plugins/auth_radius/init.php

   1 <?php
   2 /*
   3 Tiny Tiny RSS plugin for RADIUS authentication
   4 @author alsvartr (me@taughtbycats.ru)
   5 @copyright GPL2
   6
   7 Requires php radius class (comes with plugin)
   8 Put the following options in config.php:
   9
  10         define('RADIUS_AUTH_SERVER',    'radius_server_address');
  11         define('RADIUS_AUTH_SECRET',    'radius_shared_secret');
  12
  13 Optional:
  14
  15         //Default: 1812
  16         define('RADIUS_AUTH_PORT',      radius_auth_port);
  17 */
  18
  19 class Auth_Radius extends Plugin implements IAuthModule {
  20
  21         private $link;
  22         private $host;
  23         private $base;
  24         private $debug;
  25
  26         function about() {
  27                 return array(0.1,
  28                         "Authenticates against an RADIUS server (configured in config.php)",
  29                         "alsvartr",
  30                         true);
  31         }
  32
  33         function init($host) {
  34                 $this->link = $host->get_link();
  35                 $this->host = $host;
  36                 $this->base = new Auth_Base($this->link);
  37                 $this->debug = FALSE;
  38
  39                 $host->add_hook($host::HOOK_AUTH_USER, $this);
  40         }
  41
  42         private function _log($msg) {
  43                 if ($this->debug) trigger_error($msg, E_USER_WARNING);
  44         }
  45
  46         function authenticate($login, $password) {
  47                 if (!require_once('php-radius/radius.php')) {
  48                         $this->_log('Cannot require radius class files!');
  49                         return FALSE;
  50                 }
  51
  52                 if ($login && $password) {
  53                         if ( (!defined('RADIUS_AUTH_SERVER')) OR (!defined('RADIUS_AUTH_SECRET')) ) {
  54                                 $this->_log('Could not parse RADIUS_AUTH_ options from config.php!');
  55                                 return FALSE;
  56                         } elseif (!defined('RADIUS_AUTH_PORT'))
  57                                 define('RADIUS_AUTH_PORT', 1812);
  58
  59                         $radius = new Radius(RADIUS_AUTH_SERVER, RADIUS_AUTH_SECRET, '', 5, RADIUS_AUTH_PORT);
  60                         $radius->SetNasIpAddress('1.2.3.4');
  61                         $auth = $radius->AccessRequest($login, $password);
  62
  63                         if ($auth)
  64                                 return $this->base->auto_create_user($login);
  65                         else {
  66                                 $this->_log('Radius authentication rejected!');
  67                                 return FALSE;
  68                         }
  69                 }
  70
  71                 return FALSE;
  72         }
  73
  74 }
  75
  76 ?>