5e76909881
This change enables an alternative way of acquiring the necessary access tokens through a local identity broker. In the current implementation, we need to visit URLs twice and paste back the URLs we are redirected to in order to extract authorization codes and ultimately fetch the correct access tokens for RDP (described here: <0>). As an alternative, MS also provides the Microsoft Authentication Library (MSAL) through which authentication can be handled more or less in the background when we're using a trusted device. In particular, we can request access tokens with the same parameters as we're currently doing through the URL-based scheme. As the MSAL bindings are not available for C, we implemented a small wrapper library called sso-mib which is available at https://github.com/siemens/sso-mib. This library translates the high-level requests (such as acquire_token_interactive) to respective messages on the D-Bus messaging bus which is used to communicate with the identity broker service on Linux. The library can be built as a .deb package and subsequently be found through PkgConfig mechanisms in CMake. When sso-mib is not available through pkg-config, it can also be placed in external/, with the directory structure looking like the following. include/ is copied from the root of the sso-mib directory and lib/ populated with the built shared library files and symlinks. external/ ├── README └── sso-mib ├── include │ └── sso-mib │ ├── mib-account.h │ ├── mib-client-app.h │ ├── mib-exports.h │ ├── mib-pop-params.h │ ├── mib-prt.h │ ├── mib-prt-sso-cookie.h │ └── sso-mib.h └── lib ├── libsso-mib.so -> libsso-mib.so.0 ├── libsso-mib.so.0 -> libsso-mib.so.0.4.0 └── libsso-mib.so.0.4.0 This feature is currently hidden behind a configuration switch and must be enabled via `-DWITH_SSO_MIB=ON`. If the connection to the broker fails (for example, if no identity broker is installed or running on the system), we automatically fall back to the current scheme of copy-pasting URLs. <0>: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/e967ebeb-9e9f-443e-857a-5208802943c2
FreeRDP: A Remote Desktop Protocol Implementation
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Enjoy the freedom of using your software wherever you want, the way you want it, in a world where interoperability can finally liberate your computing experience.
Code Quality Status
![[arm,ppc,ricsv] architecture builds](https://github.com/FreeRDP/FreeRDP/actions/workflows/alt-architectures.yml/badge.svg){kind=icon}
![[freebsd] architecture builds](https://github.com/FreeRDP/FreeRDP/actions/workflows/freebsd.yml/badge.svg){kind=icon}
Resources
Project website: https://www.freerdp.com/
Issue tracker: https://github.com/FreeRDP/FreeRDP/issues
Sources: https://github.com/FreeRDP/FreeRDP/
Downloads: https://pub.freerdp.com/releases/
Wiki: https://github.com/FreeRDP/FreeRDP/wiki
API documentation: https://pub.freerdp.com/api/
Security policy: https://github.com/FreeRDP/FreeRDP/security/policy
FAQ: https://github.com/FreeRDP/FreeRDP/wiki/FAQ
Contact
- Matrix room :
#FreeRDP:matrix.org(main)XMPP channel:no longer available#FreeRDP#matrix.org@matrix.org(bridged)- IRC channel :
#freerdp @ irc.oftc.net(bridged)
- Mailing list: https://lists.sourceforge.net/lists/listinfo/freerdp-devel
Microsoft Open Specifications
Information regarding the Microsoft Open Specifications can be found at: https://www.microsoft.com/openspecifications/
A list of reference documentation is maintained here: https://github.com/FreeRDP/FreeRDP/wiki/Reference-Documentation
Compilation
Instructions on how to get started compiling FreeRDP can be found on the wiki: https://github.com/FreeRDP/FreeRDP/wiki/Compilation