safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 05:07:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-1068: Merge TOTO fix to generate random key at login if key is unconfirmed.

Browse Source
This commit is contained in:
James Muehlner
2024-04-18 12:28:28 -05:00
committed by GitHub
parent 13f827adf7 462022e3f1
commit e9bac2aef0
1 changed files with 39 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/user/UserVerificationService.java
View File

@@ -112,18 +112,9 @@ public class UserVerificationService {
// If no key is defined, attempt to generate a new key // If no key is defined, attempt to generate a new key
String secret = attributes.get(TOTPUser.TOTP_KEY_SECRET_ATTRIBUTE_NAME); String secret = attributes.get(TOTPUser.TOTP_KEY_SECRET_ATTRIBUTE_NAME);
if (secret == null || secret.isEmpty()) {
if (secret == null || secret.isEmpty())
// Generate random key for user return generateKey(context, username);
TOTPGenerator.Mode mode = confService.getMode();
UserTOTPKey generated = new UserTOTPKey(username,mode.getRecommendedKeyLength());
if (setKey(context, generated))
return generated;
// Fail if key cannot be set
return null;
}
// Parse retrieved base32 key value // Parse retrieved base32 key value
byte[] key; byte[] key;
@@ -144,6 +135,38 @@ public class UserVerificationService {
return new UserTOTPKey(username, key, confirmed); return new UserTOTPKey(username, key, confirmed);
} }
/**
* Generate and set a new key for the specified user and context, returning
* the key if the set successfully or null if it fails.
*
* @param context
* The UserContext of the user whose TOTP key should be generated and set.
*
* @param username
* The username of the user associated with the given UserContext.
*
* @return
* The generated and set key, or null if the operation failed.
*
* @throws GuacamoleException
* If a new key is generated, but the extension storing the associated
* user fails while updating the user account, or if the configuration
* cannot be retrieved.
*/
private UserTOTPKey generateKey(UserContext context, String username)
throws GuacamoleException {
// Generate random key for user
TOTPGenerator.Mode mode = confService.getMode();
UserTOTPKey generated = new UserTOTPKey(username,mode.getRecommendedKeyLength());
if (setKey(context, generated))
return generated;
// Fail if key cannot be set
return null;
}
/** /**
* Attempts to store the given TOTP key within the user account of the user * Attempts to store the given TOTP key within the user account of the user
@@ -316,6 +339,10 @@ public class UserVerificationService {
// If the user hasn't completed enrollment, request that they do // If the user hasn't completed enrollment, request that they do
if (!key.isConfirmed()) { if (!key.isConfirmed()) {
// If the key has not yet been confirmed, generate a new one.
key = generateKey(context, username);
field.exposeKey(key); field.exposeKey(key);
throw new TranslatableGuacamoleInsufficientCredentialsException( throw new TranslatableGuacamoleInsufficientCredentialsException(
"TOTP enrollment must be completed before " "TOTP enrollment must be completed before "