GUACAMOLE-1006: Implement Collection support within GuacamoleProperty classes.

2025-09-07 05:31:22 +00:00 · 2020-04-02 13:46:14 -04:00
parent 6493a2313b
commit 9da1289677
18 changed files with 490 additions and 57 deletions
--- a/extensions/guacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/ConfigurationService.java
+++ b/extensions/guacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/ConfigurationService.java
@@ -25,7 +25,7 @@ import java.util.Collections;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.environment.Environment;
 import org.apache.guacamole.properties.ByteArrayProperty;
-import org.apache.guacamole.properties.StringListProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;

 /**
 * Service for retrieving configuration information regarding the JSON
@@ -56,7 +56,7 @@ public class ConfigurationService {
     * be allowed to perform authentication. If not specified, ALL address will
     * be allowed.
     */
-    private static final StringListProperty JSON_TRUSTED_NETWORKS = new StringListProperty() {
+    private static final StringGuacamoleProperty JSON_TRUSTED_NETWORKS = new StringGuacamoleProperty() {

        @Override
        public String getName() {
@@ -95,7 +95,7 @@ public class ConfigurationService {
     *     If guacamole.properties cannot be parsed.
     */
    public Collection<String> getTrustedNetworks() throws GuacamoleException {
-        return environment.getProperty(JSON_TRUSTED_NETWORKS, Collections.<String>emptyList());
+        return environment.getPropertyCollection(JSON_TRUSTED_NETWORKS, Collections.<String>emptyList());
    }

 }
--- a/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/conf/ConfigurationService.java
+++ b/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/conf/ConfigurationService.java
@@ -20,10 +20,11 @@
 package org.apache.guacamole.auth.quickconnect.conf;

 import com.google.inject.Inject;
+import java.util.Collection;
 import java.util.List;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.environment.Environment;
-import org.apache.guacamole.properties.StringListProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;

 /**
 * Configuration options to control the QuickConnect module.
@@ -42,7 +43,7 @@ public class ConfigurationService {
     * the parameters defined in this list.  Defaults to null (all parameters
     * are allowed).
     */
-    public static final StringListProperty QUICKCONNECT_ALLOWED_PARAMETERS = new StringListProperty() {
+    public static final StringGuacamoleProperty QUICKCONNECT_ALLOWED_PARAMETERS = new StringGuacamoleProperty() {
        
        @Override
        public String getName() { return "quickconnect-allowed-parameters"; }
@@ -55,7 +56,7 @@ public class ConfigurationService {
     * except the ones defined in this list.  Defaults to null (all parameters
     * are allowed).
     */
-    public static final StringListProperty QUICKCONNECT_DENIED_PARAMETERS = new StringListProperty() {
+    public static final StringGuacamoleProperty QUICKCONNECT_DENIED_PARAMETERS = new StringGuacamoleProperty() {
        
        @Override
        public String getName() { return "quickconnect-denied-parameters"; }
@@ -74,8 +75,8 @@ public class ConfigurationService {
     * @throws GuacamoleException
     *    If guacamole.properties cannot be parsed.
     */
-    public List<String> getAllowedParameters() throws GuacamoleException {
-        return environment.getProperty(QUICKCONNECT_ALLOWED_PARAMETERS);
+    public Collection<String> getAllowedParameters() throws GuacamoleException {
+        return environment.getPropertyCollection(QUICKCONNECT_ALLOWED_PARAMETERS);
    }
    
    /**
@@ -90,8 +91,8 @@ public class ConfigurationService {
     * @throws GuacamoleException 
     *     If guacamole.properties cannot be parsed.
     */
-    public List<String> getDeniedParameters() throws GuacamoleException {
-        return environment.getProperty(QUICKCONNECT_DENIED_PARAMETERS);
+    public Collection<String> getDeniedParameters() throws GuacamoleException {
+        return environment.getPropertyCollection(QUICKCONNECT_DENIED_PARAMETERS);
    }
    
 }
--- a/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/utility/QCParser.java
+++ b/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/utility/QCParser.java
@@ -25,6 +25,7 @@ import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URLDecoder;
 import java.util.Arrays;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.regex.Matcher;
@@ -60,13 +61,13 @@ public class QCParser {
     * by this parser. If not defined, all parameters will be allowed unless
     * explicitly denied.
     */
-    private final List<String> allowedParams;
+    private final Collection<String> allowedParams;
    
    /**
     * The list of parameters that are explicitly denied from being placed into
     * a configuration by this parser.
     */
-    private final List<String> deniedParams;
+    private final Collection<String> deniedParams;
    
    /**
     * Create a new instance of the QCParser class, with the provided allowed
@@ -81,7 +82,7 @@ public class QCParser {
     *     A list of parameters, if any, that should be explicitly denied from
     *     being placed into a connection configuration.
     */
-    public QCParser(List<String> allowedParams, List<String> deniedParams) {
+    public QCParser(Collection<String> allowedParams, Collection<String> deniedParams) {
        this.allowedParams = allowedParams;
        this.deniedParams = deniedParams;
    }
--- a/extensions/guacamole-auth-sso/modules/guacamole-auth-sso-openid/src/main/java/org/apache/guacamole/auth/openid/conf/ConfigurationService.java
+++ b/extensions/guacamole-auth-sso/modules/guacamole-auth-sso-openid/src/main/java/org/apache/guacamole/auth/openid/conf/ConfigurationService.java
@@ -21,13 +21,13 @@ package org.apache.guacamole.auth.openid.conf;

 import com.google.inject.Inject;
 import java.net.URI;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.environment.Environment;
 import org.apache.guacamole.properties.IntegerGuacamoleProperty;
 import org.apache.guacamole.properties.StringGuacamoleProperty;
-import org.apache.guacamole.properties.StringListProperty;
 import org.apache.guacamole.properties.URIGuacamoleProperty;

