safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,534 Commits 1 Branch 0 Tags
f355c5cfeeda75fc986fa78e734b22eff97adfcf
Commit Graph

69 Commits

Author SHA1 Message Date
Michael Jumper
87b26fe2c8 GUACAMOLE-641: Use record service to resolve hostname/username of records for later lookup. 2022-01-22 22:25:04 -08:00
Michael Jumper
55b7e6f867 GUACAMOLE-641: Additionally match against KSM custom fields based on labels. 2022-01-22 22:25:04 -08:00
Michael Jumper
f8f0779d7a GUACAMOLE-641: Manually extract password value from KeeperRecord. 
Simply calling getPassword() does not currently work correctly, as the
implementation of getPassword() assumes there will be at least one
value if the field is present. This results in an
ArrayIndexOutOfBoundsException for records with empty passwords:

java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
 at java.util.ArrayList.rangeCheck(ArrayList.java:659)
 at java.util.ArrayList.get(ArrayList.java:435)
 at com.keepersecurity.secretsManager.core.KeeperRecord.getPassword(SecretsManager.kt:134)
 ...
 2022-01-22 22:25:04 -08:00
Michael Jumper
b6e6800c0d GUACAMOLE-641: Consider null token mapping (blank YAML) to be empty. 2022-01-22 22:25:04 -08:00
Michael Jumper
aee1b13b2b GUACAMOLE-641: Include KSM extension in vault distribution. 2022-01-22 22:25:04 -08:00
Michael Jumper
62863f8a0b GUACAMOLE-641: Log possible ambiguous record retrievals at debug level. 2022-01-22 22:25:04 -08:00
Michael Jumper
c5ae027225 GUACAMOLE-641: Add user- and gateway-specific tokens. 2022-01-22 22:25:04 -08:00
Michael Jumper
b655866057 GUACAMOLE-641: Consider existing tokens when injecting tokens from vault. 2022-01-22 22:25:04 -08:00
Michael Jumper
d2f5596015 GUACAMOLE-641: Automatically provide KEEPER_SERVER_* tokens based on connection parameters. 2022-01-22 22:25:04 -08:00
Michael Jumper
30f24de808 GUACAMOLE-641: Allow vault implementations to automatically provide tokens based on connection parameters (without YAML mapping). 2022-01-22 22:25:04 -08:00
Michael Jumper
d0bd4b52d6 GUACAMOLE-641: Add general service for retrieving data from Keeper records. 2022-01-22 22:25:04 -08:00
Michael Jumper
d0043e34dd GUACAMOLE-641: Allow token mapping file to not exist. 
Some tokens may be standardized or specific to the implementation, and
may not need to be defined in YAML.
 2022-01-22 22:25:04 -08:00
Michael Jumper
8bedbe746c GUACAMOLE-641: Add initial draft implementation of KSM vault support for Guacamole. 2022-01-22 22:25:04 -08:00
Michael Jumper
786430612e GUACAMOLE-641: Canonicalize individual, tokenized components of secret names rather than the whole name. 
In the event that a secret name is structured, such as the URL-like
notation used by Keeper Secrets Manager, canonicalizing/encoding the
entire name could result in the name itself becoming invalid. Only the
portions that come from tokens should be canonicalized.
 2022-01-22 22:25:04 -08:00
Michael Jumper
16cb9ed69b GUACAMOLE-641: Expand CONNECTION_USERNAME and CONNECTION_HOSTNAME tokens only if corresponding parameters are non-empty. 2022-01-22 22:25:04 -08:00
Michael Jumper
4d3b2a9435 GUACAMOLE-641: Obtain connection hostname and/or username for vault tokens via privileged access, if possible. 2022-01-22 22:25:04 -08:00
Michael Jumper
5aba0cd09d GUACAMOLE-641: Read token/secret mapping from YAML instead of JSON. 2022-01-22 22:25:04 -08:00
Michael Jumper
b57578ad8e GUACAMOLE-641: Rename vault-specific username token to "USERNAME" to avoid confusion with "GUAC_USERNAME". 
The "GUAC_USERNAME" token provided by the webapp is based off the
username provided by the user when they authenticated. The username
token provided by the vault extensions uses the username stored with
the user's corresponding object, which may not be the same.
 2022-01-22 22:25:04 -08:00
Michael Jumper
f99b3a3213 GUACAMOLE-641: Rename guacamole-auth-vault to guacamole-vault (does not provide auth). 2022-01-22 22:25:04 -08:00