You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by vn...@apache.org on 2018/02/05 18:04:20 UTC
[02/21] guacamole-client git commit: GUACAMOLE-96: Migrate to
TOTP-specific field type for authentication code.
GUACAMOLE-96: Migrate to TOTP-specific field type for authentication code.
Project: http://git-wip-us.apache.org/repos/asf/guacamole-client/repo
Commit: http://git-wip-us.apache.org/repos/asf/guacamole-client/commit/8ac8fec4
Tree: http://git-wip-us.apache.org/repos/asf/guacamole-client/tree/8ac8fec4
Diff: http://git-wip-us.apache.org/repos/asf/guacamole-client/diff/8ac8fec4
Branch: refs/heads/master
Commit: 8ac8fec47834a13317591a676faf11ed29b34929
Parents: 0844e9d
Author: Michael Jumper <mj...@apache.org>
Authored: Mon Nov 20 12:03:18 2017 -0800
Committer: Michael Jumper <mj...@apache.org>
Committed: Sun Feb 4 19:45:17 2018 -0800
----------------------------------------------------------------------
extensions/guacamole-auth-totp/pom.xml | 80 ++++++++++++++++++++
.../auth/totp/UserVerificationService.java | 28 ++-----
.../auth/totp/form/AuthenticationCodeField.java | 48 ++++++++++++
.../src/main/resources/config/totpConfig.js | 33 ++++++++
.../authenticationCodeFieldController.js | 29 +++++++
.../src/main/resources/guac-manifest.json | 14 +++-
.../src/main/resources/styles/totp.css | 20 +++++
.../templates/authenticationCodeField.html | 3 +
.../src/main/resources/totpModule.js | 28 +++++++
9 files changed, 259 insertions(+), 24 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/8ac8fec4/extensions/guacamole-auth-totp/pom.xml
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/pom.xml b/extensions/guacamole-auth-totp/pom.xml
index 5b421d7..17aff05 100644
--- a/extensions/guacamole-auth-totp/pom.xml
+++ b/extensions/guacamole-auth-totp/pom.xml
@@ -53,6 +53,85 @@
</configuration>
</plugin>
+ <!-- Pre-cache Angular templates with maven-angular-plugin -->
+ <plugin>
+ <groupId>com.keithbranton.mojo</groupId>
+ <artifactId>angular-maven-plugin</artifactId>
+ <version>0.3.2</version>
+ <executions>
+ <execution>
+ <phase>generate-resources</phase>
+ <goals>
+ <goal>html2js</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <sourceDir>${basedir}/src/main/resources</sourceDir>
+ <include>**/*.html</include>
+ <target>${basedir}/src/main/resources/generated/templates-main/templates.js</target>
+ <prefix>app/ext/totp</prefix>
+ </configuration>
+ </plugin>
+
+ <!-- JS/CSS Minification Plugin -->
+ <plugin>
+ <groupId>com.samaxes.maven</groupId>
+ <artifactId>minify-maven-plugin</artifactId>
+ <version>1.7.5</version>
+ <executions>
+ <execution>
+ <id>default-cli</id>
+ <configuration>
+ <charset>UTF-8</charset>
+
+ <webappSourceDir>${basedir}/src/main/resources</webappSourceDir>
+ <webappTargetDir>${project.build.directory}/classes</webappTargetDir>
+
+ <cssSourceDir>/</cssSourceDir>
+ <cssTargetDir>/</cssTargetDir>
+ <cssFinalFile>totp.css</cssFinalFile>
+
+ <cssSourceFiles>
+ <cssSourceFile>license.txt</cssSourceFile>
+ </cssSourceFiles>
+
+ <cssSourceIncludes>
+ <cssSourceInclude>**/*.css</cssSourceInclude>
+ </cssSourceIncludes>
+
+ <jsSourceDir>/</jsSourceDir>
+ <jsTargetDir>/</jsTargetDir>
+ <jsFinalFile>totp.js</jsFinalFile>
+
+ <jsSourceFiles>
+ <jsSourceFile>license.txt</jsSourceFile>
+ </jsSourceFiles>
+
+ <jsSourceIncludes>
+ <jsSourceInclude>**/*.js</jsSourceInclude>
+ </jsSourceIncludes>
+
+ <!-- Do not minify and include tests -->
+ <jsSourceExcludes>
+ <jsSourceExclude>**/*.test.js</jsSourceExclude>
+ </jsSourceExcludes>
