diff --git a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/CASAuthenticationProvider.java b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/CASAuthenticationProvider.java index 28122f9b8..a96154ae9 100644 --- a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/CASAuthenticationProvider.java +++ b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/CASAuthenticationProvider.java @@ -107,6 +107,13 @@ public class CASAuthenticationProvider implements AuthenticationProvider { } + @Override + public UserContext decorate(UserContext context, + AuthenticatedUser authenticatedUser, Credentials credentials) + throws GuacamoleException { + return context; + } + @Override public void shutdown() { // Do nothing diff --git a/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/DuoAuthenticationProvider.java b/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/DuoAuthenticationProvider.java index 1c84046cc..aadc231c5 100644 --- a/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/DuoAuthenticationProvider.java +++ b/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/DuoAuthenticationProvider.java @@ -102,6 +102,13 @@ public class DuoAuthenticationProvider implements AuthenticationProvider { return context; } + @Override + public UserContext decorate(UserContext context, + AuthenticatedUser authenticatedUser, Credentials credentials) + throws GuacamoleException { + return context; + } + @Override public void shutdown() { // Do nothing diff --git a/extensions/guacamole-auth-header/src/main/java/org/apache/guacamole/auth/header/HTTPHeaderAuthenticationProvider.java b/extensions/guacamole-auth-header/src/main/java/org/apache/guacamole/auth/header/HTTPHeaderAuthenticationProvider.java index b3385b1db..d68c2eee1 100644 --- a/extensions/guacamole-auth-header/src/main/java/org/apache/guacamole/auth/header/HTTPHeaderAuthenticationProvider.java +++ b/extensions/guacamole-auth-header/src/main/java/org/apache/guacamole/auth/header/HTTPHeaderAuthenticationProvider.java @@ -107,6 +107,13 @@ public class HTTPHeaderAuthenticationProvider implements AuthenticationProvider } + @Override + public UserContext decorate(UserContext context, + AuthenticatedUser authenticatedUser, Credentials credentials) + throws GuacamoleException { + return context; + } + @Override public void shutdown() { // Do nothing diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java index e73b3dfce..9113834ef 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java @@ -104,6 +104,13 @@ public abstract class InjectedAuthenticationProvider implements AuthenticationPr authenticatedUser, credentials); } + @Override + public UserContext decorate(UserContext context, + AuthenticatedUser authenticatedUser, Credentials credentials) + throws GuacamoleException { + return context; + } + @Override public void shutdown() { // Do nothing diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPAuthenticationProvider.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPAuthenticationProvider.java index f9c4a7d2c..e7a990ee2 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPAuthenticationProvider.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPAuthenticationProvider.java @@ -103,6 +103,13 @@ public class LDAPAuthenticationProvider implements AuthenticationProvider { return context; } + @Override + public UserContext decorate(UserContext context, + AuthenticatedUser authenticatedUser, Credentials credentials) + throws GuacamoleException { + return context; + } + @Override public void shutdown() { // Do nothing diff --git a/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/openid/OpenIDAuthenticationProvider.java b/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/openid/OpenIDAuthenticationProvider.java index 57b483183..d58e7dc72 100644 --- a/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/openid/OpenIDAuthenticationProvider.java +++ b/extensions/guacamole-auth-openid/src/main/java/org/apache/guacamole/auth/openid/OpenIDAuthenticationProvider.java @@ -107,6 +107,13 @@ public class OpenIDAuthenticationProvider implements AuthenticationProvider { } + @Override + public UserContext decorate(UserContext context, + AuthenticatedUser authenticatedUser, Credentials credentials) + throws GuacamoleException { + return context; + } + @Override public void shutdown() { // Do nothing diff --git a/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AuthenticationProvider.java index 448f495f1..7c7f12e1c 100644 --- a/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AuthenticationProvider.java @@ -168,6 +168,40 @@ public interface AuthenticationProvider { AuthenticatedUser authenticatedUser, Credentials credentials) throws GuacamoleException; + /** + * Given a UserContext which originates from a different + * AuthenticationProvider, returns a UserContext instance which decorates + * (wraps) that UserContext, delegating and overriding implemented + * functions as necessary. Each UserContext created via getUserContext() + * or updateUserContext() will be passed to the decorate() functions of all + * other AuthenticationProviders, allowing those AuthenticationProviders + * to augment (or perhaps even limit) the functionality or data provided. + * + * @param context + * An existing UserContext generated by a different + * AuthenticationProvider. + * + * @param authenticatedUser + * The AuthenticatedUser object representing the user associated with + * the given UserContext. + * + * @param credentials + * The credentials which were most recently submitted for the given + * AuthenticatedUser. These are not guaranteed to be the same as the + * credentials associated with the AuthenticatedUser object, which are + * the credentials provided when the user originally authenticated. + * + * @return + * A decorated (wrapped) UserContext object, or the original, + * undecorated UserContext. + * + * @throws GuacamoleException + * If the UserContext cannot be decorated due to an error. + */ + UserContext decorate(UserContext context, + AuthenticatedUser authenticatedUser, + Credentials credentials) throws GuacamoleException; + /** * Frees all resources associated with this AuthenticationProvider. This * function will be automatically invoked when the Guacamole server is diff --git a/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleAuthenticationProvider.java b/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleAuthenticationProvider.java index 83ac79476..fcacc3c97 100644 --- a/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleAuthenticationProvider.java +++ b/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleAuthenticationProvider.java @@ -260,6 +260,16 @@ public abstract class SimpleAuthenticationProvider } + @Override + public UserContext decorate(UserContext context, + AuthenticatedUser authenticatedUser, Credentials credentials) + throws GuacamoleException { + + // Simply return the given context, decorating nothing + return context; + + } + @Override public void shutdown() { // Do nothing diff --git a/guacamole/src/main/java/org/apache/guacamole/extension/AuthenticationProviderFacade.java b/guacamole/src/main/java/org/apache/guacamole/extension/AuthenticationProviderFacade.java index 8dfbe7fee..b3169de82 100644 --- a/guacamole/src/main/java/org/apache/guacamole/extension/AuthenticationProviderFacade.java +++ b/guacamole/src/main/java/org/apache/guacamole/extension/AuthenticationProviderFacade.java @@ -158,6 +158,20 @@ public class AuthenticationProviderFacade implements AuthenticationProvider { } + @Override + public UserContext decorate(UserContext context, + AuthenticatedUser authenticatedUser, + Credentials credentials) throws GuacamoleException { + + // Do nothing if underlying auth provider could not be loaded + if (authProvider == null) + return context; + + // Delegate to underlying auth provider + return authProvider.decorate(context, authenticatedUser, credentials); + + } + @Override public void shutdown() { if (authProvider != null)