[GitHub] guacamole-client pull request #351: GUACAMOLE-683: Add OpenID support in Doc...
Github user krisss85 commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/351#discussion_r247323482
--- Diff: guacamole-docker/bin/start.sh ---
@@ -404,6 +404,42 @@ END
ln -s /opt/guacamole/radius/guacamole-auth-*.jar "$GUACAMOLE_EXT"
}
+## Adds properties to guacamole.properties which select the OPENID
+## authentication provider, and configure it to connect to the specified
OPENID
+## provider.
+##
+associate_openid() {
+
+# Verify required parameters are present
+if [ -z "$OPENID_AUTHORIZATION_ENDPOINT" ] || \
+ [ -z "$OPENID_JWKS_ENDPOINT" ] || \
+ [ -z "$OPENID_ISSUER" ] || \
+ [ -z "$OPENID_CLIENT_ID" ] || \
+ [ -z "$OPENID_REDIRECT_URI" ]
+then
+cat <
[GitHub] guacamole-client pull request #351: GUACAMOLE-683: Add OpenID support in Doc...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/351#discussion_r247040348
--- Diff: guacamole-docker/bin/start.sh ---
@@ -404,6 +404,42 @@ END
ln -s /opt/guacamole/radius/guacamole-auth-*.jar "$GUACAMOLE_EXT"
}
+## Adds properties to guacamole.properties which select the OPENID
+## authentication provider, and configure it to connect to the specified
OPENID
+## provider.
+##
+associate_openid() {
+
+# Verify required parameters are present
+if [ -z "$OPENID_AUTHORIZATION_ENDPOINT" ] || \
+ [ -z "$OPENID_JWKS_ENDPOINT" ] || \
+ [ -z "$OPENID_ISSUER" ] || \
+ [ -z "$OPENID_CLIENT_ID" ] || \
+ [ -z "$OPENID_REDIRECT_URI" ]
+then
+cat
[GitHub] guacamole-client pull request #351: GUACAMOLE-683: Add OpenID support in Doc...
Github user krisss85 commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/351#discussion_r244620966
--- Diff: guacamole-docker/bin/start.sh ---
@@ -404,6 +404,37 @@ END
ln -s /opt/guacamole/radius/guacamole-auth-*.jar "$GUACAMOLE_EXT"
}
+## Adds properties to guacamole.properties which select the OPENID
+## authentication provider, and configure it to connect to the specified
OPENID
+## provider.
+##
+associate_openid() {
+
+# Verify required parameters are present
+if [ -z "$OPENID_AUTHORIZATION_ENDPOINT" -o -z "$OPENID_CLIENT_ID" ];
then
--- End diff --
makes sense indeed, pushed the changes
---
[GitHub] guacamole-client pull request #351: GUACAMOLE-683: Add OpenID support in Doc...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/351#discussion_r244603234
--- Diff: guacamole-docker/bin/start.sh ---
@@ -404,6 +404,37 @@ END
ln -s /opt/guacamole/radius/guacamole-auth-*.jar "$GUACAMOLE_EXT"
}
+## Adds properties to guacamole.properties which select the OPENID
+## authentication provider, and configure it to connect to the specified
OPENID
+## provider.
+##
+associate_openid() {
+
+# Verify required parameters are present
+if [ -z "$OPENID_AUTHORIZATION_ENDPOINT" -o -z "$OPENID_CLIENT_ID" ];
then
--- End diff --
According to the OpenID documentation
(http://guacamole.apache.org/doc/gug/openid-auth.html), the following
parameters are required:
- openid-authorization-endpoint
- openid-jwks-endpoint
- openid-issuer
- openid-client-id
- openid-redirect-uri
Seems like we should probably check for all of these as required, here, and
not just the authorization endpoint and client ID?
---
[GitHub] guacamole-client pull request #351: GUACAMOLE-683: Add OpenID support in Doc...
Github user krisss85 commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/351#discussion_r244557042 --- Diff: guacamole-docker/bin/build-guacamole.sh --- @@ -126,3 +126,15 @@ if [ -f extensions/guacamole-auth-radius/target/guacamole-auth-radius*.jar ]; th mkdir -p "$DESTINATION/radius" cp extensions/guacamole-auth-radius/target/guacamole-auth-radius*.jar "$DESTINATION/radius" fi + +# Copy OPENID auth extension and schema modifications +# + +mkdir -p "$DESTINATION/openid" +tar -xzf extensions/guacamole-auth-openid/target/*.tar.gz \ --- End diff -- @necouchman Thx for checking. You are right. It doesn't make sense to complicate it here and just copy the jar file. ---
