ttrss/plugins/auth_radius/init.php

77 lines
1.7 KiB
PHP

<?php
/*
Tiny Tiny RSS plugin for RADIUS authentication
@author alsvartr (me@taughtbycats.ru)
@copyright GPL2
Requires php radius class (comes with plugin)
Put the following options in config.php:
define('RADIUS_AUTH_SERVER', 'radius_server_address');
define('RADIUS_AUTH_SECRET', 'radius_shared_secret');
Optional:
//Default: 1812
define('RADIUS_AUTH_PORT', radius_auth_port);
*/
class Auth_Radius extends Plugin implements IAuthModule {
private $link;
private $host;
private $base;
private $debug;
function about() {
return array(0.1,
"Authenticates against an RADIUS server (configured in config.php)",
"alsvartr",
true);
}
function init($host) {
$this->link = $host->get_link();
$this->host = $host;
$this->base = new Auth_Base($this->link);
$this->debug = FALSE;
$host->add_hook($host::HOOK_AUTH_USER, $this);
}
private function _log($msg) {
if ($this->debug) trigger_error($msg, E_USER_WARNING);
}
function authenticate($login, $password) {
if (!require_once('php-radius/radius.php')) {
$this->_log('Cannot require radius class files!');
return FALSE;
}
if ($login && $password) {
if ( (!defined('RADIUS_AUTH_SERVER')) OR (!defined('RADIUS_AUTH_SECRET')) ) {
$this->_log('Could not parse RADIUS_AUTH_ options from config.php!');
return FALSE;
} elseif (!defined('RADIUS_AUTH_PORT'))
define('RADIUS_AUTH_PORT', 1812);
$radius = new Radius(RADIUS_AUTH_SERVER, RADIUS_AUTH_SECRET, '', 5, RADIUS_AUTH_PORT);
$radius->SetNasIpAddress('1.2.3.4');
$auth = $radius->AccessRequest($login, $password);
if ($auth)
return $this->base->auto_create_user($login);
else {
$this->_log('Radius authentication rejected!');
return FALSE;
}
}
return FALSE;
}
}
?>