From bcb603a4b884ced26d0f0f897beb5c82114535ff Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 27 Feb 2015 17:36:09 -0800 Subject: [PATCH] GUAC-1101: Separate database-specific concerns from Guice and MyBatis config. --- .../mysql/MySQLAuthenticationProvider.java | 56 ++++- .../MySQLAuthenticationProviderModule.java | 99 +++++++++ .../auth/jdbc/JDBCAuthenticationProvider.java | 205 ------------------ .../JDBCAuthenticationProviderModule.java | 125 +++++++++++ .../auth/jdbc/user/UserContextService.java | 84 +++++++ 5 files changed, 360 insertions(+), 209 deletions(-) create mode 100644 extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLAuthenticationProviderModule.java delete mode 100644 extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/JDBCAuthenticationProvider.java create mode 100644 extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/JDBCAuthenticationProviderModule.java create mode 100644 extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserContextService.java diff --git a/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLAuthenticationProvider.java b/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLAuthenticationProvider.java index 2397eb058..8547fcf3d 100644 --- a/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLAuthenticationProvider.java +++ b/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLAuthenticationProvider.java @@ -22,17 +22,31 @@ package net.sourceforge.guacamole.net.auth.mysql; - +import com.google.inject.Guice; +import com.google.inject.Injector; import org.glyptodon.guacamole.GuacamoleException; -import org.glyptodon.guacamole.auth.jdbc.JDBCAuthenticationProvider; +import org.glyptodon.guacamole.net.auth.AuthenticationProvider; +import org.glyptodon.guacamole.net.auth.Credentials; +import org.glyptodon.guacamole.net.auth.UserContext; +import org.glyptodon.guacamole.auth.jdbc.JDBCAuthenticationProviderModule; +import org.glyptodon.guacamole.auth.jdbc.user.UserContextService; +import org.glyptodon.guacamole.environment.Environment; +import org.glyptodon.guacamole.environment.LocalEnvironment; /** * Provides a MySQL based implementation of the AuthenticationProvider * functionality. * * @author James Muehlner + * @author Michael Jumper */ -public class MySQLAuthenticationProvider extends JDBCAuthenticationProvider { +public class MySQLAuthenticationProvider implements AuthenticationProvider { + + /** + * Injector which will manage the object graph of this authentication + * provider. + */ + private final Injector injector; /** * Creates a new MySQLAuthenticationProvider that reads and writes @@ -44,6 +58,40 @@ public class MySQLAuthenticationProvider extends JDBCAuthenticationProvider { * a property. */ public MySQLAuthenticationProvider() throws GuacamoleException { + + // Get local environment + Environment environment = new LocalEnvironment(); + + // Set up Guice injector. + injector = Guice.createInjector( + + // Configure MySQL-specific authentication + new MySQLAuthenticationProviderModule(environment), + + // Configure JDBC authentication core + new JDBCAuthenticationProviderModule(environment) + + ); + } - + + @Override + public UserContext getUserContext(Credentials credentials) + throws GuacamoleException { + + // Create UserContext based on credentials, if valid + UserContextService userContextService = injector.getInstance(UserContextService.class); + return userContextService.getUserContext(credentials); + + } + + @Override + public UserContext updateUserContext(UserContext context, + Credentials credentials) throws GuacamoleException { + + // No need to update the context + return context; + + } + } diff --git a/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLAuthenticationProviderModule.java b/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLAuthenticationProviderModule.java new file mode 100644 index 000000000..1da117aee --- /dev/null +++ b/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLAuthenticationProviderModule.java @@ -0,0 +1,99 @@ +/* + * Copyright (C) 2015 Glyptodon LLC + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +package net.sourceforge.guacamole.net.auth.mysql; + +import com.google.inject.Binder; +import com.google.inject.Module; +import com.google.inject.name.Names; +import