You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by mj...@apache.org on 2018/01/30 23:44:40 UTC
[28/50] guacamole-client git commit: GUACAMOLE-197: Reorganize authenticateUser to remove some duplicate code and make it easier to follow.

GUACAMOLE-197: Reorganize authenticateUser to remove some duplicate code and make it easier to follow.


Project: http://git-wip-us.apache.org/repos/asf/guacamole-client/repo
Commit: http://git-wip-us.apache.org/repos/asf/guacamole-client/commit/6acf0322
Tree: http://git-wip-us.apache.org/repos/asf/guacamole-client/tree/6acf0322
Diff: http://git-wip-us.apache.org/repos/asf/guacamole-client/diff/6acf0322

Branch: refs/heads/master
Commit: 6acf032247dc9b5c5ba54fd02fbf34d550e98554
Parents: 015cb4a
Author: Nick Couchman <vn...@apache.org>
Authored: Fri Jul 14 22:35:31 2017 -0400
Committer: Nick Couchman <vn...@apache.org>
Committed: Mon Jan 29 17:08:11 2018 -0500

----------------------------------------------------------------------
 .../radius/AuthenticationProviderService.java   | 90 ++++++++------------
 1 file changed, 37 insertions(+), 53 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/6acf0322/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java b/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
index ad1ac06..fdb7737 100644
--- a/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
+++ b/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
@@ -160,51 +160,13 @@ public class AuthenticationProviderService {
                 logger.debug("Error configuring RADIUS server.", e);
                 throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
             }
-
-            // No RadiusPacket is returned, we've encountered an error.
-            if (radPack == null) {
-                logger.debug("Nothing in the RADIUS packet.");
-                throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
-            }
-
-            // Received AccessReject packet, login is denied.
-            else if (radPack instanceof AccessReject) {
-                logger.debug("Login has been rejected by RADIUS server.");
-                throw new GuacamoleInvalidCredentialsException("Authentication failed.", CredentialsInfo.USERNAME_PASSWORD);
-            }
-
-            // Received AccessChallenge packet, more credentials required to complete authentication
-            else if (radPack instanceof AccessChallenge) {
-                CredentialsInfo expectedCredentials = getRadiusChallenge(radPack);
-
-                if (expectedCredentials == null)
-                    throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
-
-                throw new GuacamoleInsufficientCredentialsException("LOGIN.INFO_RADIUS_ADDL_REQUIRED", expectedCredentials);
-            }
-
-            // Received AccessAccept, authentication has succeeded
-            else if (radPack instanceof AccessAccept) {
-                try {
-                    AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
-                    authenticatedUser.init(credentials);
-                    return authenticatedUser;
-                }
-                finally {
-                    radiusService.disconnect();
-                }
-            }
-
-            // Something unanticipated happened, so panic and go back to login.
-            else {
-                logger.error("Unexpected failure authenticating with RADIUS server.");
-                throw new GuacamoleInvalidCredentialsException("Unknown error trying to authenticate.", CredentialsInfo.USERNAME_PASSWORD);
+            finally {
+                radiusService.disconnect();
             }
         }
 
-        // This is a response to a challenge, so authenticate with that response
+        // This is a response to a previous challenge, authenticate with that.
         else {
-
             try {
                 radPack = radiusService.authenticate(credentials.getUsername(),
                                                      request.getParameter(RadiusStateField.PARAMETER_NAME),
@@ -218,21 +180,43 @@ public class AuthenticationProviderService {
             finally {
                 radiusService.disconnect();
             }
+        }
 
-            // Received AccessAccept, authentication succeeded.
-            if (radPack instanceof AccessAccept) {
-                AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
-                authenticatedUser.init(credentials);
-                return authenticatedUser;
-            }
+        // No RadiusPacket is returned, we've encountered an error.
+        if (radPack == null) {
+            logger.debug("Nothing in the RADIUS packet.");
+            throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
+        }
 
-            // Authentication failed.
-            else {
-                logger.warn("RADIUS Challenge/Response authentication failed.");
-                logger.debug("Received something other than AccessAccept packet from the RADIUS server.");
-                throw new GuacamoleInvalidCredentialsException("Authentication failed.", CredentialsInfo.USERNAME_PASSWORD);
-            }
+        // Received AccessReject packet, login is denied.
+        else if (radPack instanceof AccessReject) {
+            logger.debug("Login has been rejected by RADIUS server.");
+            throw new GuacamoleInvalidCredentialsException("Authentication failed.", CredentialsInfo.USERNAME_PASSWORD);
         }
+
+        // Received AccessAccept, authentication has succeeded
+        else if (radPack instanceof AccessAccept) {
+            AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
+            authenticatedUser.init(credentials);
+            return authenticatedUser;
+        }
+
+        // Received AccessChallenge packet, more credentials required to complete authentication
+        else if (radPack instanceof AccessChallenge) {
+            CredentialsInfo expectedCredentials = getRadiusChallenge(radPack);
+
+            if (expectedCredentials == null)
+                throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
+
+            throw new GuacamoleInsufficientCredentialsException("LOGIN.INFO_RADIUS_ADDL_REQUIRED", expectedCredentials);
+        }
+
+        // Something unanticipated happened, so panic and go back to login.
+        else {
+            logger.error("Unexpected failure authenticating with RADIUS server.");
+            throw new GuacamoleInvalidCredentialsException("Unknown error trying to authenticate.", CredentialsInfo.USERNAME_PASSWORD);
+        }
+
     }
 
 }