From e0a325f6146e035932f4e4b62e4b347c082641d7 Mon Sep 17 00:00:00 2001
From: benrubson <6764151+benrubson@users.noreply.github.com>
Date: Tue, 24 Mar 2020 14:36:53 +0100
Subject: [PATCH] GUACAMOLE-753: Add TOTP auth method to Docker image

---
 guacamole-docker/bin/build-guacamole.sh | 10 ++++++++++
 guacamole-docker/bin/start.sh           | 20 ++++++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/guacamole-docker/bin/build-guacamole.sh b/guacamole-docker/bin/build-guacamole.sh
index 88087e5bf..1b0b0ecb4 100755
--- a/guacamole-docker/bin/build-guacamole.sh
+++ b/guacamole-docker/bin/build-guacamole.sh
@@ -127,6 +127,7 @@ if [ -f extensions/guacamole-auth-radius/target/guacamole-auth-radius*.jar ]; th
     cp extensions/guacamole-auth-radius/target/guacamole-auth-radius*.jar "$DESTINATION/radius"
 fi
 
+#
 # Copy OPENID auth extension and schema modifications
 #
 
@@ -135,6 +136,15 @@ if [ -f extensions/guacamole-auth-openid/target/guacamole-auth-openid*.jar ]; th
     cp extensions/guacamole-auth-openid/target/guacamole-auth-openid*.jar "$DESTINATION/openid"
 fi
 
+#
+# Copy TOTP auth extension if it was built
+#
+
+if [ -f extensions/guacamole-auth-totp/target/guacamole-auth-totp*.jar ]; then
+    mkdir -p "$DESTINATION/totp"
+    cp extensions/guacamole-auth-totp/target/guacamole-auth-totp*.jar "$DESTINATION/totp"
+fi
+
 #
 # Copy Duo auth extension if it was built
 #
diff --git a/guacamole-docker/bin/start.sh b/guacamole-docker/bin/start.sh
index f5367b490..a9e1d09ac 100755
--- a/guacamole-docker/bin/start.sh
+++ b/guacamole-docker/bin/start.sh
@@ -536,6 +536,21 @@ END
 
 }
 
+##
+## Adds properties to guacamole.properties which configure the TOTP two-factor
+## authentication mechanism.
+##
+associate_totp() {
+    # Update config file
+    set_optional_property "totp-issuer"    "$TOTP_ISSUER"
+    set_optional_property "totp-digits"    "$TOTP_DIGITS"
+    set_optional_property "totp-period"    "$TOTP_PERIOD"
+    set_optional_property "totp-mode"      "$TOTP_MODE"
+
+    # Add required .jar files to GUACAMOLE_EXT
+    ln -s /opt/guacamole/totp/guacamole-auth-*.jar   "$GUACAMOLE_EXT"
+}
+
 ##
 ## Adds properties to guacamole.properties which configure the Duo two-factor
 ## authentication service. Checks to see if all variables are defined and makes sure
@@ -707,6 +722,11 @@ END
     exit 1;
 fi
 
+# Use TOTP if specified.
+if [ "$TOTP_ENABLED" = "true" ]; then
+    associate_totp
+fi
+
 # Use Duo if specified.
 if [ -n "$DUO_API_HOSTNAME" ]; then
     associate_duo