java.util.Properties; +import org.glyptodon.guacamole.GuacamoleException; +import org.glyptodon.guacamole.auth.jdbc.conf.MySQLGuacamoleProperties; +import org.glyptodon.guacamole.environment.Environment; +import org.mybatis.guice.datasource.helper.JdbcHelper; + +/** + * Guice module which configures MySQL-specific injections. + * + * @author James Muehlner + */ +public class MySQLAuthenticationProviderModule implements Module { + + /** + * MyBatis-specific configuration properties. + */ + private final Properties myBatisProperties = new Properties(); + + /** + * MySQL-specific driver configuration properties. + */ + private final Properties driverProperties = new Properties(); + + /** + * Creates a new MySQL authentication provider module that configures + * driver and MyBatis properties using the given environment. + * + * @param environment + * The environment to use when configuring MyBatis and the underlying + * JDBC driver. + * + * @throws GuacamoleException + * If a required property is missing, or an error occurs while parsing + * a property. + */ + public MySQLAuthenticationProviderModule(Environment environment) + throws GuacamoleException { + + // Set the MySQL-specific properties for MyBatis. + myBatisProperties.setProperty("mybatis.environment.id", "guacamole"); + myBatisProperties.setProperty("JDBC.host", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_HOSTNAME)); + myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_PORT))); + myBatisProperties.setProperty("JDBC.schema", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_DATABASE)); + myBatisProperties.setProperty("JDBC.username", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_USERNAME)); + myBatisProperties.setProperty("JDBC.password", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_PASSWORD)); + myBatisProperties.setProperty("JDBC.autoCommit", "false"); + myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true"); + myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1"); + + // Use UTF-8 in database + driverProperties.setProperty("characterEncoding","UTF-8"); + + + } + + @Override + public void configure(Binder binder) { + + // Bind MySQL-specific properties + JdbcHelper.MySQL.configure(binder); + + // Bind MyBatis properties + Names.bindProperties(binder, myBatisProperties); + + // Bing JDBC driver properties + binder.bind(Properties.class) + .annotatedWith(Names.named("JDBC.driverProperties")) + .toInstance(driverProperties); + + } + +} diff --git a/extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/JDBCAuthenticationProvider.java b/extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/JDBCAuthenticationProvider.java deleted file mode 100644 index 3be906e29..000000000 --- a/extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/JDBCAuthenticationProvider.java +++ /dev/null @@ -1,205 +0,0 @@ -/* - * Copyright (C) 2015 Glyptodon LLC - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - */ - -package org.glyptodon.guacamole.auth.jdbc; - -import org.glyptodon.guacamole.auth.jdbc.user.MySQLUserContext; -import org.glyptodon.guacamole.auth.jdbc.connectiongroup.MySQLRootConnectionGroup; -import org.glyptodon.guacamole.auth.jdbc.connectiongroup.MySQLConnectionGroup; -import org.glyptodon.guacamole.auth.jdbc.connectiongroup.ConnectionGroupDirectory; -import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionDirectory; -import org.glyptodon.guacamole.auth.jdbc.connection.MySQLGuacamoleConfiguration; -import org.glyptodon.guacamole.auth.jdbc.connection.MySQLConnection; -import org.glyptodon.guacamole.auth.jdbc.permission.MySQLSystemPermissionSet; -import org.glyptodon.guacamole.auth.jdbc.user.MySQLUser; -import org.glyptodon.guacamole.auth.jdbc.user.UserDirectory; -import com.google.inject.Binder; -import com.google.inject.Guice; -import com.google.inject.Injector; -import com.google.inject.Module; -import com.google.inject.name.Names; -import java.util.Properties; -import org.glyptodon.