[guacamole-client] branch master updated (27ae3c7 -> a0d8a7a)

jmuehlner Tue, 25 Jan 2022 20:47:29 -0800

This is an automated email from the ASF dual-hosted git repository.

jmuehlner pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/guacamole-client.git.



    from 27ae3c7  GUACAMOLE-1523: Merge resync ONLY local clipboard to internal 
clipboard.
     add 19920ee  GUACAMOLE-641: Allow token retrieval/generation to fail with 
an error.
     add 0ac67b8  GUACAMOLE-641: Provide strict filtering mode for TokenFilter 
which disallows undefined tokens.
     add 6145a79  GUACAMOLE-641: Add generic vault support with an initial 
Azure Key Vault implementation.
     add cab29ba  GUACAMOLE-641: Automatically cache requests for secrets from 
the vault.
     add e56becc  GUACAMOLE-641: Retrieve secrets from Azure Key Vault.
     add 2f946d9  GUACAMOLE-641: Allow tokens to be easily injected on-demand.
     add 3dbb821  GUACAMOLE-641: Retrieve tokens asynchronously and in parallel.
     add e0fce54  GUACAMOLE-641: Correct typo in documentation - 
"AzureKeyVaultAuthenticationiProviderModule" should be 
"AzureKeyVaultAuthenticationProviderModule".
     add 0359aa6  GUACAMOLE-641: Follow widely-accepted `public static final 
Logger` idiom.
     add 2df24bf  GUACAMOLE-641: Document return type of 
VaultUserContext.resolve().
     add f99b3a3  GUACAMOLE-641: Rename guacamole-auth-vault to guacamole-vault 
(does not provide auth).
     add b57578a  GUACAMOLE-641: Rename vault-specific username token to 
"USERNAME" to avoid confusion with "GUAC_USERNAME".
     add 5aba0cd  GUACAMOLE-641: Read token/secret mapping from YAML instead of 
JSON.
     add 4d3b2a9  GUACAMOLE-641: Obtain connection hostname and/or username for 
vault tokens via privileged access, if possible.
     add 16cb9ed  GUACAMOLE-641: Expand CONNECTION_USERNAME and 
CONNECTION_HOSTNAME tokens only if corresponding parameters are non-empty.
     add 7864306  GUACAMOLE-641: Canonicalize individual, tokenized components 
of secret names rather than the whole name.
     add 8bedbe7  GUACAMOLE-641: Add initial draft implementation of KSM vault 
support for Guacamole.
     add d0043e3  GUACAMOLE-641: Allow token mapping file to not exist.
     add d0bd4b5  GUACAMOLE-641: Add general service for retrieving data from 
Keeper records.
     add 30f24de  GUACAMOLE-641: Allow vault implementations to automatically 
provide tokens based on connection parameters (without YAML mapping).
     add d2f5596  GUACAMOLE-641: Automatically provide KEEPER_SERVER_* tokens 
based on connection parameters.
     add 7641fa9  GUACAMOLE-641: Allow TokenInjecting* implementations to 
consider values of existing tokens.
     add b655866  GUACAMOLE-641: Consider existing tokens when injecting tokens 
from vault.
     add c5ae027  GUACAMOLE-641: Add user- and gateway-specific tokens.
     add 62863f8  GUACAMOLE-641: Log possible ambiguous record retrievals at 
debug level.
     add aee1b13  GUACAMOLE-641: Include KSM extension in vault distribution.
     add b6e6800  GUACAMOLE-641: Consider null token mapping (blank YAML) to be 
empty.
     add f8f0779  GUACAMOLE-641: Manually extract password value from 
KeeperRecord.
     add 55b7e6f  GUACAMOLE-641: Additionally match against KSM custom fields 
based on labels.
     add 87b26fe  GUACAMOLE-641: Use record service to resolve 
hostname/username of records for later lookup.
     add 1cfd2ee  GUACAMOLE-641: Index records by username ONLY if not related 
to a hostname.
     add 46501f4  GUACAMOLE-641: Correct standard vs. custom field logic for 
complex retrievals.
     add 86d1de5  GUACAMOLE-641: Automatically pull Guacamole properties from 
vault.
     add e89a655  GUACAMOLE-641: Alternatively download .pem files for private 
keys.
     add 979505b  GUACAMOLE-641: Remove Azure Key Vault extension until license 
text can be obtained.
     add 96c8c7d  GUACAMOLE-641: Correct old references to the 
temporarily-removed Azure support.
     new a0d8a7a  GUACAMOLE-641: Merge support for reading secrets from key 
vaults.

