initial commit for adradius

2020-03-02 16:17:46 +01:00 · 2020-03-02 16:17:46 +01:00 · 768c0a54a0
commit 768c0a54a0
1 changed files with 59 additions and 0 deletions
--- a/cmd/adradius/main.go
+++ b/cmd/adradius/main.go
@ -0,0 +1,59 @@
+package main
+
+import (
+	"log"
+
+	auth "github.com/korylprince/go-ad-auth"
+	"layeh.com/radius"
+	"layeh.com/radius/rfc2865"
+)
+
+func main() {
+
+	config := &auth.Config{
+		Server: "ldap.example.com",
+		Port:   389,
+		BaseDN: "OU=Users,DC=example,DC=com",
+		//Security: auth.SecurityStartTLS,
+	}
+
+	handler := func(w radius.ResponseWriter, r *radius.Request) {
+		username := rfc2865.UserName_GetString(r.Packet)
+		password := rfc2865.UserPassword_GetString(r.Packet)
+
+		var code radius.Code
+
+		status, _ := ADauth(config, username, password)
+
+		if status {
+			code = radius.CodeAccessAccept
+		} else {
+			code = radius.CodeAccessReject
+		}
+		log.Printf("Writing %v to %v", code, r.RemoteAddr)
+		w.Write(r.Response(code))
+	}
+
+	server := radius.PacketServer{
+		Handler:      radius.HandlerFunc(handler),
+		SecretSource: radius.StaticSecretSource([]byte(`secret`)),
+	}
+
+	log.Printf("Starting server on :1812")
+	if err := server.ListenAndServe(); err != nil {
+		log.Fatal(err)
+	}
+}
+
+func ADauth(config *auth.Config, username string, password string) (status bool, err error) {
+	status, err = auth.Authenticate(config, username, password)
+	//if err != nil {
+	//	//handle err
+	//	return
+	//}
+	//if !status {
+	//	//handle failed authentication
+	//	return
+	//}
+	return
+}