[GitHub] guacamole-client pull request #351: GUACAMOLE-683: Add OpenID support in Doc...
Github user krisss85 commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/351#discussion_r247323482 --- Diff: guacamole-docker/bin/start.sh --- @@ -404,6 +404,42 @@ END ln -s /opt/guacamole/radius/guacamole-auth-*.jar "$GUACAMOLE_EXT" } +## Adds properties to guacamole.properties which select the OPENID +## authentication provider, and configure it to connect to the specified OPENID +## provider. +## +associate_openid() { + +# Verify required parameters are present +if [ -z "$OPENID_AUTHORIZATION_ENDPOINT" ] || \ + [ -z "$OPENID_JWKS_ENDPOINT" ] || \ + [ -z "$OPENID_ISSUER" ] || \ + [ -z "$OPENID_CLIENT_ID" ] || \ + [ -z "$OPENID_REDIRECT_URI" ] +then +cat <
[GitHub] guacamole-client pull request #351: GUACAMOLE-683: Add OpenID support in Doc...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/351#discussion_r247040348 --- Diff: guacamole-docker/bin/start.sh --- @@ -404,6 +404,42 @@ END ln -s /opt/guacamole/radius/guacamole-auth-*.jar "$GUACAMOLE_EXT" } +## Adds properties to guacamole.properties which select the OPENID +## authentication provider, and configure it to connect to the specified OPENID +## provider. +## +associate_openid() { + +# Verify required parameters are present +if [ -z "$OPENID_AUTHORIZATION_ENDPOINT" ] || \ + [ -z "$OPENID_JWKS_ENDPOINT" ] || \ + [ -z "$OPENID_ISSUER" ] || \ + [ -z "$OPENID_CLIENT_ID" ] || \ + [ -z "$OPENID_REDIRECT_URI" ] +then +cat
[GitHub] guacamole-client pull request #351: GUACAMOLE-683: Add OpenID support in Doc...
Github user krisss85 commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/351#discussion_r244620966 --- Diff: guacamole-docker/bin/start.sh --- @@ -404,6 +404,37 @@ END ln -s /opt/guacamole/radius/guacamole-auth-*.jar "$GUACAMOLE_EXT" } +## Adds properties to guacamole.properties which select the OPENID +## authentication provider, and configure it to connect to the specified OPENID +## provider. +## +associate_openid() { + +# Verify required parameters are present +if [ -z "$OPENID_AUTHORIZATION_ENDPOINT" -o -z "$OPENID_CLIENT_ID" ]; then --- End diff -- makes sense indeed, pushed the changes ---
[GitHub] guacamole-client pull request #351: GUACAMOLE-683: Add OpenID support in Doc...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/351#discussion_r244603234 --- Diff: guacamole-docker/bin/start.sh --- @@ -404,6 +404,37 @@ END ln -s /opt/guacamole/radius/guacamole-auth-*.jar "$GUACAMOLE_EXT" } +## Adds properties to guacamole.properties which select the OPENID +## authentication provider, and configure it to connect to the specified OPENID +## provider. +## +associate_openid() { + +# Verify required parameters are present +if [ -z "$OPENID_AUTHORIZATION_ENDPOINT" -o -z "$OPENID_CLIENT_ID" ]; then --- End diff -- According to the OpenID documentation (http://guacamole.apache.org/doc/gug/openid-auth.html), the following parameters are required: - openid-authorization-endpoint - openid-jwks-endpoint - openid-issuer - openid-client-id - openid-redirect-uri Seems like we should probably check for all of these as required, here, and not just the authorization endpoint and client ID? ---
[GitHub] guacamole-client pull request #351: GUACAMOLE-683: Add OpenID support in Doc...
Github user krisss85 commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/351#discussion_r244557042 --- Diff: guacamole-docker/bin/build-guacamole.sh --- @@ -126,3 +126,15 @@ if [ -f extensions/guacamole-auth-radius/target/guacamole-auth-radius*.jar ]; th mkdir -p "$DESTINATION/radius" cp extensions/guacamole-auth-radius/target/guacamole-auth-radius*.jar "$DESTINATION/radius" fi + +# Copy OPENID auth extension and schema modifications +# + +mkdir -p "$DESTINATION/openid" +tar -xzf extensions/guacamole-auth-openid/target/*.tar.gz \ --- End diff -- @necouchman Thx for checking. You are right. It doesn't make sense to complicate it here and just copy the jar file. ---