in sources/Google.Solutions.IapDesktop.Extensions.Session/Settings/ConnectionSettings.cs [56:307]
public ConnectionSettings(
ComputeEngineLocator resource,
ISettingsStore store)
{
this.Resource = resource.ExpectNotNull(nameof(resource));
//
// RDP Settings.
//
this.RdpUsername = store.Read<string?>(
"Username",
"Username",
"Username of a local user, SAM account name of a domain user, or UPN (user@domain).",
Categories.WindowsCredentials,
null,
_ => true);
this.RdpPassword = store.Read<SecureString?>(
"Password",
"Password",
"Windows logon password.",
Categories.WindowsCredentials,
null);
this.RdpDomain = store.Read<string?>(
"Domain",
"Domain",
"NetBIOS domain name or computer name. Leave blank when using UPN as username.",
Categories.WindowsCredentials,
null,
_ => true);
this.RdpConnectionBar = store.Read<RdpConnectionBarState>(
"ConnectionBar",
"Connection bar",
"Show connection bar in full-screen mode.",
Categories.RdpDisplay,
RdpConnectionBarState._Default);
this.RdpAuthenticationLevel = store.Read<RdpAuthenticationLevel>(
"AuthenticationLevel",
null,
null,
null,
Protocol.Rdp.RdpAuthenticationLevel._Default);
this.RdpColorDepth = store.Read<RdpColorDepth>(
"ColorDepth",
"Color depth",
"Color depth of remote desktop.",
Categories.RdpDisplay,
Protocol.Rdp.RdpColorDepth._Default);
this.RdpAudioPlayback = store.Read<RdpAudioPlayback>(
"AudioMode",
"Audio playback",
"Select where to play audio.",
Categories.RdpResources,
Protocol.Rdp.RdpAudioPlayback._Default);
this.RdpAudioInput = store.Read<RdpAudioInput>(
"RdpAudioInput",
"Microphone",
"Share default input device so that you can use it on the remote VM.",
Categories.RdpResources,
Protocol.Rdp.RdpAudioInput._Default);
this.RdpAutomaticLogon = store.Read<RdpAutomaticLogon>(
"RdpUserAuthenticationBehavior",
"Automatic logon",
"Log on automatically using saved credentials if possible. Disable if the VM " +
"is configured to always prompt for passwords upon connection (a server-side " +
"group policy)",
Categories.RdpSecurity,
//
// Adjust default based on local RDP policy. If the local policy
// disables saving, then there's a good chance that VMs might be
// configured to do the same.
//
// We don't treat this as a policy though, so users can change
// the setting.
//
LocalRdpPolicy.IsPasswordSavingDisabled
? Protocol.Rdp.RdpAutomaticLogon.Disabled
: Protocol.Rdp.RdpAutomaticLogon._Default);
this.RdpNetworkLevelAuthentication = store.Read<RdpNetworkLevelAuthentication>(
"NetworkLevelAuthentication",
"Network level authentication",
"Secure connection using network level authentication (NLA). " +
"Disable NLA only if the VM uses a custom credential service provider." +
"Disabling NLA automatically enables server authentication.",
Categories.RdpSecurity,
Protocol.Rdp.RdpNetworkLevelAuthentication._Default);
this.RdpConnectionTimeout = store.Read<int>(
"ConnectionTimeout",
"Connection timeout",
"Timeout for establishing a Remote Desktop connection, in seconds. " +
"Use a timeout that allows sufficient time for credential prompts.",
Categories.RdpConnection,
(int)RdpParameters.DefaultConnectionTimeout.TotalSeconds,
Predicate.InRange(0, 300));
this.RdpPort = store.Read<int>(
"RdpPort",
"Server port",
"Server port.",
Categories.RdpConnection,
RdpParameters.DefaultPort,
Predicate.InRange(1, ushort.MaxValue));
this.RdpTransport = store.Read<SessionTransportType>(
"TransportType",
"Connect via",
$"Type of transport. Use {SessionTransportType.IapTunnel} unless " +
"you need to connect to a VM's internal IP address via " +
"Cloud VPN or Interconnect.",
Categories.RdpConnection,
SessionTransportType._Default);
this.RdpRedirectClipboard = store.Read<RdpRedirectClipboard>(
"RedirectClipboard",
"Clipboard",
"Share clipboard contents between your local computer and the remote VM.",
Categories.RdpResources,
Protocol.Rdp.RdpRedirectClipboard._Default);
this.RdpRedirectPrinter = store.Read<RdpRedirectPrinter>(
"RdpRedirectPrinter",
"Printers",
"Share local printers so that you can use them on the remote VM.",
Categories.RdpResources,
Protocol.Rdp.RdpRedirectPrinter._Default);
this.RdpRedirectSmartCard = store.Read<RdpRedirectSmartCard>(
"RdpRedirectSmartCard",
"Smart cards",
"Share smart cards so that you can use them on the remote VM.",
Categories.RdpResources,
Protocol.Rdp.RdpRedirectSmartCard._Default);
