scripts/PrivacyID3A-CheckOTP
1
0
Fork 0
Code Issues Pull Requests Activity

textual updates

Browse Source
This commit is contained in:
Frederik Lindenaar
2015-05-02 22:41:37 +02:00
parent 155bd24774
commit 76b51f60ab
1 changed files with 9 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
privacyidea-checkotp
View File

@@ -1,39 +1,35 @@
#!/bin/bash #!/bin/bash
#
# privacyidea-checkotp - shell implementation of the PrivacyIDEA OTP check for # privacyidea-checkotp - shell implementation of the PrivacyIDEA OTP check for
# integration with FreeRadius on systems without perl # integration with FreeRadius on systems without perl
# #
# Version 1.0, latest version available from: # Version 1.0, latest version, documentation and bugtracker available at:
# https://gitlab.lindenaar.net/scripts/privacyidea-checkotp # https://gitlab.lindenaar.net/scripts/privacyidea-checkotp
# #
# Copyright (c) 2015 Frederik Lindenaar # Copyright (c) 2015 Frederik Lindenaar
# #
# This script is free software: you can redistribute and/or modify it under the # This script is free software: you can redistribute and/or modify it under the
# terms of the GNU General Public License as published by the Free Software # terms of version 3 of the GNU General Public License as published by the Free
# Foundation, either version 3 of the License, or (at your option) any later version. # Software Foundation, or (at your option) any later version of the license.
# #
# This script is distributed in the hope that it will be useful, but WITHOUT ANY # This script is distributed in the hope that it will be useful but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details. # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
# #
# You should have received a copy of the GNU General Public License along with # You should have received a copy of the GNU General Public License along with
# this program. If not, see <http://www.gnu.org/licenses/>. # this program. If not, visit <http://www.gnu.org/licenses/> to download it.
# If called for the Outbound-User Service type, exit immediately (not supported) # If called for the Outbound-User Service type, exit immediately (not supported)
if [ "$SERVICE_TYPE" = "Outbound-User" ]; then if [ "$SERVICE_TYPE" = "Outbound-User" ]; then
exit 8 exit 8
fi fi
# Simple script to validate an OTP with PrivacyIDEA # Obtain parameters from command line or environment variables
if [ $# = 1 ]; then if [ $# = 1 ]; then
URL="$1/validate/check" URL="$1/validate/check"
LOGIN=`echo "${STRIPPED_USER_NAME:-$USER_NAME}" | sed 's/^"\(.*\)"$/\1/'` LOGIN=`echo "${STRIPPED_USER_NAME:-$USER_NAME}" | sed 's/^"\(.*\)"$/\1/'`
PASSWORD=`echo "$USER_PASSWORD" | sed 's/^"\(.*\)"$/\1/'` PASSWORD=`echo "$USER_PASSWORD" | sed 's/^"\(.*\)"$/\1/'`
NAS=`echo "$NAS_IP_ADDRESS" | sed 's/^"\(.*\)"$/\1/'` NAS=`echo "$NAS_IP_ADDRESS" | sed 's/^"\(.*\)"$/\1/'`
# LOGIN="${User-Name}"
# PASSWORD="${User-Password}"
# NAS="${NAS-IP-Address}"
elif [ $# = 3 ]; then elif [ $# = 3 ]; then
URL="$1/validate/check" URL="$1/validate/check"
LOGIN="$2" LOGIN="$2"
@@ -49,8 +45,10 @@ else
exit 2 exit 2
fi fi
# Obtain the result using curl
otpresult=`/usr/bin/curl -s "$URL" --data-urlencode "user=$LOGIN" --data-urlencode "pass=$PASSWORD" --data-urlencode "client=$NAS"` otpresult=`/usr/bin/curl -s "$URL" --data-urlencode "user=$LOGIN" --data-urlencode "pass=$PASSWORD" --data-urlencode "client=$NAS"`
# Extract the status of the request from the returned JSON
otpstatus=`echo $otpresult | sed 's/^{.*"result": { "status": true, "value": \(.*\) },.*}/\1/'` otpstatus=`echo $otpresult | sed 's/^{.*"result": { "status": true, "value": \(.*\) },.*}/\1/'`
if [ "$otpstatus" = "true" ]; then if [ "$otpstatus" = "true" ]; then