sspmod_radius_Auth_Source_Radius Class Reference
Inheritance diagram for sspmod_radius_Auth_Source_Radius:
Collaboration diagram for sspmod_radius_Auth_Source_Radius:
Public Member Functions | |
| __construct ($info, $config) | |
| Constructor for this authentication source. More... | |
| Public Member Functions inherited from sspmod_core_Auth_UserPassBase | |
| __construct ($info, &$config) | |
| Constructor for this authentication source. More... | |
| setForcedUsername ($forcedUsername) | |
| Set forced username. More... | |
| getLoginLinks () | |
| Return login links from configuration. More... | |
| getRememberUsernameEnabled () | |
| Getter for the authsource config option remember.username.enabled. More... | |
| getRememberUsernameChecked () | |
| Getter for the authsource config option remember.username.checked. More... | |
| isRememberMeEnabled () | |
| Check if the "remember me" feature is enabled. More... | |
| isRememberMeChecked () | |
| Check if the "remember me" checkbox should be checked. More... | |
| authenticate (&$state) | |
| Initialize login. More... | |
| Public Member Functions inherited from SimpleSAML_Auth_Source | |
| __construct ($info, &$config) | |
| Constructor for an authentication source. More... | |
| getAuthId () | |
| Retrieve the ID of this authentication source. More... | |
| authenticate (&$state) | |
| Process a request. More... | |
| reauthenticate (array &$state) | |
| Reauthenticate an user. More... | |
| initLogin ($return, $errorURL=null, array $params=array()) | |
| Start authentication. More... | |
| logout (&$state) | |
| Log out from this authentication source. More... | |
Protected Member Functions | |
| login ($username, $password) | |
| Attempt to log in using the given username and password. More... | |
| login ($username, $password) | |
| Attempt to log in using the given username and password. More... | |
| Protected Member Functions inherited from SimpleSAML_Auth_Source | |
| addLogoutCallback ($assoc, $state) | |
| Add a logout callback association. More... | |
| callLogoutCallback ($assoc) | |
| Call a logout callback based on association. More... | |
Private Attributes | |
| $servers | |
| The list of radius servers to use. More... | |
| $hostname | |
| The hostname of the radius server. More... | |
| $port | |
| The port of the radius server. More... | |
| $secret | |
| The secret used when communicating with the radius server. More... | |
| $timeout | |
| The timeout for contacting the radius server. More... | |
| $retries | |
| The number of retries which should be attempted. More... | |
| $realm | |
| The realm to be added to the entered username. More... | |
| $usernameAttribute | |
| The attribute name where the username should be stored. More... | |
| $vendor | |
| The vendor for the RADIUS attributes we are interrested in. More... | |
| $vendorType | |
| The vendor-specific attribute for the RADIUS attributes we are interrested in. More... | |
| $nasIdentifier | |
| The NAS-Identifier that should be set in Access-Request packets. More... | |
Additional Inherited Members | |
| Static Public Member Functions inherited from sspmod_core_Auth_UserPassBase | |
| static | handleLogin ($authStateId, $username, $password) |
| Handle login request. More... | |
| Static Public Member Functions inherited from SimpleSAML_Auth_Source | |
| static | getSourcesOfType ($type) |
| Get sources of a specific type. More... | |
| static | completeAuth (&$state) |
| Complete authentication. More... | |
| static | loginCompleted ($state) |
| Called when a login operation has finished. More... | |
| static | completeLogout (&$state) |
| Complete logout. More... | |
| static | getById ($authId, $type=null) |
| Retrieve authentication source. More... | |
| static | logoutCallback ($state) |
| Called when the authentication source receives an external logout request. More... | |
| static | getSources () |
| Retrieve list of authentication sources. More... | |
| Data Fields inherited from sspmod_core_Auth_UserPassBase | |
| const | STAGEID = 'sspmod_core_Auth_UserPassBase.state' |
| The string used to identify our states. More... | |
| const | AUTHID = 'sspmod_core_Auth_UserPassBase.AuthId' |
| The key of the AuthId field in the state. More... | |
| Static Protected Member Functions inherited from SimpleSAML_Auth_Source | |
| static | validateSource ($source, $id) |
| Make sure that the first element of an auth source is its identifier. More... | |
| Protected Attributes inherited from sspmod_core_Auth_UserPassBase | |
| $loginLinks | |
| Links to pages from login page. More... | |
| $rememberUsernameEnabled = FALSE | |
| $rememberUsernameChecked = FALSE | |
| $rememberMeEnabled = FALSE | |
| $rememberMeChecked = FALSE | |
| Protected Attributes inherited from SimpleSAML_Auth_Source | |
| $authId | |
Detailed Description
Definition at line 10 of file Radius.php.
Constructor & Destructor Documentation
◆ __construct()
| sspmod_radius_Auth_Source_Radius::__construct | ( | $info, | |
| $config | |||
| ) |
Constructor for this authentication source.
- Parameters
-
array $info Information about this authentication source. array $config Configuration.
Definition at line 74 of file Radius.php.
75 {
76 assert(is_array($info));
77 assert(is_array($config));
78
79 // Call the parent constructor first, as required by the interface
81
82 // Parse configuration.
84 'Authentication source ' . var_export($this->authId, true));
85
87 /* For backwards compatibility. */
88 if (empty($this->servers)) {
92 $this->servers[] = array('hostname' => $this->hostname,
93 'port' => $this->port,
94 'secret' => $this->secret);
95 }
101 \SimpleSAML\Utils\HTTP::getSelfHost());
102
104 if ($this->vendor !== null) {
106 }
107 }
static loadFromArray($config, $location='[ARRAY]', $instance=null)
Loads a configuration from the given array.
