Commit 76b51f60abf1c42a05072519486a4d96bf5635f8
1 parent
155bd247
textual updates
Showing
1 changed file
with
9 additions
and
11 deletions
privacyidea-checkotp
1 | 1 | #!/bin/bash |
2 | - | |
2 | +# | |
3 | 3 | # privacyidea-checkotp - shell implementation of the PrivacyIDEA OTP check for |
4 | 4 | # integration with FreeRadius on systems without perl |
5 | 5 | # |
6 | -# Version 1.0, latest version available from: | |
6 | +# Version 1.0, latest version, documentation and bugtracker available at: | |
7 | 7 | # https://gitlab.lindenaar.net/scripts/privacyidea-checkotp |
8 | 8 | # |
9 | 9 | # Copyright (c) 2015 Frederik Lindenaar |
10 | 10 | # |
11 | 11 | # This script is free software: you can redistribute and/or modify it under the |
12 | -# terms of the GNU General Public License as published by the Free Software | |
13 | -# Foundation, either version 3 of the License, or (at your option) any later version. | |
12 | +# terms of version 3 of the GNU General Public License as published by the Free | |
13 | +# Software Foundation, or (at your option) any later version of the license. | |
14 | 14 | # |
15 | -# This script is distributed in the hope that it will be useful, but WITHOUT ANY | |
15 | +# This script is distributed in the hope that it will be useful but WITHOUT ANY | |
16 | 16 | # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR |
17 | 17 | # A PARTICULAR PURPOSE. See the GNU General Public License for more details. |
18 | 18 | # |
19 | 19 | # You should have received a copy of the GNU General Public License along with |
20 | -# this program. If not, see <http://www.gnu.org/licenses/>. | |
20 | +# this program. If not, visit <http://www.gnu.org/licenses/> to download it. | |
21 | 21 | |
22 | 22 | # If called for the Outbound-User Service type, exit immediately (not supported) |
23 | 23 | if [ "$SERVICE_TYPE" = "Outbound-User" ]; then |
24 | 24 | exit 8 |
25 | 25 | fi |
26 | 26 | |
27 | -# Simple script to validate an OTP with PrivacyIDEA | |
28 | - | |
27 | +# Obtain parameters from command line or environment variables | |
29 | 28 | if [ $# = 1 ]; then |
30 | 29 | URL="$1/validate/check" |
31 | 30 | LOGIN=`echo "${STRIPPED_USER_NAME:-$USER_NAME}" | sed 's/^"\(.*\)"$/\1/'` |
32 | 31 | PASSWORD=`echo "$USER_PASSWORD" | sed 's/^"\(.*\)"$/\1/'` |
33 | 32 | NAS=`echo "$NAS_IP_ADDRESS" | sed 's/^"\(.*\)"$/\1/'` |
34 | -# LOGIN="${User-Name}" | |
35 | -# PASSWORD="${User-Password}" | |
36 | -# NAS="${NAS-IP-Address}" | |
37 | 33 | elif [ $# = 3 ]; then |
38 | 34 | URL="$1/validate/check" |
39 | 35 | LOGIN="$2" |
... | ... | @@ -49,8 +45,10 @@ else |
49 | 45 | exit 2 |
50 | 46 | fi |
51 | 47 | |
48 | +# Obtain the result using curl | |
52 | 49 | otpresult=`/usr/bin/curl -s "$URL" --data-urlencode "user=$LOGIN" --data-urlencode "pass=$PASSWORD" --data-urlencode "client=$NAS"` |
53 | 50 | |
51 | +# Extract the status of the request from the returned JSON | |
54 | 52 | otpstatus=`echo $otpresult | sed 's/^{.*"result": { "status": true, "value": \(.*\) },.*}/\1/'` |
55 | 53 | |
56 | 54 | if [ "$otpstatus" = "true" ]; then |
... | ... |