Commit 76b51f60abf1c42a05072519486a4d96bf5635f8

Authored by Frederik Lindenaar
1 parent 155bd247

textual updates

Showing 1 changed file with 9 additions and 11 deletions
privacyidea-checkotp
1 1 #!/bin/bash
2   -
  2 +#
3 3 # privacyidea-checkotp - shell implementation of the PrivacyIDEA OTP check for
4 4 # integration with FreeRadius on systems without perl
5 5 #
6   -# Version 1.0, latest version available from:
  6 +# Version 1.0, latest version, documentation and bugtracker available at:
7 7 # https://gitlab.lindenaar.net/scripts/privacyidea-checkotp
8 8 #
9 9 # Copyright (c) 2015 Frederik Lindenaar
10 10 #
11 11 # This script is free software: you can redistribute and/or modify it under the
12   -# terms of the GNU General Public License as published by the Free Software
13   -# Foundation, either version 3 of the License, or (at your option) any later version.
  12 +# terms of version 3 of the GNU General Public License as published by the Free
  13 +# Software Foundation, or (at your option) any later version of the license.
14 14 #
15   -# This script is distributed in the hope that it will be useful, but WITHOUT ANY
  15 +# This script is distributed in the hope that it will be useful but WITHOUT ANY
16 16 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
17 17 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
18 18 #
19 19 # You should have received a copy of the GNU General Public License along with
20   -# this program. If not, see <http://www.gnu.org/licenses/>.
  20 +# this program. If not, visit <http://www.gnu.org/licenses/> to download it.
21 21  
22 22 # If called for the Outbound-User Service type, exit immediately (not supported)
23 23 if [ "$SERVICE_TYPE" = "Outbound-User" ]; then
24 24 exit 8
25 25 fi
26 26  
27   -# Simple script to validate an OTP with PrivacyIDEA
28   -
  27 +# Obtain parameters from command line or environment variables
29 28 if [ $# = 1 ]; then
30 29 URL="$1/validate/check"
31 30 LOGIN=`echo "${STRIPPED_USER_NAME:-$USER_NAME}" | sed 's/^"\(.*\)"$/\1/'`
32 31 PASSWORD=`echo "$USER_PASSWORD" | sed 's/^"\(.*\)"$/\1/'`
33 32 NAS=`echo "$NAS_IP_ADDRESS" | sed 's/^"\(.*\)"$/\1/'`
34   -# LOGIN="${User-Name}"
35   -# PASSWORD="${User-Password}"
36   -# NAS="${NAS-IP-Address}"
37 33 elif [ $# = 3 ]; then
38 34 URL="$1/validate/check"
39 35 LOGIN="$2"
... ... @@ -49,8 +45,10 @@ else
49 45 exit 2
50 46 fi
51 47  
  48 +# Obtain the result using curl
52 49 otpresult=`/usr/bin/curl -s "$URL" --data-urlencode "user=$LOGIN" --data-urlencode "pass=$PASSWORD" --data-urlencode "client=$NAS"`
53 50  
  51 +# Extract the status of the request from the returned JSON
54 52 otpstatus=`echo $otpresult | sed 's/^{.*"result": { "status": true, "value": \(.*\) },.*}/\1/'`
55 53  
56 54 if [ "$otpstatus" = "true" ]; then
... ...