diff --git a/guacamole-docker/bin/build-guacamole.sh b/guacamole-docker/bin/build-guacamole.sh index 88087e5bf..1b0b0ecb4 100755 --- a/guacamole-docker/bin/build-guacamole.sh +++ b/guacamole-docker/bin/build-guacamole.sh @@ -127,6 +127,7 @@ if [ -f extensions/guacamole-auth-radius/target/guacamole-auth-radius*.jar ]; th cp extensions/guacamole-auth-radius/target/guacamole-auth-radius*.jar "$DESTINATION/radius" fi +# # Copy OPENID auth extension and schema modifications # @@ -135,6 +136,15 @@ if [ -f extensions/guacamole-auth-openid/target/guacamole-auth-openid*.jar ]; th cp extensions/guacamole-auth-openid/target/guacamole-auth-openid*.jar "$DESTINATION/openid" fi +# +# Copy TOTP auth extension if it was built +# + +if [ -f extensions/guacamole-auth-totp/target/guacamole-auth-totp*.jar ]; then + mkdir -p "$DESTINATION/totp" + cp extensions/guacamole-auth-totp/target/guacamole-auth-totp*.jar "$DESTINATION/totp" +fi + # # Copy Duo auth extension if it was built # diff --git a/guacamole-docker/bin/start.sh b/guacamole-docker/bin/start.sh index f5367b490..a9e1d09ac 100755 --- a/guacamole-docker/bin/start.sh +++ b/guacamole-docker/bin/start.sh @@ -536,6 +536,21 @@ END } +## +## Adds properties to guacamole.properties which configure the TOTP two-factor +## authentication mechanism. +## +associate_totp() { + # Update config file + set_optional_property "totp-issuer" "$TOTP_ISSUER" + set_optional_property "totp-digits" "$TOTP_DIGITS" + set_optional_property "totp-period" "$TOTP_PERIOD" + set_optional_property "totp-mode" "$TOTP_MODE" + + # Add required .jar files to GUACAMOLE_EXT + ln -s /opt/guacamole/totp/guacamole-auth-*.jar "$GUACAMOLE_EXT" +} + ## ## Adds properties to guacamole.properties which configure the Duo two-factor ## authentication service. Checks to see if all variables are defined and makes sure @@ -707,6 +722,11 @@ END exit 1; fi +# Use TOTP if specified. +if [ "$TOTP_ENABLED" = "true" ]; then + associate_totp +fi + # Use Duo if specified. if [ -n "$DUO_API_HOSTNAME" ]; then associate_duo