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper; -import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionMapper; -import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionRecordMapper; -import org.glyptodon.guacamole.auth.jdbc.connection.ParameterMapper; -import org.glyptodon.guacamole.auth.jdbc.permission.SystemPermissionMapper; -import org.glyptodon.guacamole.GuacamoleException; -import org.glyptodon.guacamole.net.auth.AuthenticationProvider; -import org.glyptodon.guacamole.net.auth.Credentials; -import org.glyptodon.guacamole.net.auth.UserContext; -import org.glyptodon.guacamole.auth.jdbc.user.UserMapper; -import org.glyptodon.guacamole.auth.jdbc.conf.MySQLGuacamoleProperties; -import org.glyptodon.guacamole.auth.jdbc.connectiongroup.ConnectionGroupService; -import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionService; -import org.glyptodon.guacamole.auth.jdbc.socket.GuacamoleSocketService; -import org.glyptodon.guacamole.auth.jdbc.security.PasswordEncryptionService; -import org.glyptodon.guacamole.auth.jdbc.security.SHA256PasswordEncryptionService; -import org.glyptodon.guacamole.auth.jdbc.security.SaltService; -import org.glyptodon.guacamole.auth.jdbc.security.SecureRandomSaltService; -import org.glyptodon.guacamole.auth.jdbc.permission.SystemPermissionService; -import org.glyptodon.guacamole.auth.jdbc.socket.UnrestrictedGuacamoleSocketService; -import org.glyptodon.guacamole.auth.jdbc.user.UserService; -import org.apache.ibatis.transaction.jdbc.JdbcTransactionFactory; -import org.glyptodon.guacamole.environment.Environment; -import org.glyptodon.guacamole.environment.LocalEnvironment; -import org.mybatis.guice.MyBatisModule; -import org.mybatis.guice.datasource.builtin.PooledDataSourceProvider; -import org.mybatis.guice.datasource.helper.JdbcHelper; - -/** - * Provides a MySQL based implementation of the AuthenticationProvider - * functionality. - * - * @author James Muehlner - */ -public class JDBCAuthenticationProvider implements AuthenticationProvider { - - /** - * Injector which will manage the object graph of this authentication - * provider. - */ - private final Injector injector; - - @Override - public UserContext getUserContext(Credentials credentials) throws GuacamoleException { - - // Get user service - UserService userService = injector.getInstance(UserService.class); - - // Authenticate user - MySQLUser user = userService.retrieveUser(credentials); - if (user != null) { - - // Upon successful authentication, return new user context - MySQLUserContext context = injector.getInstance(MySQLUserContext.class); - context.init(user.getCurrentUser()); - return context; - - } - - // Otherwise, unauthorized - return null; - - } - - /** - * Creates a new JDBCAuthenticationProvider that reads and writes - * authentication data to an arbitrary database defined by properties in - * guacamole.properties. - * - * @throws GuacamoleException - * If a required property is missing, or an error occurs while parsing - * a property. - */ - public JDBCAuthenticationProvider() throws GuacamoleException { - - // Get local environment - final Environment environment = new LocalEnvironment(); - - final Properties myBatisProperties = new Properties(); - final Properties driverProperties = new Properties(); - - // Set the mysql properties for MyBatis. - myBatisProperties.setProperty("mybatis.environment.id", "guacamole"); - myBatisProperties.setProperty("JDBC.host", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_HOSTNAME)); - myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_PORT))); - myBatisProperties.setProperty("JDBC.schema", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_DATABASE)); - myBatisProperties.setProperty("JDBC.username", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_USERNAME)); - myBatisProperties.setProperty("JDBC.password", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_PASSWORD)); - myBatisProperties.setProperty("JDBC.autoCommit", "false"); - myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true"); - myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1"); - driverProperties.setProperty("characterEncoding","UTF-8"); - - // Set up Guice injector. - injector = Guice.createInjector( - JdbcHelper.MySQL, - - new Module() { - @Override - public void configure(Binder binder) { - Names.bindProperties(binder, myBatisProperties); - binder.bind(Properties.class) - .annotatedWith(Names.named("JDBC.driverProperties")) - .toInstance(driverProperties); - } - }, - - new MyBatisModule() { - @Override - protected void