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../LICENSE                                        |  17 +-
 doc/licenses/bouncycastle-fips-1.0.2.1/README      |   8 +
 .../bouncycastle-fips-1.0.2.1/dep-coordinates.txt  |   1 +
 doc/licenses/jetbrains-annotations-13.0/README     |   9 +
 .../jetbrains-annotations-13.0/dep-coordinates.txt |   1 +
 doc/licenses/kotlin-1.5.30/NOTICE.txt              |   2 +
 doc/licenses/kotlin-1.5.30/README                  |   8 +
 doc/licenses/kotlin-1.5.30/dep-coordinates.txt     |   5 +
 .../kotlinx-serialization-1.2.1/NOTICE.txt         |   2 +
 doc/licenses/kotlinx-serialization-1.2.1/README    |   8 +
 .../dep-coordinates.txt                            |   2 +
 .../LICENSE                                        |   2 +-
 doc/licenses/ksm-sdk-16.2.1/README                 |   9 +
 doc/licenses/ksm-sdk-16.2.1/dep-coordinates.txt    |   1 +
 doc/licenses/snakeyaml-1.27/README                 |   8 +
 doc/licenses/snakeyaml-1.27/dep-coordinates.txt    |   1 +
 .../guacamole-vault}/.ratignore                    |   0
 .../modules/guacamole-vault-base}/.ratignore       |   0
 .../modules/guacamole-vault-base}/pom.xml          |  27 +-
 .../vault/VaultAuthenticationProvider.java         |  77 ++++
 .../vault/VaultAuthenticationProviderModule.java   |  99 ++++
 .../vault/conf/VaultConfigurationService.java      | 190 ++++++++
 .../vault/secret/CachedVaultSecretService.java     | 200 ++++++++
 .../guacamole/vault/secret/VaultSecretService.java | 105 +++++
 .../guacamole/vault/user/VaultUserContext.java     | 406 ++++++++++++++++
 .../vault/user/VaultUserContextFactory.java        |  23 +-
 .../src/main/resources/translations/en.json        |   7 +
 .../modules/guacamole-vault-dist}/.ratignore       |   0
 .../modules/guacamole-vault-dist}/pom.xml          |  33 +-
 .../src/main/assembly/dist.xml                     |  33 +-
 .../modules/guacamole-vault-ksm}/.ratignore        |   0
 .../modules/guacamole-vault-ksm}/pom.xml           |  72 +--
 .../vault/ksm/KsmAuthenticationProvider.java}      |  25 +-
 .../vault/ksm/KsmAuthenticationProviderModule.java |  58 +++
 .../vault/ksm/conf/KsmConfigProperty.java          |  25 +-
 .../vault/ksm/conf/KsmConfigurationService.java    | 126 +++++
 .../guacamole/vault/ksm/secret/KsmClient.java      | 478 +++++++++++++++++++
 .../vault/ksm/secret/KsmRecordService.java         | 511 +++++++++++++++++++++
 .../vault/ksm/secret/KsmSecretService.java         | 157 +++++++
 .../src/main/resources/guac-manifest.json          |  16 +
 .../pom.xml                                        |  16 +-
 extensions/pom.xml                                 |   3 +
 .../net/auth/TokenInjectingConnection.java         |  54 ++-
 .../net/auth/TokenInjectingConnectionGroup.java    |  55 ++-
 .../net/auth/TokenInjectingUserContext.java        |  96 +++-
 .../token/GuacamoleTokenUndefinedException.java    |  96 ++++
 .../org/apache/guacamole/token/TokenFilter.java    | 118 ++++-
 pom.xml                                            |   2 +-
 48 files changed, 3039 insertions(+), 153 deletions(-)
 copy doc/licenses/{pickr-1.8.2 => bouncycastle-fips-1.0.2.1}/LICENSE (58%)
 create mode 100644 doc/licenses/bouncycastle-fips-1.0.2.1/README
 create mode 100644 doc/licenses/bouncycastle-fips-1.0.2.1/dep-coordinates.txt
 create mode 100644 doc/licenses/jetbrains-annotations-13.0/README
 create mode 100644 doc/licenses/jetbrains-annotations-13.0/dep-coordinates.txt
 create mode 100644 doc/licenses/kotlin-1.5.30/NOTICE.txt
 create mode 100644 doc/licenses/kotlin-1.5.30/README
 create mode 100644 doc/licenses/kotlin-1.5.30/dep-coordinates.txt
 create mode 100644 doc/licenses/kotlinx-serialization-1.2.1/NOTICE.txt
