GUACAMOLE-1289: Add new translations and guacamole properties.

extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/UserVerificationService.java

@@ -102,60 +102,60 @@ public class UserVerificationService {
 
         try {
 
-        String redirectUrl = confService.getRedirectUrl().toString();
+            String redirectUrl = confService.getRedirectUri().toString();
 
-        String builtUrl = UriComponentsBuilder
-                .fromUriString(redirectUrl)
-                .queryParam(Credentials.RESUME_QUERY, DuoAuthenticationProvider.PROVIDER_IDENTIFER)
-                .build()
-                .toUriString();
+            String builtUrl = UriComponentsBuilder
+                    .fromUriString(redirectUrl)
+                    .queryParam(Credentials.RESUME_QUERY, DuoAuthenticationProvider.PROVIDER_IDENTIFER)
+                    .build()
+                    .toUriString();
 
-        // Set up the Duo Client
-        Client duoClient = new Client.Builder(
-                confService.getClientId(),
-                confService.getClientSecret(),
-                confService.getAPIHostname(),
-                builtUrl)
-                .build();
-        
-        duoClient.healthCheck();
-        
-        // Retrieve signed Duo Code and State from the request
-        String duoCode = request.getParameter(DUO_CODE_PARAMETER_NAME);
-        String duoState = request.getParameter(DUO_STATE_PARAMETER_NAME);
+            // Set up the Duo Client
+            Client duoClient = new Client.Builder(
+                    confService.getClientId(),
+                    confService.getClientSecret(),
+                    confService.getAPIHostname(),
+                    builtUrl)
+                    .build();
 
-        // If no code or state is received, assume Duo MFA redirect has not occured and do it.
-        if (duoCode == null || duoState == null) {
+            duoClient.healthCheck();
 
-            // Get a new session state from the Duo client
-            duoState = duoClient.generateState();
-            long expirationTimestamp = System.currentTimeMillis() + (confService.getAuthTimeout() * 1000L);
+            // Retrieve signed Duo Code and State from the request
+            String duoCode = request.getParameter(DUO_CODE_PARAMETER_NAME);
+            String duoState = request.getParameter(DUO_STATE_PARAMETER_NAME);
 
-            // Request additional credentials
-            throw new TranslatableGuacamoleInsufficientCredentialsException(
-                "Verification using Duo is required before authentication "
-                + "can continue.", "LOGIN.INFO_DUO_AUTH_REQUIRED",
-                new CredentialsInfo(Collections.singletonList(
-                    new RedirectField(
-                            DUO_CODE_PARAMETER_NAME,
-                            new URI(duoClient.createAuthUrl(username, duoState)),
-                            new TranslatableMessage("LOGIN.INFO_DUO_REDIRECT_PENDING")
-                    )
-                )),
-                duoState, DuoAuthenticationProvider.PROVIDER_IDENTIFER, 
-                DUO_STATE_PARAMETER_NAME, expirationTimestamp
-            );
+            // If no code or state is received, assume Duo MFA redirect has not occured and do it
+            if (duoCode == null || duoState == null) {
 
-        }
-        
-        // Get the token from the DuoClient using the code and username, and check status
-        Token token = duoClient.exchangeAuthorizationCodeFor2FAResult(duoCode, username);
-        if (token == null 
-                || token.getAuth_result() == null 
-                || !DUO_TOKEN_SUCCESS_VALUE.equals(token.getAuth_result().getStatus()))
-            throw new TranslatableGuacamoleClientException("Provided Duo "
-                    + "validation code is incorrect.",
-                    "LOGIN.INFO_DUO_VALIDATION_CODE_INCORRECT");
+                // Get a new session state from the Duo client
+                duoState = duoClient.generateState();
+                long expirationTimestamp = System.currentTimeMillis() + (confService.getAuthTimeout() * 1000L);
+
+                // Request additional credentials
+                throw new TranslatableGuacamoleInsufficientCredentialsException(
+                    "Verification using Duo is required before authentication "
+                    + "can continue.", "LOGIN.INFO_DUO_AUTH_REQUIRED",
+                    new CredentialsInfo(Collections.singletonList(
+                        new RedirectField(
+                                DUO_CODE_PARAMETER_NAME,
+                                new URI(duoClient.createAuthUrl(username, duoState)),
+                                new TranslatableMessage("LOGIN.INFO_DUO_REDIRECT_PENDING")
+                        )
+                    )),
+                    duoState, DuoAuthenticationProvider.PROVIDER_IDENTIFER, 
+                    DUO_STATE_PARAMETER_NAME, expirationTimestamp
+                );
+
+            }
+
+            // Get the token from the DuoClient using the code and username, and check status
+            Token token = duoClient.exchangeAuthorizationCodeFor2FAResult(duoCode, username);
+            if (token == null 
+                    || token.getAuth_result() == null 
+                    || !DUO_TOKEN_SUCCESS_VALUE.equals(token.getAuth_result().getStatus()))
+                throw new TranslatableGuacamoleClientException("Provided Duo "
+                        + "validation code is incorrect.",
+                        "LOGIN.INFO_DUO_VALIDATION_CODE_INCORRECT");
         }
         catch (DuoException e) {
             throw new GuacamoleServerException("Duo Client error.", e);

extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/conf/ConfigurationService.java

