Commit 76b51f60abf1c42a05072519486a4d96bf5635f8
1 parent
155bd247
textual updates
Showing
1 changed file
with
9 additions
and
11 deletions
privacyidea-checkotp
| 1 | 1 | #!/bin/bash |
| 2 | - | |
| 2 | +# | |
| 3 | 3 | # privacyidea-checkotp - shell implementation of the PrivacyIDEA OTP check for |
| 4 | 4 | # integration with FreeRadius on systems without perl |
| 5 | 5 | # |
| 6 | -# Version 1.0, latest version available from: | |
| 6 | +# Version 1.0, latest version, documentation and bugtracker available at: | |
| 7 | 7 | # https://gitlab.lindenaar.net/scripts/privacyidea-checkotp |
| 8 | 8 | # |
| 9 | 9 | # Copyright (c) 2015 Frederik Lindenaar |
| 10 | 10 | # |
| 11 | 11 | # This script is free software: you can redistribute and/or modify it under the |
| 12 | -# terms of the GNU General Public License as published by the Free Software | |
| 13 | -# Foundation, either version 3 of the License, or (at your option) any later version. | |
| 12 | +# terms of version 3 of the GNU General Public License as published by the Free | |
| 13 | +# Software Foundation, or (at your option) any later version of the license. | |
| 14 | 14 | # |
| 15 | -# This script is distributed in the hope that it will be useful, but WITHOUT ANY | |
| 15 | +# This script is distributed in the hope that it will be useful but WITHOUT ANY | |
| 16 | 16 | # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR |
| 17 | 17 | # A PARTICULAR PURPOSE. See the GNU General Public License for more details. |
| 18 | 18 | # |
| 19 | 19 | # You should have received a copy of the GNU General Public License along with |
| 20 | -# this program. If not, see <http://www.gnu.org/licenses/>. | |
| 20 | +# this program. If not, visit <http://www.gnu.org/licenses/> to download it. | |
| 21 | 21 | |
| 22 | 22 | # If called for the Outbound-User Service type, exit immediately (not supported) |
| 23 | 23 | if [ "$SERVICE_TYPE" = "Outbound-User" ]; then |
| 24 | 24 | exit 8 |
| 25 | 25 | fi |
| 26 | 26 | |
| 27 | -# Simple script to validate an OTP with PrivacyIDEA | |
| 28 | - | |
| 27 | +# Obtain parameters from command line or environment variables | |
| 29 | 28 | if [ $# = 1 ]; then |
| 30 | 29 | URL="$1/validate/check" |
| 31 | 30 | LOGIN=`echo "${STRIPPED_USER_NAME:-$USER_NAME}" | sed 's/^"\(.*\)"$/\1/'` |
| 32 | 31 | PASSWORD=`echo "$USER_PASSWORD" | sed 's/^"\(.*\)"$/\1/'` |
| 33 | 32 | NAS=`echo "$NAS_IP_ADDRESS" | sed 's/^"\(.*\)"$/\1/'` |
| 34 | -# LOGIN="${User-Name}" | |
| 35 | -# PASSWORD="${User-Password}" | |
| 36 | -# NAS="${NAS-IP-Address}" | |
| 37 | 33 | elif [ $# = 3 ]; then |
| 38 | 34 | URL="$1/validate/check" |
| 39 | 35 | LOGIN="$2" |
| ... | ... | @@ -49,8 +45,10 @@ else |
| 49 | 45 | exit 2 |
| 50 | 46 | fi |
| 51 | 47 | |
| 48 | +# Obtain the result using curl | |
| 52 | 49 | otpresult=`/usr/bin/curl -s "$URL" --data-urlencode "user=$LOGIN" --data-urlencode "pass=$PASSWORD" --data-urlencode "client=$NAS"` |
| 53 | 50 | |
| 51 | +# Extract the status of the request from the returned JSON | |
| 54 | 52 | otpstatus=`echo $otpresult | sed 's/^{.*"result": { "status": true, "value": \(.*\) },.*}/\1/'` |
| 55 | 53 | |
| 56 | 54 | if [ "$otpstatus" = "true" ]; then |
| ... | ... |