[guacamole-client] Diff for: [GitHub] mike-jumper merged pull request #355: GUACAMOLE-271: Duo in docker image

Tue, 15 Jan 2019 16:14:36 -0800 

diff --git a/guacamole-docker/bin/build-guacamole.sh 
b/guacamole-docker/bin/build-guacamole.sh
index c5ff255d4..88087e5bf 100755
--- a/guacamole-docker/bin/build-guacamole.sh
+++ b/guacamole-docker/bin/build-guacamole.sh
@@ -134,3 +134,18 @@ if [ -f 
extensions/guacamole-auth-openid/target/guacamole-auth-openid*.jar ]; th
     mkdir -p "$DESTINATION/openid"
     cp extensions/guacamole-auth-openid/target/guacamole-auth-openid*.jar 
"$DESTINATION/openid"
 fi
+
+#
+# Copy Duo auth extension if it was built
+#
+
+if [ -f extensions/guacamole-auth-duo/target/*.tar.gz ]; then
+    mkdir -p "$DESTINATION/duo"
+    tar -xzf extensions/guacamole-auth-duo/target/*.tar.gz \
+        -C "$DESTINATION/duo/"                             \
+        --wildcards                                        \
+        --no-anchored                                      \
+        --no-wildcards-match-slash                         \
+        --strip-components=1                               \
+        "*.jar"
+fi
diff --git a/guacamole-docker/bin/start.sh b/guacamole-docker/bin/start.sh
index 2ed50a929..e5ad51ead 100755
--- a/guacamole-docker/bin/start.sh
+++ b/guacamole-docker/bin/start.sh
@@ -460,6 +460,45 @@ END
 
 }
 
+##
+## Adds properties to guacamole.properties which configure the Duo two-factor
+## authentication service. Checks to see if all variables are defined and 
makes sure
+## DUO_APPLICATION_KEY is >= 40 characters.
+##
+associate_duo() {
+    # Verify required parameters are present
+    if [ -z "$DUO_INTEGRATION_KEY" ]      || \
+       [ -z "$DUO_SECRET_KEY" ]           || \
+       [ ${#DUO_APPLICATION_KEY} -lt 40 ]
+    then
+        cat <<END
+FATAL: Missing required environment variables
+-------------------------------------------------------------------------------
+If using the Duo authentication extension, you must provide each of the 
+following environment variables:
+
+    DUO_API_HOSTNAME        The hostname of the Duo API endpoint.
+
+    DUO_INTEGRATION_KEY     The integration key provided for Guacamole by Duo.
+
+    DUO_SECRET_KEY          The secret key provided for Guacamole by Duo. 
+
+    DUO_APPLICATION_KEY     An arbitrary, random key.
+                            This value must be at least 40 characters.
+END
+        exit 1;
+    fi
+
+    # Update config file
+    set_property "duo-api-hostname"                 "$DUO_API_HOSTNAME"
+    set_property "duo-integration-key"              "$DUO_INTEGRATION_KEY"
+    set_property "duo-secret-key"                   "$DUO_SECRET_KEY"
+    set_property "duo-application-key"              "$DUO_APPLICATION_KEY"
+
+    # Add required .jar files to GUACAMOLE_EXT
+    ln -s /opt/guacamole/duo/guacamole-auth-*.jar   "$GUACAMOLE_EXT"
+}
+
 ##
 ## Starts Guacamole under Tomcat, replacing the current process with the
 ## Tomcat process. As the current process will be replaced, this MUST be the
@@ -591,6 +630,11 @@ END
     exit 1;
 fi
 
+# Use Duo if specified.
+if [ -n "$DUO_API_HOSTNAME" ]; then
+    associate_duo
+fi
+
 #
 # Finally start Guacamole (under Tomcat)
 #


With regards,
Apache Git Services

Reply via email to