You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by mj...@apache.org on 2017/10/27 17:51:00 UTC
[16/24] incubator-guacamole-client git commit: GUACAMOLE-362:
Refactor ticket validation handling of credentials.
GUACAMOLE-362: Refactor ticket validation handling of credentials.
Project: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/commit/b410b99d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/tree/b410b99d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/diff/b410b99d
Branch: refs/heads/staging/0.9.14-incubating
Commit: b410b99d49c4fd259c3af60a336808a59fec7ba5
Parents: 62fafcb
Author: Nick Couchman <vn...@apache.org>
Authored: Sat Sep 30 20:55:44 2017 -0400
Committer: Nick Couchman <ni...@yahoo.com>
Committed: Fri Oct 27 13:05:13 2017 -0400
----------------------------------------------------------------------
.../auth/cas/AuthenticationProviderService.java | 16 +++++-----------
.../auth/cas/ticket/TicketValidationService.java | 15 +++++++--------
2 files changed, 12 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/b410b99d/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
index 325268e..a9b3230 100644
--- a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
+++ b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
@@ -87,18 +87,12 @@ public class AuthenticationProviderService {
if (request != null) {
String ticket = request.getParameter(CASTicketField.PARAMETER_NAME);
if (ticket != null) {
- Credentials ticketCredentials = ticketService.validateTicket(ticket);
- if (ticketCredentials != null) {
- String username = ticketCredentials.getUsername();
- if (username != null)
- credentials.setUsername(username);
- String password = ticketCredentials.getPassword();
- if (password != null)
- credentials.setPassword(password);
+ String username = ticketService.validateTicket(ticket, credentials);
+ if (username != null) {
+ AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
+ authenticatedUser.init(username, credentials);
+ return authenticatedUser;
}
- AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
- authenticatedUser.init(credentials.getUsername(), credentials);
- return authenticatedUser;
}
}
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/b410b99d/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java
index 0162801..de38964 100644
--- a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java
+++ b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java
@@ -57,21 +57,21 @@ public class TicketValidationService {
private ConfigurationService confService;
/**
- * Validates and parses the given ID ticket, returning the Credentials object
- * derived from the parameters provided by the CAS server in the ticket. If the
+ * Validates and parses the given ID ticket, returning the username
+ * provided by the CAS server in the ticket. If the
* ticket is invalid an exception is thrown.
*
* @param ticket
* The ID ticket to validate and parse.
*
* @return
- * The Credentials object derived from parameters provided in the ticket.
+ * The username derived from the ticket.
*
* @throws GuacamoleException
* If the ID ticket is not valid or guacamole.properties could
* not be parsed.
*/
- public Credentials validateTicket(String ticket) throws GuacamoleException {
+ public String validateTicket(String ticket, Credentials credentials) throws GuacamoleException {
// Retrieve the configured CAS URL, establish a ticket validator,
// and then attempt to validate the supplied ticket. If that succeeds,
@@ -80,7 +80,6 @@ public class TicketValidationService {
Cas20ProxyTicketValidator validator = new Cas20ProxyTicketValidator(casServerUrl);
validator.setAcceptAnyProxy(true);
try {
- Credentials ticketCredentials = new Credentials();
String confRedirectURI = confService.getRedirectURI();
Assertion a = validator.validate(ticket, confRedirectURI);
AttributePrincipal principal = a.getPrincipal();
@@ -88,17 +87,17 @@ public class TicketValidationService {
// Retrieve username and set the credentials.
String username = principal.getName();
if (username != null)
- ticketCredentials.setUsername(username);
+ credentials.setUsername(username);
// Retrieve password, attempt decryption, and set credentials.
Object credObj = principal.getAttributes().get("credential");
if (credObj != null) {
String clearPass = decryptPassword(credObj.toString());
if (clearPass != null && !clearPass.isEmpty())
- ticketCredentials.setPassword(clearPass);
+ credentials.setPassword(clearPass);
}
- return ticketCredentials;
+ return username;
}
catch (TicketValidationException e) {