedValue, ttl);
}
@Override
public Map<String, Future<String>> getTokens(GuacamoleConfiguration config,
TokenFilter filter) throws GuacamoleException {
return Collections.emptyMap();
}
}

16
extensions/guacamole-vault/modules/guacamole-vault-azure/src/main/resources/guac-manifest.json
View File

@@ -1,16 +0,0 @@
{
"guacamoleVersion" : "1.4.0",
"name" : "Azure Key Vault",
"namespace" : "azure-keyvault",
"authProviders" : [
"org.apache.guacamole.vault.azure.AzureKeyVaultAuthenticationProvider"
],
"translations" : [
"translations/en.json"
]
}

7
extensions/guacamole-vault/modules/guacamole-vault-dist/pom.xml
View File

@@ -42,13 +42,6 @@
<dependencies>
<!-- Azure Key Vault Extension -->
<dependency>
<groupId>org.apache.guacamole</groupId>
<artifactId>guacamole-vault-azure</artifactId>
<version>1.4.0</version>
</dependency>
<!-- Keeper Secrets Manager Extension -->
<dependency>
<groupId>org.apache.guacamole</groupId>

8
extensions/guacamole-vault/modules/guacamole-vault-dist/src/main/assembly/dist.xml
View File

@@ -33,14 +33,6 @@
<!-- Include extension .jars -->
<dependencySets>
<!-- Azure Key Vault extension .jar -->
<dependencySet>
<outputDirectory>azure</outputDirectory>
<includes>
<include>org.apache.guacamole:guacamole-vault-azure</include>
</includes>
</dependencySet>
<!-- Keeper Secrets Manager extension .jar -->
<dependencySet>
<outputDirectory>ksm</outputDirectory>

1
extensions/guacamole-vault/pom.xml
View File

@@ -46,7 +46,6 @@
<module>modules/guacamole-vault-base</module>
<!-- Provider-specific implementations -->
<module>modules/guacamole-vault-azure</module>
<module>modules/guacamole-vault-ksm</module>
</modules>