GUACAMOLE-96: Include all TOTP key details in field when enrolling.
Project: http://git-wip-us.apache.org/repos/asf/guacamole-client/repo Commit: http://git-wip-us.apache.org/repos/asf/guacamole-client/commit/5b2b6337 Tree: http://git-wip-us.apache.org/repos/asf/guacamole-client/tree/5b2b6337 Diff: http://git-wip-us.apache.org/repos/asf/guacamole-client/diff/5b2b6337 Branch: refs/heads/master Commit: 5b2b633707b997212de553130e1e9f7b6627c30e Parents: b1c23f2 Author: Michael Jumper <mjum...@apache.org> Authored: Fri Nov 24 12:34:09 2017 -0800 Committer: Michael Jumper <mjum...@apache.org> Committed: Sun Feb 4 19:45:18 2018 -0800 ---------------------------------------------------------------------- .../auth/totp/form/AuthenticationCodeField.java | 109 +++++++++++++++++++ 1 file changed, 109 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/5b2b6337/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java index 764fe95..1a61e89 100644 --- a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java +++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java @@ -35,6 +35,7 @@ import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.auth.totp.user.UserTOTPKey; import org.apache.guacamole.auth.totp.conf.ConfigurationService; import org.apache.guacamole.form.Field; +import org.apache.guacamole.totp.TOTPGenerator; import org.codehaus.jackson.annotate.JsonProperty; /** @@ -99,6 +100,46 @@ public class AuthenticationCodeField extends Field { } /** + * Returns the username of the user associated with the key being used to + * generate TOTP codes. If the user's key is not being exposed to facilitate + * enrollment, this value will not be exposed either. + * + * @return + * The username of the user associated with the key being used to + * generate TOTP codes, or null if the user's key is not being exposed + * to facilitate enrollment. + */ + public String getUsername() { + + // Do not reveal TOTP mode unless enrollment is in progress + if (key == null) + return null; + + return key.getUsername(); + + } + + /** + * Returns the base32-encoded secret key that is being used to generate TOTP + * codes for the authenticating user. If the user's key is not being exposed + * to facilitate enrollment, this value will not be exposed either. + * + * @return + * The base32-encoded secret key that is being used to generate TOTP + * codes for the authenticating user, or null if the user's key is not + * being exposed to facilitate enrollment. + */ + public String getSecret() { + + // Do not reveal TOTP mode unless enrollment is in progress + if (key == null) + return null; + + return BASE32.encode(key.getSecret()); + + } + + /** * Returns the number of digits used for each TOTP code. If the user's key * is not being exposed to facilitate enrollment, this value will not be * exposed either. @@ -121,6 +162,74 @@ public class AuthenticationCodeField extends Field { } /** + * Returns the human-readable name of the entity issuing user accounts. If + * the user's key is not being exposed to facilitate enrollment, this value + * will not be exposed either. + * + * @return + * The human-readable name of the entity issuing user accounts, or null + * if the user's key is not being exposed to facilitate enrollment. + * + * @throws GuacamoleException + * If the issuer cannot be read from guacamole.properties. + */ + public String getIssuer() throws GuacamoleException { + + // Do not reveal code issuer unless enrollment is in progress + if (key == null) + return null; + + return confService.getIssuer(); + + } + + /** + * Returns the mode that TOTP code generation is operating in. This value + * will be one of "SHA1", "SHA256", or "SHA512". If the user's key is not + * being exposed to facilitate enrollment, this value will not be exposed + * either. + * + * @return + * The mode that TOTP code generation is operating in, such as "SHA1", + * "SHA256", or "SHA512", or null if the user's key is not being + * exposed to facilitate enrollment. + * + * @throws GuacamoleException + * If the TOTP mode cannot be read from guacamole.properties. + */ + public TOTPGenerator.Mode getMode() throws GuacamoleException { + + // Do not reveal TOTP mode unless enrollment is in progress + if (key == null) + return null; + + return confService.getMode(); + + } + + /** + * Returns the number of seconds that each TOTP code remains valid. If the + * user's key is not being exposed to facilitate enrollment, this value will + * not be exposed either. + * + * @return + * The number of seconds that each TOTP code remains valid, or null if + * the user's key is not being exposed to facilitate enrollment. + * + * @throws GuacamoleException + * If the period cannot be read from guacamole.properties. + */ + public Integer getPeriod() throws GuacamoleException { + + // Do not reveal code period unless enrollment is in progress + if (key == null) + return null; + + return confService.getPeriod(); + + } + + /** * Returns the "otpauth" URI for the secret key used to generate TOTP codes * for the current user. If the secret key is not being exposed to * facilitate enrollment, null is returned.