You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by jm...@apache.org on 2016/08/01 00:28:53 UTC

[4/7] incubator-guacamole-client git commit: GUACAMOLE-5: Update the SharedUserContext whenever a new share key is used.

GUACAMOLE-5: Update the SharedUserContext whenever a new share key is used.


Project: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/commit/ecaf5be8
Tree: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/tree/ecaf5be8
Diff: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/diff/ecaf5be8

Branch: refs/heads/master
Commit: ecaf5be84eb643b1bf9a697c77daae2845c5d3b2
Parents: 96094a1
Author: Michael Jumper <mj...@apache.org>
Authored: Fri Jul 29 15:33:13 2016 -0700
Committer: Michael Jumper <mj...@apache.org>
Committed: Sat Jul 30 23:11:12 2016 -0700

----------------------------------------------------------------------
 .../jdbc/AuthenticationProviderService.java     | 32 +++++++++++++++++
 .../jdbc/InjectedAuthenticationProvider.java    |  6 ++--
 .../jdbc/JDBCAuthenticationProviderService.java | 11 ++++++
 .../jdbc/sharing/ConnectionSharingService.java  | 36 ++++++++++++++------
 .../SharedAuthenticationProviderService.java    | 17 +++++++++
 5 files changed, 87 insertions(+), 15 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ecaf5be8/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java
index 625006b..915c417 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java
@@ -81,4 +81,36 @@ public interface AuthenticationProviderService  {
     public UserContext getUserContext(AuthenticationProvider authenticationProvider,
             AuthenticatedUser authenticatedUser) throws GuacamoleException;
 
+    /**
+     * Returns an updated UserContext instance for the given
+     * already-authenticated user. If no changes need be made to the
+     * UserContext, the original UserContext will be returned.
+     *
+     * @param authenticationProvider
+     *     The AuthenticationProvider on behalf of which the UserContext is
+     *     being updated.
+     *
+     * @param context
+     *     The UserContext to update.
+     *
+     * @param authenticatedUser
+     *     The AuthenticatedUser associated with the UserContext being updated.
+     *
+     * @param credentials
+     *     The credentials most recently submitted by the user. These
+     *     credentials are not guaranteed to be the same as the credentials
+     *     already associated with the AuthenticatedUser.
+     *
+     * @return
+     *     A new UserContext instance for the user identified by the given
+     *     credentials.
+     *
+     * @throws GuacamoleException
+     *     If an error occurs during authentication, or if the given
+     *     credentials are invalid or expired.
+     */
+    public UserContext updateUserContext(AuthenticationProvider authenticationProvider,
+            UserContext context, AuthenticatedUser authenticatedUser,
+            Credentials credentials) throws GuacamoleException;
+
 }

http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ecaf5be8/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java
index 92dc098..08defc2 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java
@@ -97,10 +97,8 @@ public abstract class InjectedAuthenticationProvider implements AuthenticationPr
     public UserContext updateUserContext(UserContext context,
             AuthenticatedUser authenticatedUser, Credentials credentials)
             throws GuacamoleException {
-
-        // No need to update the context
-        return context;
-
+        return authProviderService.updateUserContext(this, context,
+                authenticatedUser, credentials);
     }
 
 }

http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ecaf5be8/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
index a362e81..20e2f09 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
@@ -28,6 +28,7 @@ import org.apache.guacamole.auth.jdbc.user.UserService;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.AuthenticationProvider;
 import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.UserContext;
 import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
 import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
 
@@ -82,4 +83,14 @@ public class JDBCAuthenticationProviderService implements AuthenticationProvider
 
     }
 
+    @Override
+    public UserContext updateUserContext(AuthenticationProvider authenticationProvider,
+            UserContext context, AuthenticatedUser authenticatedUser,
+            Credentials credentials) throws GuacamoleException {
+
+        // No need to update the context
+        return context;
+
+    }
+
 }

http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ecaf5be8/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java
index 4c5877f..45951ec 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java
@@ -130,6 +130,29 @@ public class ConnectionSharingService {
     }
 
     /**
+     * Returns the share key contained within the given credentials. If there is
+     * no such share key, null is returned.
+     *
+     * @param credentials
+     *     The credentials from which the share key should be retrieved.
+     *
+     * @return
+     *     The share key contained within the given credentials, or null if
+     *     the credentials do not contain a share key.
+     */
+    public String getShareKey(Credentials credentials) {
+
+        // Pull associated HTTP request
+        HttpServletRequest request = credentials.getRequest();
+        if (request == null)
+            return null;
+
+        // Retrieve the share key from the request
+        return request.getParameter(SHARE_KEY_NAME);
+
+    }
+
+    /**
      * Returns a SharedAuthenticatedUser if the given credentials contain a
      * valid share key. The returned user will be associated with the single
      * shared connection to which they have been granted temporary access. If
@@ -151,18 +174,9 @@ public class ConnectionSharingService {
     public SharedAuthenticatedUser retrieveSharedConnectionUser(
             AuthenticationProvider authProvider, Credentials credentials) {
 
-        // Pull associated HTTP request
-        HttpServletRequest request = credentials.getRequest();
-        if (request == null)
-            return null;
-
-        // Retrieve the share key from the request
-        String shareKey = request.getParameter(ConnectionSharingService.SHARE_KEY_NAME);
-        if (shareKey == null)
-            return null;
-
         // Validate the share key
-        if (connectionMap.get(shareKey) == null)
+        String shareKey = getShareKey(credentials);
+        if (shareKey == null || connectionMap.get(shareKey) == null)
             return null;
 
         // Return temporary in-memory user

http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ecaf5be8/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java
index ddcd929..086b432 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java
@@ -28,6 +28,7 @@ import org.apache.guacamole.auth.jdbc.sharing.user.SharedUserContext;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.AuthenticationProvider;
 import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.UserContext;
 import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
 import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
 
@@ -94,4 +95,20 @@ public class SharedAuthenticationProviderService implements AuthenticationProvid
 
     }
 
+    @Override
+    public UserContext updateUserContext(AuthenticationProvider authenticationProvider,
+            UserContext context, AuthenticatedUser authenticatedUser,
+            Credentials credentials) throws GuacamoleException {
+
+        // Retrieve the share key from the request
+        String shareKey = sharingService.getShareKey(credentials);
+
+        // Update the user context with the share key, if given
+        if (shareKey != null)
+            ((SharedUserContext) context).registerShareKey(shareKey);
+
+        return context;
+
+    }
+
 }