scripts/PrivacyID3A-CheckOTP
1
0
Fork 0
Code Issues Pull Requests Activity

textual updates

Browse Source
This commit is contained in:
Frederik Lindenaar
2015-05-02 22:41:37 +02:00
parent 155bd24774
commit 76b51f60ab
1 changed files with 9 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
privacyidea-checkotp
View File

@@ -1,39 +1,35 @@
#!/bin/bash
#
# privacyidea-checkotp - shell implementation of the PrivacyIDEA OTP check for
# integration with FreeRadius on systems without perl
#
# Version 1.0, latest version available from:
# Version 1.0, latest version, documentation and bugtracker available at:
# https://gitlab.lindenaar.net/scripts/privacyidea-checkotp
#
# Copyright (c) 2015 Frederik Lindenaar
#
# This script is free software: you can redistribute and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation, either version 3 of the License, or (at your option) any later version.
# terms of version 3 of the GNU General Public License as published by the Free
# Software Foundation, or (at your option) any later version of the license.
#
# This script is distributed in the hope that it will be useful, but WITHOUT ANY
# This script is distributed in the hope that it will be useful but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program. If not, see <http://www.gnu.org/licenses/>.
# this program. If not, visit <http://www.gnu.org/licenses/> to download it.
# If called for the Outbound-User Service type, exit immediately (not supported)
if [ "$SERVICE_TYPE" = "Outbound-User" ]; then
exit 8
fi
# Simple script to validate an OTP with PrivacyIDEA
# Obtain parameters from command line or environment variables
if [ $# = 1 ]; then
URL="$1/validate/check"
LOGIN=`echo "${STRIPPED_USER_NAME:-$USER_NAME}" | sed 's/^"\(.*\)"$/\1/'`
PASSWORD=`echo "$USER_PASSWORD" | sed 's/^"\(.*\)"$/\1/'`
NAS=`echo "$NAS_IP_ADDRESS" | sed 's/^"\(.*\)"$/\1/'`
# LOGIN="${User-Name}"
# PASSWORD="${User-Password}"
# NAS="${NAS-IP-Address}"
elif [ $# = 3 ]; then
URL="$1/validate/check"
LOGIN="$2"
@@ -49,8 +45,10 @@ else
exit 2
fi
# Obtain the result using curl
otpresult=`/usr/bin/curl -s "$URL" --data-urlencode "user=$LOGIN" --data-urlencode "pass=$PASSWORD" --data-urlencode "client=$NAS"`
# Extract the status of the request from the returned JSON
otpstatus=`echo $otpresult | sed 's/^{.*"result": { "status": true, "value": \(.*\) },.*}/\1/'`
if [ "$otpstatus" = "true" ]; then