@Override public <Type> Type getProperty(GuacamoleProperty<Type> property, Type defaultValue) throws GuacamoleException { Type value = getProperty(property); if (value == null) return defaultValue; return value; }
/** * Returns the human-readable name of the entity issuing user accounts. If * not specified, "Apache Guacamole" will be used by default. * * @return * The human-readable name of the entity issuing user accounts. * * @throws GuacamoleException * If the "totp-issuer" property cannot be read from * guacamole.properties. */ public String getIssuer() throws GuacamoleException { return environment.getProperty(TOTP_ISSUER, "Apache Guacamole"); }
/** * Returns the secret key received from Duo for verifying Guacamole users, * as defined in guacamole.properties by the "duo-secret-key" property. This * value MUST be exactly 20 characters. * * @return * The secret key received from Duo for verifying Guacamole users. * * @throws GuacamoleException * If the associated property within guacamole.properties is missing. */ public String getSecretKey() throws GuacamoleException { return environment.getRequiredProperty(DUO_SECRET_KEY); }
/** * Creates a new OpenID authentication provider module which configures * injection for the OpenIDAuthenticationProvider. * * @param authProvider * The AuthenticationProvider for which injection is being configured. * * @throws GuacamoleException * If an error occurs while retrieving the Guacamole server * environment. */ public OpenIDAuthenticationProviderModule(AuthenticationProvider authProvider) throws GuacamoleException { // Get local environment this.environment = new LocalEnvironment(); // Store associated auth provider this.authProvider = authProvider; }
/** * Returns the hash algorithm that should be used to generate TOTP codes. If * not specified, SHA1 will be used by default. * * @return * The hash algorithm that should be used to generate TOTP codes. * * @throws GuacamoleException * If the "totp-mode" property cannot be read from * guacamole.properties. */ public TOTPGenerator.Mode getMode() throws GuacamoleException { return environment.getProperty(TOTP_MODE, TOTPGenerator.Mode.SHA1); }
/** * Returns the integration key received from Duo for verifying Guacamole * users, as defined in guacamole.properties by the "duo-integration-key" * property. This value MUST be exactly 20 characters. * * @return * The integration key received from Duo for verifying Guacamole * users. * * @throws GuacamoleException * If the associated property within guacamole.properties is missing. */ public String getIntegrationKey() throws GuacamoleException { return environment.getRequiredProperty(DUO_INTEGRATION_KEY); }
/** * Creates a new Duo authentication provider module which configures * injection for the DuoAuthenticationProvider. * * @param authProvider * The AuthenticationProvider for which injection is being configured. * * @throws GuacamoleException * If an error occurs while retrieving the Guacamole server * environment. */ public DuoAuthenticationProviderModule(AuthenticationProvider authProvider) throws GuacamoleException { // Get local environment this.environment = new LocalEnvironment(); // Store associated auth provider this.authProvider = authProvider; }
/** * Returns the claim type which contains the authenticated user's username * within any valid JWT, as configured with guacamole.properties. By * default, this will be "email". * * @return * The claim type which contains the authenticated user's username * within any valid JWT, as configured with guacamole.properties. * * @throws GuacamoleException * If guacamole.properties cannot be parsed. */ public String getUsernameClaimType() throws GuacamoleException { return environment.getProperty(OPENID_USERNAME_CLAIM_TYPE, DEFAULT_USERNAME_CLAIM_TYPE); }
/** * Returns the authorization endpoint (URI) of the OpenID service as * configured with guacamole.properties. * * @return * The authorization endpoint of the OpenID service, as configured with * guacamole.properties. * * @throws GuacamoleException * If guacamole.properties cannot be parsed, or if the authorization * endpoint property is missing. */ public String getAuthorizationEndpoint() throws GuacamoleException { return environment.getRequiredProperty(OPENID_AUTHORIZATION_ENDPOINT); }
/** * Returns the duration that each generated code should remain valid, in * seconds. If not specified, 30 will be used by default. * * @return * The duration that each generated code should remain valid, in * seconds. * * @throws GuacamoleException * If the "totp-period" property cannot be read from * guacamole.properties. */ public int getPeriod() throws GuacamoleException { return environment.getProperty(TOTP_PERIOD, 30); }
/** * Returns the issuer to expect for all received ID tokens, as configured * with guacamole.properties. * * @return * The issuer to expect for all received ID tokens, as configured with * guacamole.properties. * * @throws GuacamoleException * If guacamole.properties cannot be parsed, or if the issuer property * is missing. */ public String getIssuer() throws GuacamoleException { return environment.getRequiredProperty(OPENID_ISSUER); }
