necouchman commented on code in PR #911:
URL: https://github.com/apache/guacamole-client/pull/911#discussion_r1385841920
##########
extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/UserVerificationService.java:
##########
@@ -71,10 +74,60 @@ public void verifyAuthenticatedUser(AuthenticatedUser
authenticatedUser)
// Pull the original HTTP request used to authenticate
Credentials credentials = authenticatedUser.getCredentials();
HttpServletRequest request = credentials.getRequest();
+ IPAddress clientAddr = new
IPAddressString(request.getRemoteAddr()).getAddress();
// Ignore anonymous users
if
(authenticatedUser.getIdentifier().equals(AuthenticatedUser.ANONYMOUS_IDENTIFIER))
return;
+
+ // We enforce by default
+ boolean enforceHost = true;
Review Comment:
> Isn't this almost exactly the same code as in
`UserVerificationService.java` below? Can you create a shared function?
When you say "below", do you mean the code common to checking both enforce
and bypass lists within this class, or were you talking about the code across
the classes (shared between Duo and TOTP)? I can certainly create some classes
within `guacamole-ext` that could be shared among these - and, honestly,
probably other - use-cases.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