@@ -55,8 +55,8 @@ public class ConfigurationService {
     };
 
     /**
-     * The property within guacamole.properties which defines the integration
-     * key received from Duo for verifying Guacamole users. This value MUST be
+     * The property within guacamole.properties which defines the client id
+     * received from Duo for verifying Guacamole users. This value MUST be
      * exactly 20 characters.
      */
     private static final StringGuacamoleProperty DUO_CLIENT_ID =
@@ -79,17 +79,17 @@ public class ConfigurationService {
         public String getName() { return "duo-client-secret"; }
 
     };
-    
+
     /**
-     * The property within guacamole.properties which defines the redirect URL
+     * The property within guacamole.properties which defines the redirect URI
      * that Duo will call after the second factor has been completed. This
-     * should be the URL used to access Guacamole.
+     * should be the URI used to access Guacamole.
      */
-    private static final URIGuacamoleProperty DUO_REDIRECT_URL =
+    private static final URIGuacamoleProperty DUO_REDIRECT_URI =
             new URIGuacamoleProperty() {
-    
+
         @Override
-        public String getName() { return "duo-redirect-url"; }
+        public String getName() { return "duo-redirect-uri"; }
                 
     };
     
@@ -140,8 +140,8 @@ public class ConfigurationService {
     }
 
     /**
-     * Returns the client secert received from Duo for verifying Guacamole users,
-     * as defined in guacamole.properties by the "duo-client-secert" property.
+     * Returns the client secret received from Duo for verifying Guacamole users,
+     * as defined in guacamole.properties by the "duo-client-secret" property.
      * This value MUST be exactly 20 characters.
      *
      * @return
@@ -153,11 +153,11 @@ public class ConfigurationService {
     public String getClientSecret() throws GuacamoleException {
         return environment.getRequiredProperty(DUO_CLIENT_SECRET);
     }
-    
+
     /**
-     * Return the callback URL that will be called by Duo after authentication
-     * with Duo has been completed. This should be the URL to return the user
-     * to the Guacamole interface, and will be a full URL.
+     * Return the callback URI that will be called by Duo after authentication
+     * with Duo has been completed. This should be the URI to return the user
+     * to the Guacamole interface, and will be a full URI.
      * 
      * @return
      *     The URL for Duo to use to callback to the Guacamole interface after
@@ -167,8 +167,8 @@ public class ConfigurationService {
      *     If guacamole.properties cannot be read, or if the property is not
      *     defined.
      */
-    public URI getRedirectUrl() throws GuacamoleException {
-        return environment.getRequiredProperty(DUO_REDIRECT_URL);
+    public URI getRedirectUri() throws GuacamoleException {
+        return environment.getRequiredProperty(DUO_REDIRECT_URI);
     }
     
     /**

extensions/guacamole-auth-duo/src/main/resources/translations/en.json

@@ -7,7 +7,8 @@
     "LOGIN" : {
         "FIELD_HEADER_GUAC_DUO_SIGNED_RESPONSE" : "",
         "INFO_DUO_VALIDATION_CODE_INCORRECT"    : "Duo validation code incorrect.",
-        "INFO_DUO_AUTH_REQUIRED"                : "Please authenticate with Duo to continue."
+        "INFO_DUO_AUTH_REQUIRED"                : "Please authenticate with Duo to continue.",
+        "INFO_DUO_REDIRECT_PENDING"             : "Please wait, redirecting to Duo..."
     }
 
 }

extensions/guacamole-auth-duo/src/main/resources/translations/ja.json

@@ -2,7 +2,8 @@
 
     "LOGIN" : {
         "INFO_DUO_VALIDATION_CODE_INCORRECT"    : "Duoの認証コードが間違っています。",
-        "INFO_DUO_AUTH_REQUIRED"                : "Duoで認証してください。"
+        "INFO_DUO_AUTH_REQUIRED"                : "Duoで認証してください。",
+        "INFO_DUO_REDIRECT_PENDING"             : "Duoへリダイレクトしています。"
     }
 
 }