GUACAMOLE-197: Initial code for the guacamole-auth-radius authentication module.

2025-09-08 22:21:22 +00:00 · 2017-02-05 15:02:10 -05:00
parent 9d587496b0
commit d9d5573aa4
28 changed files with 2196 additions and 0 deletions
--- a/extensions/guacamole-auth-radius/src/main/resources/config/radiusConfig.js
+++ b/extensions/guacamole-auth-radius/src/main/resources/config/radiusConfig.js
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Config block which registers Radius-specific field types.
+ */
+angular.module('guacRadius').config(['formServiceProvider',
+    function guacRadiusConfig(formServiceProvider) {
+        console.log("In guacRadiusConfig() method.");
+
+    // Define field for the signed response from the RADIUS service
+    formServiceProvider.registerFieldType('GUAC_RADIUS_CHALLENGE_RESPONSE', {
+        module      : 'guacRadius',
+        controller  : 'guacRadiusController',
+        templateUrl : 'app/ext/radius/templates/radiusChallengeResponseField.html'
+    });
+
+}]);
--- a/extensions/guacamole-auth-radius/src/main/resources/controllers/guacRadiusController.js
+++ b/extensions/guacamole-auth-radius/src/main/resources/controllers/guacRadiusController.js
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Controller for the "GUAC_RADIUS_CHALLENGE_RESPONSE" field which uses the DuoWeb
+ * API to prompt the user for additional credentials, ultimately receiving a
+ * signed response from the Duo service.
+ */
+angular.module('guacRadius').controller('guacRadiusController', ['$scope', '$element',
+    function guacRadiusController($scope, $element) {
+        console.log("In guacRadiusController() method.");
+
+        var radiusChallenge = $element.find(document.querySelector('#radius-challenge-text'));
+        var radiusState = $element.find(document.querySelector('#radius-state'));
+        console.log("RADIUS Reply Message: " + $scope.field.replyMsg);
+        radiusChellenge.html($scope.field.replyMsg);
+        console.log("RADIUS State: " + scope.field.radiusState);
+        radiusState.value = $scope.field.radiusState;
+
+}]);
--- a/extensions/guacamole-auth-radius/src/main/resources/guac-manifest.json
+++ b/extensions/guacamole-auth-radius/src/main/resources/guac-manifest.json
@@ -0,0 +1,28 @@
+{
+
+    "guacamoleVersion" : "0.9.11-incubating",
+
+    "name"      : "RADIUS Authentication Backend",
+    "namespace" : "radius",
+
+    "authProviders" : [
+        "org.apache.guacamole.auth.radius.RadiusAuthenticationProvider"
+    ],
+
+    "translations" : [
+        "translations/en.json"
+    ],
+
+    "js" : [
+        "radius.min.js"
+    ],
+
+    "css" : [
+        "radius.min.css"
+    ],
+
+    "resources" : {
+        "templates/radiusChallengeResponseField.html" : "text/html"
+    }
+
+}
--- a/extensions/guacamole-auth-radius/src/main/resources/license.txt
+++ b/extensions/guacamole-auth-radius/src/main/resources/license.txt
@@ -0,0 +1,18 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
--- a/extensions/guacamole-auth-radius/src/main/resources/radiusModule.js
+++ b/extensions/guacamole-auth-radius/src/main/resources/radiusModule.js
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+console.log("Loading guac-radius Angular module.");
+
+/**
+ * Module which provides handling for RADIUS challenge-response 
+ * authentication.
+ */
+angular.module('guacRadius', [
+    'form'
+]);
+
+// Ensure the guacDuo module is loaded along with the rest of the app
+angular.module('index').requires.push('guacRadius');
--- a/extensions/guacamole-auth-radius/src/main/resources/styles/radius.css
+++ b/extensions/guacamole-auth-radius/src/main/resources/styles/radius.css
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+.radius-challenge-response-field-container {
+    height: 100%;
+    width: 100%;
+    position: fixed;
+    left: 0;
+    top: 0;
+    display: table;
+    background: white;
+}
+
+.radius-challenge-response-field {
+    width: 100%;
+    display: table-cell;
+    vertical-align: middle;
+}
+
+.radius-challenge-response-field input[type="submit"] {
+    display: none !important;
+}
+
+.radius-challenge-response-field.loading iframe {
+    opacity: 0;
+}
--- a/extensions/guacamole-auth-radius/src/main/resources/templates/radiusChallengeResponseField.html
+++ b/extensions/guacamole-auth-radius/src/main/resources/templates/radiusChallengeResponseField.html
@@ -0,0 +1,9 @@
+<div class="radius-challenge-response-field-container">
+    <div id="radius-challenge-text" />
+    <div class="password-field">
+        <input type="{{passwordInputType}}" ng-model="model" ng-trim="false" autocorrect="off" autocapitalize="off"/>
+        <div class="icon toggle-password" ng-click="togglePassword()" title="{{getTogglePasswordHelpText() | translate}}"></div>
+    </div>
+    <input type="hidden" id="radius-challenge-state" />
+    <input type="submit" />
+</div>
--- a/extensions/guacamole-auth-radius/src/main/resources/translations/en.json
+++ b/extensions/guacamole-auth-radius/src/main/resources/translations/en.json
@@ -0,0 +1,14 @@
+{
+
+    "DATA_SOURCE_RADIUS" : {
+        "NAME" : "RADIUS Backend"
+    },
+
+    "LOGIN" : {
+        "FIELD_HEADER_RADIUS_RESPONSE"       : "",
+        "INFO_RADIUS_RESPONSE_INCORRECT"     : "RADIUS response incorrect.",
+        "INFO_RADIUS_AUTH_REQUIRED"          : "Please authenticate with RADIUS to continue.",
+        "INFO_RADIUS_ADDL_REQUIRED"          : "Additional credentials required."
+    }
+
+}