Github user necouchman commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/254#discussion_r168859454
--- Diff:
extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/conf/ConfigurationService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.saml.conf;
+
+import com.google.inject.Inject;
+import com.onelogin.saml2.settings.Saml2Settings;
+import com.onelogin.saml2.settings.SettingsBuilder;
+import java.io.File;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.environment.Environment;
+import org.apache.guacamole.properties.FileGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+import org.apache.guacamole.properties.UrlGuacamoleProperty;
+
+/**
+ * Service for retrieving configuration information regarding the SAML
+ * authentication module.
+ */
+public class ConfigurationService {
+
+ /**
+ * The file containing the XML Metadata associated with the SAML IdP.
+ */
+ private static final FileGuacamoleProperty SAML_IDP_METADATA =
+ new FileGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "saml-idp-metadata"; }
+
+ };
+
+ /**
+ * The URL of the SAML IdP.
+ */
+ private static final UrlGuacamoleProperty SAML_IDP_URL =
+ new UrlGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "saml-idp-url"; }
+
+ };
+
+ /**
+ * The identifier for this SAML client. The default is
+ * "Apache Guacamole"
+ */
+ private static final StringGuacamoleProperty SAML_ENTITY_ID =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "saml-entity-id"; }
+
+ };
+
+ /**
+ * The callback URL to use for SAML IdP, normally the base
+ * of the Guacamole install.
+ */
+ private static final UrlGuacamoleProperty SAML_CALLBACK_URL =
+ new UrlGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "saml-callback-url"; }
+
+ };
+
+ /**
+ * The single logout redirect URL.
+ */
+ private static final UrlGuacamoleProperty SAML_LOGOUT_URL =
+ new UrlGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "saml-logout-url"; }
+
+ };
+
+ /**
+ * The Guacamole server environment.
+ */
+ @Inject
+ private Environment environment;
+
+ /**
+ * Returns the client ID which should be submitted to the SAML IdP,
+ * as configured with guacamole.properties. The default value is
+ * "Apache Guacamole".
+ *
+ * @return
+ * The client ID to use when communicating with the SAML IdP,
+ * as configured with guacamole.properties, or the default
+ * of "Apache Guacamole" if not specified.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed, or if the client ID
+ * property is missing.
+ */
+ private String getEntityId() throws GuacamoleException {
+ return environment.getProperty(
+ SAML_ENTITY_ID,
+ "Apache Guacamole"
+ );
+ }
+
+ /**
+ * The file that contains the metadata that the SAML client should
+ * use to communicate with the SAML IdP. This is generated by the
+ * SAML IdP and should be uploaded to the system where the Guacamole
+ * client is running.
+ *
+ * @return
+ * The file containinging the metadata used by the SAML client
+ * when it communicates with the SAML IdP.
+ *
+ * @throws GuacamoleException
+ * If guacmaole.propeties cannot be parsed, or if the client
+ * metadata is missing.
+ */
+ private File getIdpMetadata() throws GuacamoleException {
+ return environment.getRequiredProperty(SAML_IDP_METADATA);
+ }
+
+ /**
+ * Retrieve the URL used to log in to the SAML IdP.
+ *
+ * @return
+ * The URL used to log in to the SAML IdP.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+ private URL getIdpUrl() throws GuacamoleException {
+ return environment.getProperty(
+ SAML_IDP_URL,
+ null
+ );
+ }
+
+ /**
+ * The callback URL used for the SAML IdP to POST a response
+ * to upon completion of authentication, normally the base
+ * of the Guacamole install.
+ *
+ * @return
+ * The callback URL to be sent to the SAML IdP that will
+ * be POSTed to upon completion of SAML authentication.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed, or if the
+ * callback parameter is missing.
+ */
+ public URL getCallbackUrl() throws GuacamoleException {
+ return environment.getRequiredProperty(SAML_CALLBACK_URL);
+ }
+
+ /**
+ * Return the URL used to log out from the SAML IdP.
+ *
+ * @return
+ * The URL used to log out from the SAML IdP.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+ private URL getLogoutUrl() throws GuacamoleException {
+ return environment.getProperty(
+ SAML_LOGOUT_URL,
+ null
+ );
+ }
+
+ /**
+ * Returns the collection of SAML settings used to
+ * initialize the client.
+ *
+ * @return
+ * The collection of SAML settings used to
+ * initalize the SAML client.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed or
+ * if parameters are missing.
+ */
+ public Saml2Settings getSamlSettings() throws GuacamoleException {
+
+ // Initialize and configure SAML client.
+ Map<String, Object> samlMap = new HashMap<String, Object>();
+ samlMap.put("onelogin.saml2.sp.entityid", getEntityId());
+ samlMap.put("onelogin.saml2.sp.assertion_consumer_service.url",
getCallbackUrl() + "/api/ext/saml/callback");
+ samlMap.put("onelogin.saml2.idp.entityid", getIdpUrl());
+ samlMap.put("onelogin.saml2.idp.single_sign_on_service.url",
getIdpUrl());
+ samlMap.put("onelogin.saml2.idp.single_sign_on_sevice.binding",
"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect");
--- End diff --
Not sure if I can use constants here??
---
