safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUAC-1176: Add password confirmation to reset procedure.

Browse Source
This commit is contained in:
Michael Jumper
2015-06-03 16:52:20 -07:00
parent 4c0cf58d9f
commit a3d3203211
3 changed files with 39 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserContextService.java
View File

@@ -62,17 +62,29 @@ public class UserContextService {
private Provider<UserContext> userContextProvider; private Provider<UserContext> userContextProvider;
/** /**
* The name of the HTTP parameter to expect if the user is changing their * The name of the HTTP password parameter to expect if the user is
* expired password upon login. * changing their expired password upon login.
*/ */
private static final String NEW_PASSWORD_PARAMETER = "new-password"; private static final String NEW_PASSWORD_PARAMETER = "new-password";
/** /**
* The field to provide the user when their password is expired and must * The password field to provide the user when their password is expired
* be changed. * and must be changed.
*/ */
private static final Field NEW_PASSWORD = new Field(NEW_PASSWORD_PARAMETER, "New password", Field.Type.PASSWORD); private static final Field NEW_PASSWORD = new Field(NEW_PASSWORD_PARAMETER, "New password", Field.Type.PASSWORD);
/**
* The name of the HTTP password confirmation parameter to expect if the
* user is changing their expired password upon login.
*/
private static final String CONFIRM_NEW_PASSWORD_PARAMETER = "confirm-new-password";
/**
* The password confirmation field to provide the user when their password
* is expired and must be changed.
*/
private static final Field CONFIRM_NEW_PASSWORD = new Field(CONFIRM_NEW_PASSWORD_PARAMETER, "Confirm new password", Field.Type.PASSWORD);
/** /**
* Information describing the expected credentials if a user's password is * Information describing the expected credentials if a user's password is
* expired. If a user's password is expired, it must be changed during the * expired. If a user's password is expired, it must be changed during the
@@ -81,7 +93,8 @@ public class UserContextService {
private static final CredentialsInfo EXPIRED_PASSWORD = new CredentialsInfo(Arrays.asList( private static final CredentialsInfo EXPIRED_PASSWORD = new CredentialsInfo(Arrays.asList(
CredentialsInfo.USERNAME, CredentialsInfo.USERNAME,
CredentialsInfo.PASSWORD, CredentialsInfo.PASSWORD,
NEW_PASSWORD NEW_PASSWORD,
CONFIRM_NEW_PASSWORD
)); ));
/** /**
@@ -115,9 +128,10 @@ public class UserContextService {
// Pull new password from HTTP request // Pull new password from HTTP request
HttpServletRequest request = credentials.getRequest(); HttpServletRequest request = credentials.getRequest();
String newPassword = request.getParameter(NEW_PASSWORD_PARAMETER); String newPassword = request.getParameter(NEW_PASSWORD_PARAMETER);
String confirmNewPassword = request.getParameter(CONFIRM_NEW_PASSWORD_PARAMETER);
// Require new password if account is expired // Require new password if account is expired
if (newPassword == null) { if (newPassword == null || confirmNewPassword == null) {
logger.info("The password of user \"{}\" has expired and must be reset.", user.getIdentifier()); logger.info("The password of user \"{}\" has expired and must be reset.", user.getIdentifier());
throw new GuacamoleInsufficientCredentialsException("Password expired", EXPIRED_PASSWORD); throw new GuacamoleInsufficientCredentialsException("Password expired", EXPIRED_PASSWORD);
} }
@@ -130,6 +144,10 @@ public class UserContextService {
if (newPassword.isEmpty()) if (newPassword.isEmpty())
throw new GuacamoleClientException("LOGIN.ERROR_PASSWORD_BLANK"); throw new GuacamoleClientException("LOGIN.ERROR_PASSWORD_BLANK");
// Confirm that the password was entered correctly twice
if (!newPassword.equals(confirmNewPassword))
throw new GuacamoleClientException("LOGIN.ERROR_PASSWORD_MISMATCH");
// STUB: Change password if new password given // STUB: Change password if new password given
logger.info("Resetting expired password of user \"{}\".", user.getIdentifier()); logger.info("Resetting expired password of user \"{}\".", user.getIdentifier());

10
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/resources/translations/en.json
View File

@@ -1,8 +1,14 @@
{ {
"LOGIN" : { "LOGIN" : {
"ERROR_PASSWORD_BLANK" : "@:APP.ERROR_PASSWORD_BLANK",
"ERROR_PASSWORD_SAME" : "The new password must be different from the expired password." "ERROR_PASSWORD_BLANK" : "@:APP.ERROR_PASSWORD_BLANK",
"ERROR_PASSWORD_SAME" : "The new password must be different from the expired password.",
"ERROR_PASSWORD_MISMATCH" : "@:APP.ERROR_PASSWORD_MISMATCH",
"FIELD_HEADER_NEW_PASSWORD" : "New password",
"FIELD_HEADER_CONFIRM_NEW_PASSWORD" : "Confirm new password"
}, },
"USER_ATTRIBUTES" : { "USER_ATTRIBUTES" : {

8
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/resources/translations/ru_RU.json
View File

@@ -1,7 +1,13 @@
{ {
"LOGIN" : { "LOGIN" : {
"ERROR_PASSWORD_BLANK" : "@:APP.ERROR_PASSWORD_BLANK"
"ERROR_PASSWORD_BLANK" : "@:APP.ERROR_PASSWORD_BLANK",
"ERROR_PASSWORD_MISMATCH" : "@:APP.ERROR_PASSWORD_MISMATCH",
"FIELD_HEADER_NEW_PASSWORD" : "Новый пароль",
"FIELD_HEADER_CONFIRM_NEW_PASSWORD" : "Подтверждение пароля"
} }
} }