+ <jsEngine>CLOSURE</jsEngine>
+
+ <!-- Disable warnings for JSDoc annotations -->
+ <closureWarningLevels>
+ <misplacedTypeAnnotation>OFF</misplacedTypeAnnotation>
+ <nonStandardJsDocs>OFF</nonStandardJsDocs>
+ </closureWarningLevels>
+
+ </configuration>
+ <goals>
+ <goal>minify</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+
<!-- Assembly plugin - for easy distribution -->
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
@@ -105,6 +184,7 @@
<excludes>
<exclude>**/*.json</exclude>
<exclude>src/licenses/**/*</exclude>
+ <exclude>src/main/resources/templates/*.html</exclude>
</excludes>
</configuration>
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/8ac8fec4/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java
index d694c5e..da24995 100644
--- a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java
+++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java
@@ -28,8 +28,8 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.guacamole.GuacamoleClientException;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.auth.totp.form.AuthenticationCodeField;
import org.apache.guacamole.form.Field;
-import org.apache.guacamole.form.TextField;
import org.apache.guacamole.net.auth.AuthenticatedUser;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.User;
@@ -62,26 +62,6 @@ public class UserVerificationService {
private static final String TOTP_KEY_CONFIRMED_ATTRIBUTE_NAME = "guac-totp-key-confirmed";
/**
- * The name of the HTTP parameter which will contain the TOTP code provided
- * by the user to verify their identity.
- */
- private static final String TOTP_PARAMETER_NAME = "guac-totp";
-
- /**
- * The field which should be exposed to the user to request that they
- * provide their TOTP code.
- */
- private static final Field TOTP_FIELD = new TextField(TOTP_PARAMETER_NAME);
-
- /**
- * CredentialsInfo object describing the credentials expected for a user
- * who has verified their identity with TOTP.
- */
- private static final CredentialsInfo TOTP_CREDENTIALS = new CredentialsInfo(
- Collections.singletonList(TOTP_FIELD)
- );
-
- /**
* BaseEncoding instance which decoded/encodes base32.
*/
private static final BaseEncoding BASE32 = BaseEncoding.base32();
@@ -234,14 +214,16 @@ public class UserVerificationService {
HttpServletRequest request = credentials.getRequest();
// Retrieve TOTP from request
- String code = request.getParameter(TOTP_PARAMETER_NAME);
+ String code = request.getParameter(AuthenticationCodeField.PARAMETER_NAME);
// If no TOTP provided, request one
if (code == null) {
// FIXME: Handle key.isConfirmed() for initial prompt
throw new GuacamoleInsufficientCredentialsException(
- "LOGIN.INFO_TOTP_REQUIRED", TOTP_CREDENTIALS);
+ "LOGIN.INFO_TOTP_REQUIRED", new CredentialsInfo(
+ Collections.<Field>singletonList(new AuthenticationCodeField())
+ ));
}
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/8ac8fec4/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java
new file mode 100644
index 0000000..8119657
--- /dev/null
+++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.totp.form;
+
+import org.apache.guacamole.form.Field;
+
+/**
+ * Field which prompts the user for an authentication code generated via TOTP.
+ */
+public class AuthenticationCodeField extends Field {
+
+ /**
+ * The name of the HTTP parameter which will contain the TOTP code provided
+ * by the user to verify their identity.
+ */
+ public static final String PARAMETER_NAME = "guac-totp";
+
+ /**
+ * The unique name associated with this field type.
