safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-10-27 15:13:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,987 Commits 1 Branch 0 Tags
36dedc935f923fab1223e5514831605890644325
Commit Graph

1794 Commits

Author SHA1 Message Date
Michael Jumper
55b7e6f867 GUACAMOLE-641: Additionally match against KSM custom fields based on labels. 2022-01-22 22:25:04 -08:00
Michael Jumper
f8f0779d7a GUACAMOLE-641: Manually extract password value from KeeperRecord. 
Simply calling getPassword() does not currently work correctly, as the
implementation of getPassword() assumes there will be at least one
value if the field is present. This results in an
ArrayIndexOutOfBoundsException for records with empty passwords:

java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
 at java.util.ArrayList.rangeCheck(ArrayList.java:659)
 at java.util.ArrayList.get(ArrayList.java:435)
 at com.keepersecurity.secretsManager.core.KeeperRecord.getPassword(SecretsManager.kt:134)
 ...
 2022-01-22 22:25:04 -08:00
Michael Jumper
b6e6800c0d GUACAMOLE-641: Consider null token mapping (blank YAML) to be empty. 2022-01-22 22:25:04 -08:00
Michael Jumper
aee1b13b2b GUACAMOLE-641: Include KSM extension in vault distribution. 2022-01-22 22:25:04 -08:00
Michael Jumper
62863f8a0b GUACAMOLE-641: Log possible ambiguous record retrievals at debug level. 2022-01-22 22:25:04 -08:00
Michael Jumper
c5ae027225 GUACAMOLE-641: Add user- and gateway-specific tokens. 2022-01-22 22:25:04 -08:00
Michael Jumper
b655866057 GUACAMOLE-641: Consider existing tokens when injecting tokens from vault. 2022-01-22 22:25:04 -08:00
Michael Jumper
d2f5596015 GUACAMOLE-641: Automatically provide KEEPER_SERVER_* tokens based on connection parameters. 2022-01-22 22:25:04 -08:00
Michael Jumper
30f24de808 GUACAMOLE-641: Allow vault implementations to automatically provide tokens based on connection parameters (without YAML mapping). 2022-01-22 22:25:04 -08:00
Michael Jumper
d0bd4b52d6 GUACAMOLE-641: Add general service for retrieving data from Keeper records. 2022-01-22 22:25:04 -08:00
Michael Jumper
d0043e34dd GUACAMOLE-641: Allow token mapping file to not exist. 
Some tokens may be standardized or specific to the implementation, and
may not need to be defined in YAML.
 2022-01-22 22:25:04 -08:00
Michael Jumper
8bedbe746c GUACAMOLE-641: Add initial draft implementation of KSM vault support for Guacamole. 2022-01-22 22:25:04 -08:00
Michael Jumper
786430612e GUACAMOLE-641: Canonicalize individual, tokenized components of secret names rather than the whole name. 
In the event that a secret name is structured, such as the URL-like
notation used by Keeper Secrets Manager, canonicalizing/encoding the
entire name could result in the name itself becoming invalid. Only the
portions that come from tokens should be canonicalized.
 2022-01-22 22:25:04 -08:00
Michael Jumper
16cb9ed69b GUACAMOLE-641: Expand CONNECTION_USERNAME and CONNECTION_HOSTNAME tokens only if corresponding parameters are non-empty. 2022-01-22 22:25:04 -08:00
Michael Jumper
4d3b2a9435 GUACAMOLE-641: Obtain connection hostname and/or username for vault tokens via privileged access, if possible. 2022-01-22 22:25:04 -08:00
Michael Jumper
5aba0cd09d GUACAMOLE-641: Read token/secret mapping from YAML instead of JSON. 2022-01-22 22:25:04 -08:00
Michael Jumper
b57578ad8e GUACAMOLE-641: Rename vault-specific username token to "USERNAME" to avoid confusion with "GUAC_USERNAME". 
The "GUAC_USERNAME" token provided by the webapp is based off the
username provided by the user when they authenticated. The username
token provided by the vault extensions uses the username stored with
the user's corresponding object, which may not be the same.
 2022-01-22 22:25:04 -08:00
Michael Jumper
f99b3a3213 GUACAMOLE-641: Rename guacamole-auth-vault to guacamole-vault (does not provide auth). 2022-01-22 22:25:04 -08:00
Michael Jumper
2df24bf911 GUACAMOLE-641: Document return type of VaultUserContext.resolve(). 2022-01-22 22:25:04 -08:00
Michael Jumper
0359aa6225 GUACAMOLE-641: Follow widely-accepted public static final Logger idiom. 
From https://github.com/apache/guacamole-client/pull/336#discussion_r241549475:

