safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-1656: Simplify auto-refresh behavior in JDBC auth provider.

Browse Source
This commit is contained in:
James Muehlner
2022-08-08 21:38:45 +00:00
parent 3790d76fc9
commit dfc7e6dd90
2 changed files with 8 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
View File

@@ -89,31 +89,9 @@ public class JDBCAuthenticationProviderService implements AuthenticationProvider
} }
/** @Override
* Gets a user context for the given authentication provider and user. If public ModeledUserContext getUserContext(AuthenticationProvider authenticationProvider,
* forceRefresh is set to true, the user record will be re-fetched even if AuthenticatedUser authenticatedUser) throws GuacamoleException {
* it has already been loaded from the database. If not, the existing
* user will be used.
*
* @param authenticationProvider
* The authentication provider to use when loading or refreshing the user.
*
* @param authenticatedUser
* The user for which the user context is being fetched.
*
* @param forceRefresh
* A flag that, when set to true, will force the authenticated user to
* refreshed from the database. If false, an existing DB user will be
* reused.
*
* @return
* The fetched user context.
*
* @throws GuacamoleException
* If an error occurs while fetching or refreshing the user context.
*/
private ModeledUserContext getUserContext(AuthenticationProvider authenticationProvider,
AuthenticatedUser authenticatedUser, boolean forceRefresh) throws GuacamoleException {
// Always allow but provide no data for users authenticated via our own // Always allow but provide no data for users authenticated via our own
// connection sharing links // connection sharing links
@@ -124,9 +102,8 @@ public class JDBCAuthenticationProviderService implements AuthenticationProvider
boolean databaseCredentialsUsed = (authenticatedUser instanceof ModeledAuthenticatedUser); boolean databaseCredentialsUsed = (authenticatedUser instanceof ModeledAuthenticatedUser);
boolean databaseRestrictionsApplicable = (databaseCredentialsUsed || environment.isUserRequired()); boolean databaseRestrictionsApplicable = (databaseCredentialsUsed || environment.isUserRequired());
// Retrieve user account for already-authenticated user, forcing a refresh if requested // Retrieve user account for already-authenticated user
ModeledUser user = userService.retrieveUser( ModeledUser user = userService.retrieveUser(authenticationProvider, authenticatedUser);
authenticationProvider, authenticatedUser, forceRefresh);
ModeledUserContext context = userContextProvider.get(); ModeledUserContext context = userContextProvider.get();
if (user != null && !user.isDisabled()) { if (user != null && !user.isDisabled()) {
@@ -182,21 +159,13 @@ public class JDBCAuthenticationProviderService implements AuthenticationProvider
} }
@Override
public ModeledUserContext getUserContext(AuthenticationProvider authenticationProvider,
AuthenticatedUser authenticatedUser) throws GuacamoleException {
// Do not force refresh unless updateUserContext is explicitly called
return getUserContext(authenticationProvider, authenticatedUser, false);
}
@Override @Override
public UserContext updateUserContext(AuthenticationProvider authenticationProvider, public UserContext updateUserContext(AuthenticationProvider authenticationProvider,
UserContext context, AuthenticatedUser authenticatedUser, UserContext context, AuthenticatedUser authenticatedUser,
Credentials credentials) throws GuacamoleException { Credentials credentials) throws GuacamoleException {
// Force-refresh the user context // Refresh the user context
return getUserContext(authenticationProvider, authenticatedUser, true); return getUserContext(authenticationProvider, authenticatedUser);
} }

12
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java
View File

@@ -404,11 +404,6 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
* @param authenticatedUser * @param authenticatedUser
* The AuthenticatedUser to retrieve the corresponding ModeledUser of. * The AuthenticatedUser to retrieve the corresponding ModeledUser of.
* *
* @param forceRefresh
* Whether the user should be force-refreshed: i.e. re-queried from the
* database. If false, and the user has already been queried, it will
* be returned as-is.
*
* @return * @return
* The ModeledUser which corresponds to the given AuthenticatedUser, or * The ModeledUser which corresponds to the given AuthenticatedUser, or
* null if no such user exists. * null if no such user exists.
@@ -418,12 +413,7 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
* AuthenticatedUser cannot be created. * AuthenticatedUser cannot be created.
*/ */
public ModeledUser retrieveUser(AuthenticationProvider authenticationProvider, public ModeledUser retrieveUser(AuthenticationProvider authenticationProvider,
AuthenticatedUser authenticatedUser, boolean forceRefresh) throws GuacamoleException { AuthenticatedUser authenticatedUser) throws GuacamoleException {
// If refresh is not being forced, and we already queried this user,
// return that rather than querying again
if (!forceRefresh && (authenticatedUser instanceof ModeledAuthenticatedUser))
return ((ModeledAuthenticatedUser) authenticatedUser).getUser();
// Retrieve corresponding user model, if such a user exists // Retrieve corresponding user model, if such a user exists
UserModel userModel = userMapper.selectOne(authenticatedUser.getIdentifier()); UserModel userModel = userMapper.selectOne(authenticatedUser.getIdentifier());