+ */
+ private static final String FIELD_TYPE_NAME = "GUAC_TOTP_CODE";
+
+ /**
+ * Creates a new field which prompts the user for an authentication code
+ * generated via TOTP.
+ */
+ public AuthenticationCodeField() {
+ super(PARAMETER_NAME, FIELD_TYPE_NAME);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/8ac8fec4/extensions/guacamole-auth-totp/src/main/resources/config/totpConfig.js
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/src/main/resources/config/totpConfig.js b/extensions/guacamole-auth-totp/src/main/resources/config/totpConfig.js
new file mode 100644
index 0000000..54bb56c
--- /dev/null
+++ b/extensions/guacamole-auth-totp/src/main/resources/config/totpConfig.js
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Config block which registers TOTP-specific field types.
+ */
+angular.module('guacTOTP').config(['formServiceProvider',
+ function guacTOTPConfig(formServiceProvider) {
+
+ // Define field for the TOTP code provided by the user
+ formServiceProvider.registerFieldType('GUAC_TOTP_CODE', {
+ module : 'guacTOTP',
+ controller : 'authenticationCodeFieldController',
+ templateUrl : 'app/ext/totp/templates/authenticationCodeField.html'
+ });
+
+}]);
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/8ac8fec4/extensions/guacamole-auth-totp/src/main/resources/controllers/authenticationCodeFieldController.js
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/src/main/resources/controllers/authenticationCodeFieldController.js b/extensions/guacamole-auth-totp/src/main/resources/controllers/authenticationCodeFieldController.js
new file mode 100644
index 0000000..c9cecc6
--- /dev/null
+++ b/extensions/guacamole-auth-totp/src/main/resources/controllers/authenticationCodeFieldController.js
@@ -0,0 +1,29 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Controller for the "GUAC_TOTP_CODE" field which prompts the user to enter
+ * the code generated by their authentication device.
+ */
+angular.module('guacTOTP').controller('authenticationCodeFieldController', ['$scope', '$element',
+ function authenticationCodeFieldController($scope, $element) {
+
+ // STUB
+
+}]);
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/8ac8fec4/extensions/guacamole-auth-totp/src/main/resources/guac-manifest.json
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/src/main/resources/guac-manifest.json b/extensions/guacamole-auth-totp/src/main/resources/guac-manifest.json
index 539562c..dee8291 100644
--- a/extensions/guacamole-auth-totp/src/main/resources/guac-manifest.json
+++ b/extensions/guacamole-auth-totp/src/main/resources/guac-manifest.json
@@ -11,6 +11,18 @@
"translations" : [
"translations/en.json"
- ]
+ ],
+
+ "js" : [
+ "totp.min.js"
+ ],
+
+ "css" : [
+ "totp.min.css"
+ ],
+
+ "resources" : {
+ "templates/authenticationCodeField.html" : "text/html"
+ }
}
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/8ac8fec4/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css b/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css
new file mode 100644
index 0000000..8181e2c
--- /dev/null
+++ b/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css
@@ -0,0 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/* STUB */
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/8ac8fec4/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html b/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html
new file mode 100644
index 0000000..4e7fb0f
--- /dev/null
+++ b/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html
@@ -0,0 +1,3 @@
+<div class="totp-code-field">
+ <input type="text" ng-model="model" autocorrect="off" autocapitalize="off"/>
+</div>
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/8ac8fec4/extensions/guacamole-auth-totp/src/main/resources/totpModule.js
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/src/main/resources/totpModule.js b/extensions/guacamole-auth-totp/src/main/resources/totpModule.js
new file mode 100644
index 0000000..c6a0c7e
--- /dev/null
+++ b/extensions/guacamole-auth-totp/src/main/resources/totpModule.js
@@ -0,0 +1,28 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Module which provides handling for TOTP multi-factor authentication.
+ */
+angular.module('guacTOTP', [
+ 'form'
+]);
+
+// Ensure the guacTOTP module is loaded along with the rest of the app
+angular.module('index').requires.push('guacTOTP');