initialize() { - - // Datasource - bindDataSourceProviderType(PooledDataSourceProvider.class); - - // Transaction factory - bindTransactionFactoryType(JdbcTransactionFactory.class); - - // Add MyBatis mappers - addMapperClass(ConnectionMapper.class); - addMapperClass(ConnectionGroupMapper.class); - addMapperClass(ConnectionRecordMapper.class); - addMapperClass(ParameterMapper.class); - addMapperClass(SystemPermissionMapper.class); - addMapperClass(UserMapper.class); - - // Bind core implementations of guacamole-ext classes - bind(Environment.class).toInstance(environment); - bind(ConnectionDirectory.class); - bind(ConnectionGroupDirectory.class); - bind(MySQLConnection.class); - bind(MySQLConnectionGroup.class); - bind(MySQLGuacamoleConfiguration.class); - bind(MySQLUser.class); - bind(MySQLUserContext.class); - bind(MySQLRootConnectionGroup.class); - bind(MySQLSystemPermissionSet.class); - bind(UserDirectory.class); - - // Bind services - bind(ConnectionService.class); - bind(ConnectionGroupService.class); - bind(PasswordEncryptionService.class).to(SHA256PasswordEncryptionService.class); - bind(SaltService.class).to(SecureRandomSaltService.class); - bind(SystemPermissionService.class); - bind(UserService.class); - - // Bind appropriate socket service based on policy - bind(GuacamoleSocketService.class).to(UnrestrictedGuacamoleSocketService.class); - - } - } // end of mybatis module - - ); - } // end of constructor - - @Override - public UserContext updateUserContext(UserContext context, - Credentials credentials) throws GuacamoleException { - - // No need to update the context - return context; - - } - -} diff --git a/extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/JDBCAuthenticationProviderModule.java b/extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/JDBCAuthenticationProviderModule.java new file mode 100644 index 000000000..60bb6966d --- /dev/null +++ b/extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/JDBCAuthenticationProviderModule.java @@ -0,0 +1,125 @@ +/* + * Copyright (C) 2015 Glyptodon LLC + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +package org.glyptodon.guacamole.auth.jdbc; + +import org.glyptodon.guacamole.auth.jdbc.user.MySQLUserContext; +import org.glyptodon.guacamole.auth.jdbc.connectiongroup.MySQLRootConnectionGroup; +import org.glyptodon.guacamole.auth.jdbc.connectiongroup.MySQLConnectionGroup; +import org.glyptodon.guacamole.auth.jdbc.connectiongroup.ConnectionGroupDirectory; +import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionDirectory; +import org.glyptodon.guacamole.auth.jdbc.connection.MySQLGuacamoleConfiguration; +import org.glyptodon.guacamole.auth.jdbc.connection.MySQLConnection; +import org.glyptodon.guacamole.auth.jdbc.permission.MySQLSystemPermissionSet; +import org.glyptodon.guacamole.auth.jdbc.user.MySQLUser; +import org.glyptodon.guacamole.auth.jdbc.user.UserDirectory; +import org.glyptodon.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper; +import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionMapper; +import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionRecordMapper; +import org.glyptodon.guacamole.auth.jdbc.connection.ParameterMapper; +import org.glyptodon.guacamole.auth.jdbc.permission.SystemPermissionMapper; +import org.glyptodon.guacamole.auth.jdbc.user.UserMapper; +import org.glyptodon.guacamole.auth.jdbc.connectiongroup.ConnectionGroupService; +import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionService; +import org.glyptodon.guacamole.auth.jdbc.socket.GuacamoleSocketService; +import org.glyptodon.guacamole.auth.jdbc.security.PasswordEncryptionService; +import org.glyptodon.guacamole.auth.jdbc.security.SHA256PasswordEncryptionService; +import org.glyptodon.guacamole.auth.jdbc.security.SaltService; +import org.glyptodon.guacamole.auth.jdbc.security.SecureRandomSaltService; +import org.glyptodon.guacamole.auth.jdbc.permission.SystemPermissionService; +import org.glyptodon.guacamole.auth.jdbc.socket.UnrestrictedGuacamoleSocketService; +import org.glyptodon.guacamole.auth.jdbc.user.UserService; +import org.apache.ibatis.transaction.jdbc.JdbcTransactionFactory; +import org.glyptodon.guacamole.environment.Environment; +import org.mybatis.guice.MyBatisModule; +import