 create mode 100644 doc/licenses/kotlinx-serialization-1.2.1/README
 create mode 100644 doc/licenses/kotlinx-serialization-1.2.1/dep-coordinates.txt
 copy doc/licenses/{datalist-polyfill-1.24.4 => ksm-sdk-16.2.1}/LICENSE (96%)
 create mode 100644 doc/licenses/ksm-sdk-16.2.1/README
 create mode 100644 doc/licenses/ksm-sdk-16.2.1/dep-coordinates.txt
 create mode 100644 doc/licenses/snakeyaml-1.27/README
 create mode 100644 doc/licenses/snakeyaml-1.27/dep-coordinates.txt
 copy {guacamole-ext => extensions/guacamole-vault}/.ratignore (100%)
 copy {guacamole-ext => 
extensions/guacamole-vault/modules/guacamole-vault-base}/.ratignore (100%)
 copy extensions/{guacamole-auth-sso/modules/guacamole-auth-sso-base => 
guacamole-vault/modules/guacamole-vault-base}/pom.xml (70%)
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-base/src/main/java/org/apache/guacamole/vault/VaultAuthenticationProvider.java
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-base/src/main/java/org/apache/guacamole/vault/VaultAuthenticationProviderModule.java
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-base/src/main/java/org/apache/guacamole/vault/conf/VaultConfigurationService.java
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-base/src/main/java/org/apache/guacamole/vault/secret/CachedVaultSecretService.java
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-base/src/main/java/org/apache/guacamole/vault/secret/VaultSecretService.java
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-base/src/main/java/org/apache/guacamole/vault/user/VaultUserContext.java
 copy 
guacamole/src/main/java/org/apache/guacamole/rest/session/UserContextResourceFactory.java
 => 
extensions/guacamole-vault/modules/guacamole-vault-base/src/main/java/org/apache/guacamole/vault/user/VaultUserContextFactory.java
 (54%)
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-base/src/main/resources/translations/en.json
 copy {guacamole-ext => 
extensions/guacamole-vault/modules/guacamole-vault-dist}/.ratignore (100%)
 copy extensions/{guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql => 
guacamole-vault/modules/guacamole-vault-dist}/pom.xml (69%)
 copy extensions/{guacamole-auth-header => 
guacamole-vault/modules/guacamole-vault-dist}/src/main/assembly/dist.xml (76%)
 copy {guacamole-ext => 
extensions/guacamole-vault/modules/guacamole-vault-ksm}/.ratignore (100%)
 copy extensions/{guacamole-auth-sso/modules/guacamole-auth-sso-saml => 
guacamole-vault/modules/guacamole-vault-ksm}/pom.xml (56%)
 copy 
extensions/{guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/org/apache/guacamole/auth/mysql/MySQLAuthenticationProvider.java
 => 
guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/KsmAuthenticationProvider.java}
 (55%)
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/KsmAuthenticationProviderModule.java
 copy 
guacamole-ext/src/main/java/org/apache/guacamole/properties/ByteArrayProperty.java
 => 
extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/conf/KsmConfigProperty.java
 (56%)
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/conf/KsmConfigurationService.java
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmClient.java
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmRecordService.java
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmSecretService.java
 create mode 100644 
extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/resources/guac-manifest.json
 copy extensions/{guacamole-auth-jdbc => guacamole-vault}/pom.xml (80%)
 create mode 100644 
guacamole-ext/src/main/java/org/apache/guacamole/token/GuacamoleTokenUndefinedException.java

[guacamole-client] branch master updated (27ae3c7 -> a0d8a7a)

Reply via email to