1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
<?php
/*
Tiny Tiny RSS plugin for RADIUS authentication
@author alsvartr ([email protected])
@copyright GPL2
Requires php radius class (comes with plugin)
Put the following options in config.php:
define('RADIUS_AUTH_SERVER', 'radius_server_address');
define('RADIUS_AUTH_SECRET', 'radius_shared_secret');
Optional:
//Default: 1812
define('RADIUS_AUTH_PORT', radius_auth_port);
*/
class Auth_Radius extends Plugin implements IAuthModule {
private $link;
private $host;
private $base;
private $debug;
function about() {
return array(0.1,
"Authenticates against an RADIUS server (configured in config.php)",
"alsvartr",
true);
}
function init($host) {
$this->link = $host->get_link();
$this->host = $host;
$this->base = new Auth_Base($this->link);
$this->debug = FALSE;
$host->add_hook($host::HOOK_AUTH_USER, $this);
}
private function _log($msg) {
if ($this->debug) trigger_error($msg, E_USER_WARNING);
}
function authenticate($login, $password) {
if (!require_once('php-radius/radius.php')) {
$this->_log('Cannot require radius class files!');
return FALSE;
}
if ($login && $password) {
if ( (!defined('RADIUS_AUTH_SERVER')) OR (!defined('RADIUS_AUTH_SECRET')) ) {
$this->_log('Could not parse RADIUS_AUTH_ options from config.php!');
return FALSE;
} elseif (!defined('RADIUS_AUTH_PORT'))
define('RADIUS_AUTH_PORT', 1812);
$radius = new Radius(RADIUS_AUTH_SERVER, RADIUS_AUTH_SECRET, '', 5, RADIUS_AUTH_PORT);
$radius->SetNasIpAddress('1.2.3.4');
$auth = $radius->AccessRequest($login, $password);
if ($auth)
return $this->base->auto_create_user($login);
else {
$this->_log('Radius authentication rejected!');
return FALSE;
}
}
return FALSE;
}
}
?>
|