>
> SLF4J formerly recommended that instance variables be used
> (non-static), but no longer takes either stance:
> https://www.slf4j.org/faq.html#declared_static
>
> If we have to pick something to be the standard going forward, I'd
> say let's stick with the accepted idiom of `private static final`
> loggers, with the exception being where it's actually necessary to
> not be `static` (dependency injection).
>
 2022-01-22 22:25:04 -08:00
Michael Jumper
e0fce54056 GUACAMOLE-641: Correct typo in documentation - "AzureKeyVaultAuthenticationiProviderModule" should be "AzureKeyVaultAuthenticationProviderModule". 2022-01-22 22:25:04 -08:00
Michael Jumper
3dbb821baf GUACAMOLE-641: Retrieve tokens asynchronously and in parallel. 2022-01-22 22:25:04 -08:00
Michael Jumper
e56becc258 GUACAMOLE-641: Retrieve secrets from Azure Key Vault. 2022-01-22 22:25:04 -08:00
Michael Jumper
cab29bacf7 GUACAMOLE-641: Automatically cache requests for secrets from the vault. 2022-01-22 22:25:04 -08:00
Michael Jumper
6145a79f5d GUACAMOLE-641: Add generic vault support with an initial Azure Key Vault implementation. 2022-01-22 22:25:04 -08:00
Michael Jumper
3fb309bbcf GUACAMOLE-1508: Bundle libraries for all extensions as nested .jar files. 2022-01-20 16:03:17 -08:00
Virtually Nick
c2c3428cf0 GUACAMOLE-1488: Add support for configuring LDAP SSL protocol. 2022-01-03 15:56:20 -05:00
Virtually Nick
20eec4bbb0 Merge 1.4.0 changes back to master. 2021-12-27 09:32:39 -05:00
Virtually Nick
52d10b2ba0 GUACAMOLE-773: Merge latest update of Java and JavaScript dependencies. 2021-12-27 07:18:17 -07:00
Michael Jumper
b8d23962d6 GUACAMOLE-773: Update Java dependencies to latest stable, compatible versions. 2021-12-26 17:50:43 -08:00
Virtually Nick
2d269a129d Merge 1.4.0 changes back to master. 2021-12-26 10:32:55 -05:00
Michael Jumper
f1e9ee6876 GUACAMOLE-1364: Correct rendering of SSO provider list during invalid login animation. 
The SSO provider list unexpectedly shrinks when the invalid login
"shake" animation plays due to the use of "display: table-row" vs. the
login form's own use of "display: table-cell". Migrating the SSO
provider list to a simple absolutely-positioned div corrects this and
matches the way the Guacamole version is rendered.
 2021-12-26 00:00:38 -08:00
Virtually Nick
588915d232 Merge 1.4.0 changes back to master. 2021-12-12 07:25:13 -05:00
Michael Jumper
5e9e215356 GUACAMOLE-1411: Bump version numbers to 1.4.0. 2021-12-11 16:27:00 -08:00
James Muehlner
48a38e7b97 Merge 1.4.0 changes back to master. 2021-12-03 21:23:39 -08:00
Michael Jumper
b6696b9dba GUACAMOLE-1364: Extract common SSO resource for IdP redirect. 2021-12-03 21:18:04 -08:00
Michael Jumper
0e9860ecf7 GUACAMOLE-1364: Allow both traditional username/password and SSO. 2021-12-03 20:36:34 -08:00
Michael Jumper
7dc0b3b509 GUACAMOLE-1364: Extract common base SSO classes. 2021-12-03 20:33:32 -08:00
Michael Jumper
a6b38bec62 GUACAMOLE-1364: Remove unnecessary separate dist .tar.gz for SSO extensions (now distributed within common .tar.gz). 2021-11-25 19:01:57 -08:00
Michael Jumper
ba93d17265 GUACAMOLE-1364: Correct naming of SAML auth field and translation. 2021-11-25 18:44:46 -08:00
Michael Jumper
817f19290d GUACAMOLE-1364: Unify translations of SSO extensions. 2021-11-25 18:44:46 -08:00
Michael Jumper
36a02c1f90 GUACAMOLE-1364: Refactor all SSO extensions beneath common base. 2021-11-25 18:44:46 -08:00
Virtually Nick
c143c7cb5c Merge 1.4.0 changes back to master. 2021-11-22 20:22:39 -05:00
Michael Jumper
cce63e74c4 GUACAMOLE-1364: Do not rely on Collectors.toUnmodifiableMap() as it is not part of Java 8. 2021-11-22 15:11:40 -08:00
Virtually Nick
09b1508ec7 Merge 1.4.0 changes back to master. 2021-11-22 15:47:15 -05:00
Michael Jumper
76caea0fa8 GUACAMOLE-1364: Actually inject parameter tokens derived from SAML. 2021-11-22 12:30:16 -08:00
Michael Jumper
d360d2a9ef GUACAMOLE-1364: Clean up overall logic of SAML authentication flow. 2021-11-22 12:30:16 -08:00
James Muehlner
1c12f9f212 GUACAMOLE-957: Merge bind password field default fix for LDAP. 2021-11-15 19:38:45 -08:00
Michael Jumper
bc0b14a7c5 GUACAMOLE-957: Default bind password should be bind password, not DN (correct copypasta). 2021-11-13 17:21:48 -08:00
Michael Jumper
1bec3e76c5 GUACAMOLE-957: Clear out cached ldap-servers.yml if it is deleted. 2021-11-13 17:05:11 -08:00