It looks like the commits for
GUACAMOLE-364 introduced a regression in the behavior of modules that do not provide a UserContext. Building guacamole-client prior to the merge of these changes results in functional CAS and (WIP) RADIUS extensions; building after this commit results in issues with the client.
The REST API is expected to throw 404 errors at certain points when the client requests certain actions - for example, trying to get a user context from an extension that provides no user context. However, the changes introduced in -364 cause a 404 to occur at a different point in time, which adversely impacts the client.
Prior to -364, the POST to the api/tokens succeeds with a 200 response code, and a subsequent GET to api/session/data/cas/users/<username> fails with a 404 error.
After -364, the POST to api/tokens fails with a 404 response code and the error message "Session not associated with authentication provider cas."
More work to be done to figure out why the event listener changes are causing this change in behavior, but I suspect that some change within the new event listener code fails when userContext is null, and that is causing the POST to api/tokens to fail.