GUACAMOLE-210: Migrate to implicit flow (client-side, relies on "id_token"). Update to pre-release 0.9.9-incubating codebase.

2025-09-07 21:51:23 +00:00 · 2016-06-12 00:14:00 -07:00
parent c3c6e0c43b
commit fdc0313387
14 changed files with 109 additions and 422 deletions
--- a/extensions/guacamole-auth-openid/src/main/resources/guac-manifest.json
+++ b/extensions/guacamole-auth-openid/src/main/resources/guac-manifest.json
@@ -1,6 +1,6 @@
 {

-    "guacamoleVersion" : "0.9.9",
+    "guacamoleVersion" : "0.9.9-incubating",

    "name"      : "OAuth Authentication Extension",
    "namespace" : "guac-oauth",
@@ -11,11 +11,8 @@

    "js" : [
        "oauthModule.js",
+        "oauthController.js",
        "oauthConfig.js"
-    ],
-
-    "resources" : {
-        "oauthCodeField.html" : "text/html"
-    }
+    ]

 }
--- a/extensions/guacamole-auth-openid/src/main/resources/oauthCodeField.html
+++ b/extensions/guacamole-auth-openid/src/main/resources/oauthCodeField.html
@@ -1 +0,0 @@
-<a href="{{field.authorizationURI}}">Log in using OAuth</a>
--- a/extensions/guacamole-auth-openid/src/main/resources/oauthConfig.js
+++ b/extensions/guacamole-auth-openid/src/main/resources/oauthConfig.js
@@ -23,9 +23,32 @@
 angular.module('guacOAuth').config(['formServiceProvider',
        function guacOAuthConfig(formServiceProvider) {

-    // Define field for code from OAuth service
-    formServiceProvider.registerFieldType("GUAC_OAUTH_CODE", {
-        templateUrl : 'app/ext/guac-oauth/oauthCodeField.html'
+    // Define field for token from OAuth service
+    formServiceProvider.registerFieldType("GUAC_OAUTH_TOKEN", {
+        template   : '',
+        controller : 'guacOAuthController',
+        module     : 'guacOAuth'
+    });
+
+}]);
+
+/**
+ * Config block which augments the existing routing, providing special handling
+ * for the "id_token=" fragments provided by OpenID Connect.
+ */
+angular.module('index').config(['$routeProvider',
+        function indexRouteConfig($routeProvider) {
+
+    // Transform "/#/id_token=..." to "/#/?id_token=..."
+    $routeProvider.when('/id_token=:response', {
+
+        template   : '',
+        controller : ['$location', function reroute($location) {
+            var params = $location.path().substring(1);
+            $location.url('/');
+            $location.search(params);
+        }]
+
    });

 }]);
--- a/extensions/guacamole-auth-openid/src/main/resources/oauthController.js
+++ b/extensions/guacamole-auth-openid/src/main/resources/oauthController.js
@@ -0,0 +1,30 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Controller for the "GUAC_OAUTH_TOKEN" field which simply redirects the user
+ * immediately to the authorization URI.
+ */
+angular.module('guacOAuth').controller('guacOAuthController', ['$scope',
+    function guacOAuthController($scope) {
+
+    // Redirect to authorization URI
+    window.location = $scope.field.authorizationURI;
+
+}]);
				`@@ -1 +0,0 @@`
				`<a href="{{field.authorizationURI}}">Log in using OAuth</a>`