Definition: Configuration.php:297
Attribute-related utility methods.
References $config, $info, and SimpleSAML_Configuration\loadFromArray().
Here is the call graph for this function:
Member Function Documentation
◆ login()
|
protected |
Attempt to log in using the given username and password.
- Parameters
-
string $username The username the user wrote. string $password The password the user wrote.
- Returns
- array Associative array with the user's attributes.
Reimplemented from sspmod_core_Auth_UserPassBase.
Definition at line 117 of file Radius.php.
118 {
119 assert(is_string($username));
120 assert(is_string($password));
121
122 $radius = radius_auth_open();
123
124 /* Try to add all radius servers, trigger a failure if no one works. */
129 }
130 if (!radius_add_server($radius,
132 $this->timeout, $this->retries)) {
134 radius_strerror($radius));
135 continue;
136 }
138 }
140 throw new Exception('Error adding radius servers, no servers available');
141 }
142
143 if (!radius_create_request($radius, RADIUS_ACCESS_REQUEST)) {
144 throw new Exception('Error creating radius request: ' .
145 radius_strerror($radius));
146 }
147
148 if ($this->realm === null) {
149 radius_put_attr($radius, RADIUS_USER_NAME, $username);
150 } else {
151 radius_put_attr($radius, RADIUS_USER_NAME, $username . '@' . $this->realm);
152 }
153 radius_put_attr($radius, RADIUS_USER_PASSWORD, $password);
154
155 if ($this->nasIdentifier !== null) {
156 radius_put_attr($radius, RADIUS_NAS_IDENTIFIER, $this->nasIdentifier);
157 }
158
159 $res = radius_send_request($radius);
162 case RADIUS_ACCESS_REJECT:
163 /* Invalid username or password. */
165 case RADIUS_ACCESS_CHALLENGE:
166 throw new Exception('Radius authentication error: Challenge requested, but not supported.');
167 default:
168 throw new Exception('Error during radius authentication: ' .
169 radius_strerror($radius));
170 }
171 }
172
173 /* If we get this far, we have a valid login. */
174
175 $attributes = array();
176
177 if ($this->usernameAttribute !== null) {
179 }
180
181 if ($this->vendor === null) {
182 /*
183 * We aren't interested in any vendor-specific attributes. We are
184 * therefore done now.
185 */
187 }
188
189 /* get AAI attribute sets. Contributed by Stefan Winter, (c) RESTENA */
190 while ($resa = radius_get_attr($radius)) {
191
192 if (!is_array($resa)) {
193 throw new Exception('Error getting radius attributes: ' .
194 radius_strerror($radius));
195 }
196
197 /* Use the received user name */
198 if ($resa['attr'] == RADIUS_USER_NAME) {
200 continue;
201 }
202
203 if ($resa['attr'] !== RADIUS_VENDOR_SPECIFIC) {
204 continue;
205 }
206
207 $resv = radius_get_vendor_attr($resa['data']);
208 if (!is_array($resv)) {
209 throw new Exception('Error getting vendor specific attribute: ' .
210 radius_strerror($radius));
211 }
212
214 $attrv = $resv['attr'];
215 $datav = $resv['data'];
216
218 continue;
219 }
220
221 $attrib_name = strtok($datav,'=');
222 $attrib_value = strtok('=');
223
224 /* if the attribute name is already in result set,
225 add another value */
227 $attributes[$attrib_name][] = $attrib_value;
228 } else {
229 $attributes[$attrib_name] = array($attrib_value);
230 }
231 }
232 /* end of contribution */
233
235 }
Definition: Error.php:11
References $attributes, $password, $res, $server, $success, $usernameAttribute, $vendor, and SimpleSAML\Logger\info().
Here is the call graph for this function:
Field Documentation
◆ $hostname
|
private |
The hostname of the radius server.
Definition at line 20 of file Radius.php.
◆ $nasIdentifier
|
private |
The NAS-Identifier that should be set in Access-Request packets.
Definition at line 66 of file Radius.php.
◆ $port
|
private |
The port of the radius server.
Definition at line 25 of file Radius.php.
◆ $realm
|
private |
The realm to be added to the entered username.
Definition at line 45 of file Radius.php.
◆ $retries
|
private |
The number of retries which should be attempted.
Definition at line 40 of file Radius.php.
◆ $secret
|
private |
The secret used when communicating with the radius server.
Definition at line 30 of file Radius.php.
◆ $servers
|
private |
The list of radius servers to use.
Definition at line 15 of file Radius.php.
◆ $timeout
|
private |
The timeout for contacting the radius server.
Definition at line 35 of file Radius.php.
◆ $usernameAttribute
|
private |
The attribute name where the username should be stored.
Definition at line 50 of file Radius.php.
Referenced by login().
◆ $vendor
|
private |
The vendor for the RADIUS attributes we are interrested in.
Definition at line 55 of file Radius.php.
Referenced by login().
◆ $vendorType
|
private |
The vendor-specific attribute for the RADIUS attributes we are interrested in.
Definition at line 61 of file Radius.php.
The documentation for this class was generated from the following file:
- libs/composer/vendor/simplesamlphp/simplesamlphp/modules/radius/lib/Auth/Source/Radius.php
