1# This Source Code Form is subject to the terms of the Mozilla Public 2# License, v. 2.0. If a copy of the MPL was not distributed with this 3# file, You can obtain one at http://mozilla.org/MPL/2.0/. 4# 5# This Source Code Form is "Incompatible With Secondary Licenses", as 6# defined by the Mozilla Public License, v. 2.0. 7 8package Bugzilla::Auth::Verify::RADIUS; 9use strict; 10use base qw(Bugzilla::Auth::Verify); 11 12use Bugzilla::Constants; 13use Bugzilla::Error; 14use Bugzilla::Util; 15 16use Authen::Radius; 17 18use constant admin_can_create_account => 0; 19use constant user_can_create_account => 0; 20 21sub check_credentials { 22 my ($self, $params) = @_; 23 my $dbh = Bugzilla->dbh; 24 my $address_suffix = Bugzilla->params->{'RADIUS_email_suffix'}; 25 my $username = $params->{username}; 26 27 # If we're using RADIUS_email_suffix, we may need to cut it off from 28 # the login name. 29 if ($address_suffix) { 30 $username =~ s/\Q$address_suffix\E$//i; 31 } 32 33 # Create RADIUS object. 34 my $radius = 35 new Authen::Radius(Host => Bugzilla->params->{'RADIUS_server'}, 36 Secret => Bugzilla->params->{'RADIUS_secret'}) 37 || return { failure => AUTH_ERROR, error => 'radius_preparation_error', 38 details => {errstr => Authen::Radius::strerror() } }; 39 40 # Check the password. 41 $radius->check_pwd($username, $params->{password}, 42 Bugzilla->params->{'RADIUS_NAS_IP'} || undef) 43 || return { failure => AUTH_LOGINFAILED }; 44 45 # Build the user account's e-mail address. 46 $params->{bz_username} = $username . $address_suffix; 47 48 return $params; 49} 50 511; 52