/** * Returns the amount of clock skew tolerated for timestamp comparisons * between the Guacamole server and OpenID service clocks, in seconds. Too * much clock skew will affect token expiration calculations, possibly * allowing old tokens to be used. By default, this will be 30. * * @return * The amount of clock skew tolerated for timestamp comparisons, in * seconds. * * @throws GuacamoleException * If guacamole.properties cannot be parsed. */ public int getAllowedClockSkew() throws GuacamoleException { return environment.getProperty(OPENID_ALLOWED_CLOCK_SKEW, DEFAULT_ALLOWED_CLOCK_SKEW); }
/** * Returns the arbitrary random key which was generated for Guacamole, as * defined in guacamole.properties by the "duo-application-key" property. * Note that this value is not provided by Duo, but is expected to be * generated by the administrator of the system hosting Guacamole. This * value MUST be at least 40 characters. * * @return * The arbitrary random key which was generated for Guacamole. * * @throws GuacamoleException * If the associated property within guacamole.properties is missing. */ public String getApplicationKey() throws GuacamoleException { return environment.getRequiredProperty(DUO_APPLICATION_KEY); }
/** * Returns the space-separated list of OpenID scopes to request. By default, * this will be "openid email profile". The OpenID scopes determine the * information returned within the OpenID token, and thus affect what * values can be used as an authenticated user's username. * * @return * The space-separated list of OpenID scopes to request when identifying * a user. * * @throws GuacamoleException * If guacamole.properties cannot be parsed. */ public String getScope() throws GuacamoleException { return environment.getProperty(OPENID_SCOPE, DEFAULT_SCOPE); }
/** * Returns the hostname of the Duo API endpoint to be used to verify user * identities, as defined in guacamole.properties by the "duo-api-hostname" * property. This will usually be in the form * "api-XXXXXXXX.duosecurity.com", where "XXXXXXXX" is some arbitrary * alphanumeric value assigned by Duo and specific to your organization. * * @return * The hostname of the Duo API endpoint to be used to verify user * identities. * * @throws GuacamoleException * If the associated property within guacamole.properties is missing. */ public String getAPIHostname() throws GuacamoleException { return environment.getRequiredProperty(DUO_API_HOSTNAME); }
/** * Returns the maximum amount of time that an OpenID token should remain * valid, in minutes. A token received from an OpenID service which is * older than this amount of time will be rejected, even if it is otherwise * valid. By default, this will be 300 (5 hours). * * @return * The maximum amount of time that an OpenID token should remain valid, * in minutes. * * @throws GuacamoleException * If guacamole.properties cannot be parsed. */ public int getMaxTokenValidity() throws GuacamoleException { return environment.getProperty(OPENID_MAX_TOKEN_VALIDITY, DEFAULT_MAX_TOKEN_VALIDITY); }
/** * Returns the OpenID client ID which should be submitted to the OpenID * service when necessary, as configured with guacamole.properties. This * value is typically provided by the OpenID service when OpenID credentials * are generated for your application. * * @return * The client ID to use when communicating with the OpenID service, * as configured with guacamole.properties. * * @throws GuacamoleException * If guacamole.properties cannot be parsed, or if the client ID * property is missing. */ public String getClientID() throws GuacamoleException { return environment.getRequiredProperty(OPENID_CLIENT_ID); }
/** * Returns the maximum amount of time that a nonce generated by the * Guacamole server should remain valid, in minutes. As each OpenID request * has a unique nonce value, this imposes an upper limit on the amount of * time any particular OpenID request can result in successful * authentication within Guacamole. By default, this will be 10. * * @return * The maximum amount of time that a nonce generated by the Guacamole * server should remain valid, in minutes. * * @throws GuacamoleException * If guacamole.properties cannot be parsed. */ public int getMaxNonceValidity() throws GuacamoleException { return environment.getProperty(OPENID_MAX_NONCE_VALIDITY, DEFAULT_MAX_NONCE_VALIDITY); }
/** * Returns the URI that the OpenID service should redirect to after * the authentication process is complete, as configured with * guacamole.properties. This must be the full URL that a user would enter * into their browser to access Guacamole. * * @return * The client secret to use when communicating with the OpenID service, * as configured with guacamole.properties. * * @throws GuacamoleException * If guacamole.properties cannot be parsed, or if the redirect URI * property is missing. */ public String getRedirectURI() throws GuacamoleException { return environment.getRequiredProperty(OPENID_REDIRECT_URI); }
/** * Returns the endpoint (URI) of the JWKS service which defines how * received ID tokens (JWTs) shall be validated, as configured with * guacamole.properties. * * @return * The endpoint (URI) of the JWKS service which defines how received ID * tokens (JWTs) shall be validated, as configured with * guacamole.properties. * * @throws GuacamoleException * If guacamole.properties cannot be parsed, or if the JWKS endpoint * property is missing. */ public String getJWKSEndpoint() throws GuacamoleException { return environment.getRequiredProperty(OPENID_JWKS_ENDPOINT); }