From f569bf58b448af87a5df10219acfd08910777f75 Mon Sep 17 00:00:00 2001 From: Nick Couchman Date: Wed, 22 Mar 2017 08:26:16 -0400 Subject: [PATCH] GUACAMOLE-204: Fix style issues, comments, and a couple of minor code tweaks. --- extensions/guacamole-auth-cas/pom.xml | 9 ++++++--- .../auth/cas/conf/ConfigurationService.java | 4 ++-- .../guacamole/auth/cas/form/CASTicketField.java | 5 +++-- .../auth/cas/ticket/TicketValidationService.java | 12 ++++++++---- .../src/main/resources/casConfig.js | 11 +++++++---- 5 files changed, 26 insertions(+), 15 deletions(-) diff --git a/extensions/guacamole-auth-cas/pom.xml b/extensions/guacamole-auth-cas/pom.xml index efcdd3083..30e79be24 100644 --- a/extensions/guacamole-auth-cas/pom.xml +++ b/extensions/guacamole-auth-cas/pom.xml @@ -141,11 +141,14 @@ 0.9.11-incubating provided + + - org.jasig.cas.client - cas-client-core - 3.4.1 + org.jasig.cas.client + cas-client-core + 3.4.1 + com.google.inject diff --git a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/conf/ConfigurationService.java b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/conf/ConfigurationService.java index eb1b2c194..17be2d361 100644 --- a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/conf/ConfigurationService.java +++ b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/conf/ConfigurationService.java @@ -57,8 +57,8 @@ public class ConfigurationService { * into their browser to access Guacamole. * * @return - * The client secret to use when communicating with the CAS service, - * as configured with guacamole.properties. + * The URI to redirect the client back to after authentication + * is completed, as configured in guacamole.properties. * * @throws GuacamoleException * If guacamole.properties cannot be parsed, or if the redirect URI diff --git a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/form/CASTicketField.java b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/form/CASTicketField.java index ee127683c..2fb96b013 100644 --- a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/form/CASTicketField.java +++ b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/form/CASTicketField.java @@ -28,8 +28,9 @@ import org.apache.guacamole.form.Field; /** * Field definition which represents the ticket returned by an CAS service. - * Within the user interface, this will be rendered as an appropriate "Log in - * with ..." button which links to the CAS service. + * This is processed transparently - the user is redirected to CAS, authenticates + * and then is returned to Guacamole where the ticket field is + * processed. */ public class CASTicketField extends Field { diff --git a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java index b76b19c96..9644c684d 100644 --- a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java +++ b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java @@ -58,21 +58,25 @@ public class TicketValidationService { * guacamole.properties could not be parsed. */ public String processUsername(String ticket) throws GuacamoleException { + AttributePrincipal principal = null; - // Retrieve the configured CAS URL and establish a ticket validator + // Retrieve the configured CAS URL, establish a ticket validator, + // and then attempt to validate the supplied ticket. If that succeeds, + // grab the principal returned by the validator. String casServerUrl = confService.getAuthorizationEndpoint(); - Cas20ProxyTicketValidator sv = new Cas20ProxyTicketValidator(casServerUrl); - sv.setAcceptAnyProxy(true); + Cas20ProxyTicketValidator validator = new Cas20ProxyTicketValidator(casServerUrl); + validator.setAcceptAnyProxy(true); try { String confRedirectURI = confService.getRedirectURI(); - Assertion a = sv.validate(ticket, confRedirectURI); + Assertion a = validator.validate(ticket, confRedirectURI); principal = a.getPrincipal(); } catch (TicketValidationException e) { throw new GuacamoleException("Ticket validation failed.", e); } + // Return the principal name as the username. return principal.getName(); } diff --git a/extensions/guacamole-auth-cas/src/main/resources/casConfig.js b/extensions/guacamole-auth-cas/src/main/resources/casConfig.js index 630a9d2db..a90530db3 100644 --- a/extensions/guacamole-auth-cas/src/main/resources/casConfig.js +++ b/extensions/guacamole-auth-cas/src/main/resources/casConfig.js @@ -34,16 +34,19 @@ angular.module('guacCAS').config(['formServiceProvider', /** * Config block which augments the existing routing, providing special handling - * for the "ticket=" fragments provided by OpenID Connect. + * for the "ticket=" parameter provided by the CAS authentication process. */ angular.module('index').config(['$routeProvider','$windowProvider', function indexRouteConfig($routeProvider,$windowProvider) { var $window = $windowProvider.$get(); var curPath = $window.location.href; - var ticketPos = curPath.indexOf("?ticket=") + 8; - var hashPos = curPath.indexOf("#/"); - if (ticketPos > 0 && ticketPos < hashPos) { + var ticketPos = curPath.indexOf('?ticket='); + if (ticketPos < 0) + return null; + ticketPos += 8; + var hashPos = curPath.indexOf('#/'); + if (ticketPos < hashPos) { var ticket = curPath.substring(ticketPos, hashPos); var newPath = curPath.substring(0,ticketPos - 8) + '#/?ticket=' + ticket; $window.location.href = newPath;