Merge pull request #1 from kasmtech/feature/KASM-3962_guac_cookie_aut…

…hentication KASM-3962 Refactor authentication to use an external callback instead…
kasmtech · Jun 22, 2023 · 82c6c8c · 82c6c8c
2 parents d2f4ce1 + 03ce854
commit 82c6c8c
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 46 deletions.
diff --git a/lib/ClientConnection.js b/lib/ClientConnection.js
@@ -3,11 +3,10 @@ const DeepExtend = require('deep-extend');
 const Moment = require('moment');
 
 const GuacdClient = require('./GuacdClient.js');
-const Crypt = require('./Crypt.js');
 
 class ClientConnection {
 
-    constructor(server, connectionId, webSocket) {
+    constructor(server, connectionId, connectionSettings, webSocket) {
         this.STATE_OPEN = 1;
         this.STATE_CLOSED = 2;
 
@@ -23,14 +22,11 @@ class ClientConnection {
         this.log(this.server.LOGLEVEL.VERBOSE, 'Client connection open');
 
         try {
-            this.connectionSettings = this.decryptToken();
-
+            this.connectionSettings = connectionSettings;
             this.connectionType = this.connectionSettings.connection.type;
-
             this.connectionSettings['connection'] = this.mergeConnectionOptions();
 
         } catch (error) {
-            this.log(this.server.LOGLEVEL.ERRORS, 'Token validation failed');
             this.close(error);
             return;
         }
@@ -56,15 +52,6 @@ class ClientConnection {
 
     }
 
-    decryptToken() {
-        const crypt = new Crypt(this.server);
-
-        const encrypted = this.query.token;
-        delete this.query.token;
-
-        return crypt.decrypt(encrypted);
-    }
-
     log(level, ...args) {
         if (level > this.server.clientOptions.log.level) {
             return;

diff --git a/lib/Crypt.js b/lib/Crypt.js
diff --git a/lib/Server.js b/lib/Server.js
@@ -146,9 +146,16 @@ class Server extends EventEmitter {
         });
     }
 
-    newConnection(webSocketConnection) {
+    async newConnection(connection) {
+        const connectionSettings = await this.callbacks.authorizeConnection(connection);
+
+        if (!connectionSettings) {
+            connection.close();
+            return;
+        }
+
         this.connectionsCount++;
-        this.activeConnections.set(this.connectionsCount, new ClientConnection(this, this.connectionsCount, webSocketConnection));
+        this.activeConnections.set(this.connectionsCount, new ClientConnection(this, this.connectionsCount, connectionSettings, connection));
     }
 }