safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 05:07:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-362: Refactor ticket validation handling of credentials.

Browse Source
This commit is contained in:
Nick Couchman
2017-09-30 20:55:44 -04:00
committed by Nick Couchman
parent 62fafcb379
commit b410b99d49
2 changed files with 12 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
View File

@@ -87,18 +87,12 @@ public class AuthenticationProviderService {
if (request != null) { if (request != null) {
String ticket = request.getParameter(CASTicketField.PARAMETER_NAME); String ticket = request.getParameter(CASTicketField.PARAMETER_NAME);
if (ticket != null) { if (ticket != null) {
Credentials ticketCredentials = ticketService.validateTicket(ticket); String username = ticketService.validateTicket(ticket, credentials);
if (ticketCredentials != null) { if (username != null) {
String username = ticketCredentials.getUsername(); AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
if (username != null) authenticatedUser.init(username, credentials);
credentials.setUsername(username); return authenticatedUser;
String password = ticketCredentials.getPassword();
if (password != null)
credentials.setPassword(password);
} }
AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
authenticatedUser.init(credentials.getUsername(), credentials);
return authenticatedUser;
} }
} }

15
extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java
View File

@@ -57,21 +57,21 @@ public class TicketValidationService {
private ConfigurationService confService; private ConfigurationService confService;
/** /**
* Validates and parses the given ID ticket, returning the Credentials object * Validates and parses the given ID ticket, returning the username
* derived from the parameters provided by the CAS server in the ticket. If the * provided by the CAS server in the ticket. If the
* ticket is invalid an exception is thrown. * ticket is invalid an exception is thrown.
* *
* @param ticket * @param ticket
* The ID ticket to validate and parse. * The ID ticket to validate and parse.
* *
* @return * @return
* The Credentials object derived from parameters provided in the ticket. * The username derived from the ticket.
* *
* @throws GuacamoleException * @throws GuacamoleException
* If the ID ticket is not valid or guacamole.properties could * If the ID ticket is not valid or guacamole.properties could
* not be parsed. * not be parsed.
*/ */
public Credentials validateTicket(String ticket) throws GuacamoleException { public String validateTicket(String ticket, Credentials credentials) throws GuacamoleException {
// Retrieve the configured CAS URL, establish a ticket validator, // Retrieve the configured CAS URL, establish a ticket validator,
// and then attempt to validate the supplied ticket. If that succeeds, // and then attempt to validate the supplied ticket. If that succeeds,
@@ -80,7 +80,6 @@ public class TicketValidationService {
Cas20ProxyTicketValidator validator = new Cas20ProxyTicketValidator(casServerUrl); Cas20ProxyTicketValidator validator = new Cas20ProxyTicketValidator(casServerUrl);
validator.setAcceptAnyProxy(true); validator.setAcceptAnyProxy(true);
try { try {
Credentials ticketCredentials = new Credentials();
String confRedirectURI = confService.getRedirectURI(); String confRedirectURI = confService.getRedirectURI();
Assertion a = validator.validate(ticket, confRedirectURI); Assertion a = validator.validate(ticket, confRedirectURI);
AttributePrincipal principal = a.getPrincipal(); AttributePrincipal principal = a.getPrincipal();
@@ -88,17 +87,17 @@ public class TicketValidationService {
// Retrieve username and set the credentials. // Retrieve username and set the credentials.
String username = principal.getName(); String username = principal.getName();
if (username != null) if (username != null)
ticketCredentials.setUsername(username); credentials.setUsername(username);
// Retrieve password, attempt decryption, and set credentials. // Retrieve password, attempt decryption, and set credentials.
Object credObj = principal.getAttributes().get("credential"); Object credObj = principal.getAttributes().get("credential");
if (credObj != null) { if (credObj != null) {
String clearPass = decryptPassword(credObj.toString()); String clearPass = decryptPassword(credObj.toString());
if (clearPass != null && !clearPass.isEmpty()) if (clearPass != null && !clearPass.isEmpty())
ticketCredentials.setPassword(clearPass); credentials.setPassword(clearPass);
} }
return ticketCredentials; return username;
} }
catch (TicketValidationException e) { catch (TicketValidationException e) {