From a486408ec15ef7be574188927b4640c2c395f559 Mon Sep 17 00:00:00 2001 From: Bojan Zelic Date: Fri, 18 Dec 2020 09:01:15 -0700 Subject: [PATCH] GUACAMOLE-1218: Use TokenFilter to inject tokens from configuration attributes --- .../auth/json/connection/ConnectionService.java | 16 ++++++++++------ .../auth/json/user/UserDataConnection.java | 2 +- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/extensions/guacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/connection/ConnectionService.java b/extensions/guacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/connection/ConnectionService.java index 128aac5b1..0cf4e25db 100644 --- a/extensions/guacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/connection/ConnectionService.java +++ b/extensions/guacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/connection/ConnectionService.java @@ -43,6 +43,7 @@ import org.apache.guacamole.net.auth.GuacamoleProxyConfiguration; import org.apache.guacamole.protocol.ConfiguredGuacamoleSocket; import org.apache.guacamole.protocol.GuacamoleClientInformation; import org.apache.guacamole.protocol.GuacamoleConfiguration; +import org.apache.guacamole.token.TokenFilter; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -166,7 +167,7 @@ public class ConnectionService { * connect is denied. */ public GuacamoleTunnel connect(UserData.Connection connection, - GuacamoleClientInformation info) throws GuacamoleException { + GuacamoleClientInformation info, Map tokens) throws GuacamoleException { // Retrieve proxy configuration from environment GuacamoleProxyConfiguration proxyConfig = environment.getDefaultGuacamoleProxyConfiguration(); @@ -176,14 +177,17 @@ public class ConnectionService { int port = proxyConfig.getPort(); // Generate and verify connection configuration - GuacamoleConfiguration config = getConfiguration(connection); - if (config == null) { + GuacamoleConfiguration filteredConfig = getConfiguration(connection); + if (filteredConfig == null) { logger.debug("Configuration for connection could not be " + "generated. Perhaps the connection being joined is not " + "active?"); throw new GuacamoleResourceNotFoundException("No such connection"); } + // Apply tokens to config parameters + new TokenFilter(tokens).filterValues(filteredConfig.getParameters()); + // Determine socket type based on required encryption method final ConfiguredGuacamoleSocket socket; switch (proxyConfig.getEncryptionMethod()) { @@ -192,7 +196,7 @@ public class ConnectionService { case SSL: socket = new ConfiguredGuacamoleSocket( new SSLGuacamoleSocket(hostname, port), - config, info + filteredConfig, info ); break; @@ -200,7 +204,7 @@ public class ConnectionService { case NONE: socket = new ConfiguredGuacamoleSocket( new InetGuacamoleSocket(hostname, port), - config, info + filteredConfig, info ); break; @@ -277,7 +281,7 @@ public class ConnectionService { // Track tunnels which join connections, such that they can be // automatically closed when the joined connection closes - String joinedConnection = config.getConnectionID(); + String joinedConnection = filteredConfig.getConnectionID(); if (joinedConnection != null) { // Track shadower of joined connection if possible diff --git a/extensions/guacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/user/UserDataConnection.java b/extensions/guacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/user/UserDataConnection.java index fd24f91f2..48a9de18d 100644 --- a/extensions/guacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/user/UserDataConnection.java +++ b/extensions/guacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/user/UserDataConnection.java @@ -180,7 +180,7 @@ public class UserDataConnection implements Connection { } // Perform connection operation - return connectionService.connect(connection, info); + return connectionService.connect(connection, info, tokens); }