initial commit

plugins/auth_radius/init.php

@@ -0,0 +1,76 @@
+<?php
+/*
+Tiny Tiny RSS plugin for RADIUS authentication
+@author alsvartr (me@taughtbycats.ru)
+@copyright GPL2
+
+Requires php radius class (comes with plugin)
+Put the following options in config.php:
+
+	define('RADIUS_AUTH_SERVER',	'radius_server_address');
+	define('RADIUS_AUTH_SECRET',	'radius_shared_secret');
+
+Optional:
+
+	//Default: 1812
+	define('RADIUS_AUTH_PORT',	radius_auth_port);
+*/
+
+class Auth_Radius extends Plugin implements IAuthModule {
+
+	private $link;
+	private $host;
+	private $base;
+	private $debug;
+
+	function about() {
+		return array(0.1,
+			"Authenticates against an RADIUS server (configured in config.php)",
+			"alsvartr",
+			true);
+	}
+
+	function init($host) {
+		$this->link = $host->get_link();
+		$this->host = $host;
+		$this->base = new Auth_Base($this->link);
+		$this->debug = FALSE;
+
+		$host->add_hook($host::HOOK_AUTH_USER, $this);
+	}
+
+	private function _log($msg) {
+		if ($this->debug) trigger_error($msg, E_USER_WARNING);
+	}
+
+	function authenticate($login, $password) {
+		if (!require_once('php-radius/radius.php')) {
+			$this->_log('Cannot require radius class files!');
+			return FALSE;
+		}
+
+		if ($login && $password) {
+			if ( (!defined('RADIUS_AUTH_SERVER')) OR (!defined('RADIUS_AUTH_SECRET')) ) {
+				$this->_log('Could not parse RADIUS_AUTH_ options from config.php!');
+				return FALSE;
+			} elseif (!defined('RADIUS_AUTH_PORT'))
+				define('RADIUS_AUTH_PORT', 1812);
+
+			$radius = new Radius(RADIUS_AUTH_SERVER, RADIUS_AUTH_SECRET, '', 5, RADIUS_AUTH_PORT);
+			$radius->SetNasIpAddress('1.2.3.4');
+			$auth = $radius->AccessRequest($login, $password);
+
+			if ($auth)
+				return $this->base->auto_create_user($login);
+			else {
+				$this->_log('Radius authentication rejected!');
+				return FALSE;
+			}
+		}
+
+		return FALSE;
+	}
+
+}
+
+?>