org.mybatis.guice.datasource.builtin.PooledDataSourceProvider; + +/** + * Guice module which configures the injections used by the JDBC authentication + * provider base. This module MUST be included in the Guice injector, or + * authentication providers based on JDBC will not function. + * + * @author Michael Jumper + * @author James Muehlner + */ +public class JDBCAuthenticationProviderModule extends MyBatisModule { + + /** + * The environment of the Guacamole server. + */ + private final Environment environment; + + /** + * Creates a new JDBC authentication provider module that configures the + * various injected base classes using the given environment. + * + * @param environment + * The environment to use to configure injected classes. + */ + public JDBCAuthenticationProviderModule(Environment environment) { + this.environment = environment; + } + + @Override + protected void initialize() { + + // Datasource + bindDataSourceProviderType(PooledDataSourceProvider.class); + + // Transaction factory + bindTransactionFactoryType(JdbcTransactionFactory.class); + + // Add MyBatis mappers + addMapperClass(ConnectionMapper.class); + addMapperClass(ConnectionGroupMapper.class); + addMapperClass(ConnectionRecordMapper.class); + addMapperClass(ParameterMapper.class); + addMapperClass(SystemPermissionMapper.class); + addMapperClass(UserMapper.class); + + // Bind core implementations of guacamole-ext classes + bind(Environment.class).toInstance(environment); + bind(ConnectionDirectory.class); + bind(ConnectionGroupDirectory.class); + bind(MySQLConnection.class); + bind(MySQLConnectionGroup.class); + bind(MySQLGuacamoleConfiguration.class); + bind(MySQLUser.class); + bind(MySQLUserContext.class); + bind(MySQLRootConnectionGroup.class); + bind(MySQLSystemPermissionSet.class); + bind(UserDirectory.class); + + // Bind services + bind(ConnectionService.class); + bind(ConnectionGroupService.class); + bind(PasswordEncryptionService.class).to(SHA256PasswordEncryptionService.class); + bind(SaltService.class).to(SecureRandomSaltService.class); + bind(SystemPermissionService.class); + bind(UserService.class); + + // Bind appropriate socket service based on policy + bind(GuacamoleSocketService.class).to(UnrestrictedGuacamoleSocketService.class); + + } + +} diff --git a/extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserContextService.java b/extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserContextService.java new file mode 100644 index 000000000..8895b4674 --- /dev/null +++ b/extensions/guacamole-auth-mysql/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserContextService.java @@ -0,0 +1,84 @@ +/* + * Copyright (C) 2015 Glyptodon LLC + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +package org.glyptodon.guacamole.auth.jdbc.user; + +import com.google.inject.Inject; +import com.google.inject.Provider; +import org.glyptodon.guacamole.GuacamoleException; +import org.glyptodon.guacamole.net.auth.Credentials; +import org.glyptodon.guacamole.net.auth.UserContext; + +/** + * Service which creates new UserContext instances for valid users based on + * credentials. + * + * @author Michael Jumper + */ +public class UserContextService { + + /** + * Service for accessing users. + */ + @Inject + private UserService userService; + + /** + * Provider for retrieving UserContext instances. + */ + @Inject + private Provider userContextProvider; + + /** + * Authenticates the user having the given credentials, returning a new + * UserContext instance if the credentials are valid. + * + * @param credentials + * The credentials to use to produce the UserContext. + * + * @return + * A new UserContext instance for the user identified by the given + * credentials, or null if the credentials are not valid. + * + * @throws GuacamoleException + * If an error occurs during authentication. + */ + public UserContext getUserContext(Credentials credentials) + throws GuacamoleException { + + // Authenticate user + MySQLUser user = userService.retrieveUser(credentials); + if (user != null) { + + // Upon successful authentication, return new user context + MySQLUserContext context = userContextProvider.get(); + context.init(user.getCurrentUser()); + return context; + + } + + // Otherwise, unauthorized + return null; + + } + +}