safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-362: Refactor ticket validation handling of credentials.

Browse Source
This commit is contained in:
Nick Couchman
2017-09-30 20:55:44 -04:00
committed by Nick Couchman
parent 62fafcb379
commit b410b99d49
2 changed files with 12 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
View File

@@ -87,18 +87,12 @@ public class AuthenticationProviderService {
if (request != null) {
String ticket = request.getParameter(CASTicketField.PARAMETER_NAME);
if (ticket != null) {
Credentials ticketCredentials = ticketService.validateTicket(ticket);
if (ticketCredentials != null) {
String username = ticketCredentials.getUsername();
if (username != null)
credentials.setUsername(username);
String password = ticketCredentials.getPassword();
if (password != null)
credentials.setPassword(password);
String username = ticketService.validateTicket(ticket, credentials);
if (username != null) {
AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
authenticatedUser.init(username, credentials);
return authenticatedUser;
}
AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
authenticatedUser.init(credentials.getUsername(), credentials);
return authenticatedUser;
}
}

15
extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java
View File

@@ -57,21 +57,21 @@ public class TicketValidationService {
private ConfigurationService confService;
/**
* Validates and parses the given ID ticket, returning the Credentials object
* derived from the parameters provided by the CAS server in the ticket. If the
* Validates and parses the given ID ticket, returning the username
* provided by the CAS server in the ticket. If the
* ticket is invalid an exception is thrown.
*
* @param ticket
* The ID ticket to validate and parse.
*
* @return
* The Credentials object derived from parameters provided in the ticket.
* The username derived from the ticket.
*
* @throws GuacamoleException
* If the ID ticket is not valid or guacamole.properties could
* not be parsed.
*/
public Credentials validateTicket(String ticket) throws GuacamoleException {
public String validateTicket(String ticket, Credentials credentials) throws GuacamoleException {
// Retrieve the configured CAS URL, establish a ticket validator,
// and then attempt to validate the supplied ticket. If that succeeds,
@@ -80,7 +80,6 @@ public class TicketValidationService {
Cas20ProxyTicketValidator validator = new Cas20ProxyTicketValidator(casServerUrl);
validator.setAcceptAnyProxy(true);
try {
Credentials ticketCredentials = new Credentials();
String confRedirectURI = confService.getRedirectURI();
Assertion a = validator.validate(ticket, confRedirectURI);
AttributePrincipal principal = a.getPrincipal();
@@ -88,17 +87,17 @@ public class TicketValidationService {
// Retrieve username and set the credentials.
String username = principal.getName();
if (username != null)
ticketCredentials.setUsername(username);
credentials.setUsername(username);
// Retrieve password, attempt decryption, and set credentials.
Object credObj = principal.getAttributes().get("credential");
if (credObj != null) {
String clearPass = decryptPassword(credObj.toString());
if (clearPass != null && !clearPass.isEmpty())
ticketCredentials.setPassword(clearPass);
credentials.setPassword(clearPass);
}
return ticketCredentials;
return username;
}
catch (TicketValidationException e) {