1<?php 2 3namespace LibreNMS\Authentication; 4 5use Dapphp\Radius\Radius; 6use LibreNMS\Config; 7use LibreNMS\Exceptions\AuthenticationException; 8use LibreNMS\Util\Debug; 9 10class RadiusAuthorizer extends MysqlAuthorizer 11{ 12 protected static $HAS_AUTH_USERMANAGEMENT = true; 13 protected static $CAN_UPDATE_USER = true; 14 protected static $CAN_UPDATE_PASSWORDS = false; 15 16 /** @var Radius */ 17 protected $radius; 18 19 public function __construct() 20 { 21 $this->radius = new Radius(Config::get('radius.hostname'), Config::get('radius.secret'), Config::get('radius.suffix'), Config::get('radius.timeout'), Config::get('radius.port')); 22 } 23 24 public function authenticate($credentials) 25 { 26 if (empty($credentials['username'])) { 27 throw new AuthenticationException('Username is required'); 28 } 29 30 if (Debug::isEnabled()) { 31 $this->radius->setDebug(true); 32 } 33 34 $password = $credentials['password'] ?? null; 35 if ($this->radius->accessRequest($credentials['username'], $password) === true) { 36 $this->addUser($credentials['username'], $password, Config::get('radius.default_level', 1)); 37 38 return true; 39 } 40 41 throw new AuthenticationException(); 42 } 43} 44