safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-07 13:41:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-1364: Extract common SSO resource for IdP redirect.

Browse Source
This commit is contained in:
Michael Jumper
2021-12-03 21:12:06 -08:00
parent 0e9860ecf7
commit b6696b9dba
11 changed files with 48 additions and 121 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso/SSOAuthenticationProvider.java
View File

@@ -24,6 +24,7 @@ import com.google.inject.AbstractModule;
import com.google.inject.Guice;
import com.google.inject.Injector;
import com.google.inject.Module;
import com.google.inject.binder.LinkedBindingBuilder;
import java.util.Arrays;
import java.util.Collections;
import org.apache.guacamole.GuacamoleException;
@@ -109,10 +110,18 @@ public abstract class SSOAuthenticationProvider extends AbstractAuthenticationPr
@Override
protected void configure() {
bind(AuthenticationProvider.class).toInstance(SSOAuthenticationProvider.this);
bind(Environment.class).toInstance(LocalEnvironment.getInstance());
bind(SSOAuthenticationProviderService.class).to(authService);
bind(SSOResource.class).to(ssoResource);
// Bind custom SSOResource implementation if different from
// core implementation (explicitly binding SSOResource as
// SSOResource results in a runtime error from Guice otherwise)
LinkedBindingBuilder<SSOResource> resourceBinding = bind(SSOResource.class);
if (ssoResource != SSOResource.class)
resourceBinding.to(ssoResource);
}
}), modules));

14
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso/SSOAuthenticationProviderService.java
View File

@@ -19,6 +19,7 @@
package org.apache.guacamole.auth.sso;
import java.net.URI;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.sso.user.SSOAuthenticatedUser;
import org.apache.guacamole.net.auth.Credentials;
@@ -49,6 +50,19 @@ public interface SSOAuthenticationProviderService {
SSOAuthenticatedUser authenticateUser(Credentials credentials)
throws GuacamoleException;
/**
* Returns the full URI of the login endpoint to which a user must be
* redirected in order to authenticate with the SSO identity provider.
*
* @return
* The full URI of the SSO login endpoint.
*
* @throws GuacamoleException
* If configuration information required for generating the login URI
* cannot be read.
*/
URI getLoginURI() throws GuacamoleException;
/**
* Frees all resources associated with the relevant
* SSOAuthenticationProvider implementation. This function is automatically

13
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso/SSOResource.java
View File

@@ -18,6 +18,7 @@
*/
package org.apache.guacamole.auth.sso;
import com.google.inject.Inject;
import javax.ws.rs.core.Response;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
@@ -28,7 +29,13 @@ import org.apache.guacamole.GuacamoleException;
* the applicable identity provider. Implementations may also provide
* additional resources and endpoints beneath this resource as needed.
*/
public interface SSOResource {
public class SSOResource {
/**
* Service for authenticating users using CAS.
*/
@Inject
private SSOAuthenticationProviderService authService;
/**
* Redirects the user to the relevant identity provider. If the SSO
@@ -44,6 +51,8 @@ public interface SSOResource {
*/
@GET
@Path("login")
public Response redirectToIdentityProvider() throws GuacamoleException;
public Response redirectToIdentityProvider() throws GuacamoleException {
return Response.seeOther(authService.getLoginURI()).build();
}
}