this.RdpRedirectPort = store.Read<RdpRedirectPort>(
"RdpRedirectPort",
"Local ports",
"Share local ports (COM, LPT) so that you can access them on the remote VM.",
Categories.RdpResources,
Protocol.Rdp.RdpRedirectPort._Default);
this.RdpRedirectDrive = store.Read<RdpRedirectDrive>(
"RdpRedirectDrive",
"Drives",
"Share local drives so that you can access them on the remote VM.",
Categories.RdpResources,
Protocol.Rdp.RdpRedirectDrive._Default);
this.RdpRedirectDevice = store.Read<RdpRedirectDevice>(
"RdpRedirectDevice",
"Plug and Play devices",
"Share local Plug and Play devices so that you can use them on the remote VM.",
Categories.RdpResources,
Protocol.Rdp.RdpRedirectDevice._Default);
this.RdpRedirectWebAuthn = store.Read<RdpRedirectWebAuthn>(
"RdpRedirectWebAuthn",
"WebAuthn authenticators",
"Share WebAuthn authenticators and Windows Hello devices so that you can use WebAuthn on the remote VM.",
Categories.RdpResources,
Protocol.Rdp.RdpRedirectWebAuthn._Default);
this.RdpHookWindowsKeys = store.Read<RdpHookWindowsKeys>(
"RdpHookWindowsKeys",
"Windows shortcuts",
"Redirect Windows shortcuts (like Win+R) to the remote VM.",
Categories.RdpResources,
Protocol.Rdp.RdpHookWindowsKeys._Default);
this.RdpRestrictedAdminMode = store.Read<RdpRestrictedAdminMode>(
"RdpRestrictedAdminMode",
"Restricted Admin mode",
"Disable the transmission of reusable credentials to the VM. This mode requires " +
"a user account with local administrator privileges on the VM, and the " +
"VM must be configured to permit Restricted Admin mode.",
Categories.RdpSecurity,
Protocol.Rdp.RdpRestrictedAdminMode._Default);
this.RdpSessionType = store.Read<RdpSessionType>(
"RdpSessionType",
"Session type",
"Type of RDP session. Use an Admin session to administer an RDS server without " +
"consuming a CAL, otherwise use a User session.",
Categories.RdpSecurity,
Protocol.Rdp.RdpSessionType._Default);
this.RdpDpiScaling = store.Read<RdpDpiScaling>(
"RdpDpiScaling",
"Display scaling",
"Scale remote display to match local scaling settings.",
Categories.RdpDisplay,
Protocol.Rdp.RdpDpiScaling._Default);
this.RdpDesktopSize = store.Read<RdpDesktopSize>(
"DesktopSize",
"Display resolution",
"Display resolution of remote desktop.",
Categories.RdpDisplay,
Protocol.Rdp.RdpDesktopSize._Default);
//
// SSH Settings.
//
this.SshPort = store.Read<int>(
"SshPort",
"Server port",
"Server port",
Categories.SshConnection,
SshParameters.DefaultPort,
Predicate.InRange(1, ushort.MaxValue));
this.SshTransport = store.Read<SessionTransportType>(
"TransportType",
"Connect via",
$"Type of transport. Use {SessionTransportType.IapTunnel} unless " +
"you need to connect to a VM's internal IP address via " +
"Cloud VPN or Interconnect.",
Categories.SshConnection,
SessionTransportType._Default);
this.SshPublicKeyAuthentication = store.Read<SshPublicKeyAuthentication>(
"SshPublicKeyAuthentication",
"Public key authentication",
"Automatically create an SSH key pair and publish it using OS Login or metadata keys.",
Categories.SshCredentials,
Protocol.Ssh.SshPublicKeyAuthentication._Default);
this.SshUsername = store.Read<string?>(
"SshUsername",
"Username",
"Linux username, optional",
Categories.SshCredentials,
null,
username => username == null ||
string.IsNullOrEmpty(username) ||
LinuxUser.IsValidUsername(username));
this.SshPassword = store.Read<SecureString?>(
"SshPassword",
"Password",
"Password, only applicable if public key authentication is disabled",
Categories.SshCredentials,
null);
this.SshConnectionTimeout = store.Read<int>(
"SshConnectionTimeout",
"Connection timeout",
"Timeout for establishing SSH connections, in seconds.",
Categories.SshConnection,
(int)SshParameters.DefaultConnectionTimeout.TotalSeconds,
Predicate.InRange(0, 300));
//
// App Settings.
//
this.AppUsername = store.Read<string?>(
"AppUsername",
null, // Hidden.
null, // Hidden.
null, // Hidden.
null,
username => string.IsNullOrEmpty(username) || !username.Contains(' '));
this.AppNetworkLevelAuthentication = store.Read<AppNetworkLevelAuthenticationState>(
"AppNetworkLevelAuthentication",
"Windows authentication",
"Use Windows authentication for SQL Server connections.",
Categories.AppCredentials,
AppNetworkLevelAuthenticationState._Default);
Debug.Assert(this.Settings.All(s => s != null));
}