 /**
@@ -138,8 +138,8 @@ public class ConfigurationService {
     * The claims within any valid JWT that should be mapped to
     * the authenticated user's tokens, as configured with guacamole.properties.
     */
-    private static final StringListProperty OPENID_ATTRIBUTES_CLAIM_TYPE =
-            new StringListProperty() {
+    private static final StringGuacamoleProperty OPENID_ATTRIBUTES_CLAIM_TYPE =
+            new StringGuacamoleProperty() {
                @Override
                public String getName() { return "openid-attributes-claim-type"; }
            };
@@ -356,8 +356,8 @@ public class ConfigurationService {
     * @throws GuacamoleException
     *     If guacamole.properties cannot be parsed.
     */
-    public List<String> getAttributesClaimType() throws GuacamoleException {
-        return environment.getProperty(OPENID_ATTRIBUTES_CLAIM_TYPE, DEFAULT_ATTRIBUTES_CLAIM_TYPE);
+    public Collection<String> getAttributesClaimType() throws GuacamoleException {
+        return environment.getPropertyCollection(OPENID_ATTRIBUTES_CLAIM_TYPE, DEFAULT_ATTRIBUTES_CLAIM_TYPE);
    }

    /**
--- a/extensions/guacamole-auth-sso/modules/guacamole-auth-sso-openid/src/main/java/org/apache/guacamole/auth/openid/token/TokenValidationService.java
+++ b/extensions/guacamole-auth-sso/modules/guacamole-auth-sso-openid/src/main/java/org/apache/guacamole/auth/openid/token/TokenValidationService.java
@@ -20,6 +20,7 @@
 package org.apache.guacamole.auth.openid.token;

 import com.google.inject.Inject;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -229,7 +230,7 @@ public class TokenValidationService {
     *     If guacamole.properties could not be parsed.
     */
    public Map<String, String> processAttributes(JwtClaims claims) throws GuacamoleException {
-        List<String> attributesClaim = confService.getAttributesClaimType();
+        Collection<String> attributesClaim = confService.getAttributesClaimType();

        if (claims != null && !attributesClaim.isEmpty()) {
            try {
--- a/extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLClientAuthenticationResource.java
+++ b/extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLClientAuthenticationResource.java
@@ -26,6 +26,7 @@ import java.io.UnsupportedEncodingException;
 import java.net.URI;
 import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
+import java.util.Collection;
 import java.util.Date;
 import java.util.List;
 import java.util.concurrent.TimeUnit;
@@ -214,7 +215,7 @@ public class SSLClientAuthenticationResource extends SSOResource {

        // Verify that the username is specified with one of the allowed
        // attributes
-        List<String> usernameAttributes = confService.getSubjectUsernameAttributes();
+        Collection<String> usernameAttributes = confService.getSubjectUsernameAttributes();
        if (usernameAttributes != null && !usernameAttributes.stream().anyMatch(nameRdn.getType()::equalsIgnoreCase))
            throw new GuacamoleClientException("Subject DN \"" + dn + "\" "
                    + "does not contain an acceptable username attribute.");
--- a/extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/conf/ConfigurationService.java
+++ b/extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/conf/ConfigurationService.java
@@ -22,7 +22,7 @@ package org.apache.guacamole.auth.ssl.conf;
 import com.google.inject.Inject;
 import java.net.URI;
 import java.net.URISyntaxException;
-import java.util.List;
+import java.util.Collection;
 import javax.naming.ldap.LdapName;
 import javax.ws.rs.core.UriBuilder;
 import org.apache.guacamole.GuacamoleException;
@@ -30,7 +30,6 @@ import org.apache.guacamole.GuacamoleServerException;
 import org.apache.guacamole.environment.Environment;
 import org.apache.guacamole.properties.IntegerGuacamoleProperty;
 import org.apache.guacamole.properties.StringGuacamoleProperty;
-import org.apache.guacamole.properties.StringListProperty;
 import org.apache.guacamole.properties.URIGuacamoleProperty;

 /**
@@ -146,8 +145,8 @@ public class ConfigurationService {
     * one of these attributes, the certificate will be rejected. By default,
     * any attribute is accepted.
     */
-    private static final StringListProperty SSL_SUBJECT_USERNAME_ATTRIBUTE =
-            new StringListProperty () {
+    private static final StringGuacamoleProperty SSL_SUBJECT_USERNAME_ATTRIBUTE =
+            new StringGuacamoleProperty () {

        @Override
        public String getName() { return "ssl-subject-username-attribute"; }
@@ -433,8 +432,8 @@ public class ConfigurationService {
     * @throws GuacamoleException
     *     If the configured set of username attributes cannot be read.
     */
-    public List<String> getSubjectUsernameAttributes() throws GuacamoleException {
-        return environment.getProperty(SSL_SUBJECT_USERNAME_ATTRIBUTE);
+    public Collection<String> getSubjectUsernameAttributes() throws GuacamoleException {
+        return environment.getPropertyCollection(SSL_SUBJECT_USERNAME_ATTRIBUTE);
    }

 }