switched into a send/receive function
[ga4php.git] / authserver / usercmd.php
1 <?php
2 /*
3  * 
4  * 
5  * This file is designed as a "script" extension to freeradius (or some such tool) for radius authentication.
6  * Also provided is a simple web interface for managing users in freeradius.
7  * 
8  * The simple web interface should also provide a mechanism for configuring freeradius itself
9  * 
10  */
11
12 require_once("lib/authClient.php");
13
14 $myAC = new GAAuthClient();
15
16 /*
17 define("MSG_AUTH_USER_TOKEN", 1);
18 define("MSG_ADD_USER_TOKEN", 2);
19 define("MSG_DELETE_USER", 3);
20 define("MSG_AUTH_USER_PASSWORD", 4);
21 define("MSG_SET_USER_PASSWORD", 5);
22 define("MSG_SET_USER_REALNAME", 6);
23 define("MSG_SET_USER_TOKEN", 7);
24 define("MSG_SET_USER_TOKEN_TYPE", 8);
25
26  */
27 if(!isset($argv[1])) {
28         echo "Usage: ".$argv[0]." command username [args]\n";
29         echo "\tadd: add <username> - returns token code url\n";
30         echo "\tauth: auth <username> <passcode> - returns 0/1 for pass/fail\n";
31         echo "\tdelete: delete <username> - deletes user\n";
32         echo "\tauthpass: authpass <username> <password> - returns 0/1 for pass/fail\n";
33         echo "\tsetpass: setpass <username> <password> - sets a password for a user (x to remove pass)\n";
34         echo "\tsetname: setname <username> <realname> - sets the real name for a user\n";
35         echo "\tsettoken: settoken <username> <tokenkey> - sets the key (hex) for a token\n";
36         echo "\tsettype: settype <username> <tokentype> - sets a token type for a user\n";
37         echo "\tgetusers: getusers - gets a list of users\n";
38         echo "\tgetotk: getotk <username> - gets the OTKID for a key\n";
39         echo "\tradauth: radauth <username> <pin> - for radius, only returns a code\n";
40         echo "\tsynctoken: synctoken <username> <tokenone> <tokentwo> - resync's a hotp token based on two token codes\n";
41         echo "\ttokentype: tokentype <username> - gets the token type for a user\n";
42         echo "\taddradclient: addradclient <client_name> <client_ip> <client_secret> \"<description>\"- adds a radius client\n";
43         echo "\trmradclient: rmradclient <client_name> - removes a radius client with the name <client_name>\n";
44         echo "\tgetradclients: getradclients - returns a list of radius clients\n";
45         return 0;       
46 }
47
48 switch($argv[1]) {
49         case "rmradclient":
50                 $msg = $myAC->deleteRadiusClient($argv[2]);
51                 if($msg) {
52                         echo "Successfully deleted\n";
53                 }
54                 break;
55         case "getradclients":
56                 $msg = $myAC->getRadiusClients();
57                 foreach($msg as $client) {
58                         if($client["desc"]=="") $desc = "no description set";
59                         else $desc = $client["desc"];
60                         echo $client["name"]." is ".$client["ip"].", $desc\n";
61                 }
62                 break;
63         case "addradclient":
64                 $msg = $myAC->addRadiusClient($argv[2], $argv[3], $argv[4], $argv[5]);
65                 if($msg === true) {
66                         echo "Added successfully\n";
67                 } else if ($msg == "name") {
68                         echo "Client with same name exists already\n";
69                 } else if ($msg == "ip") {
70                         echo "Client with same IP already exists\n";
71                 }
72                 break;
73         case "tokentype":
74                 $msg = $myAC->getUserTokenType($argv[2]);
75                 echo "token type: $msg\n";
76                 break;
77         case "synctoken":
78                 if($myAC->syncUserToken($argv[2], $argv[3], $argv[4])) {
79                         echo "Token synced\n";
80                 } else {
81                         echo "Token not synced\n";
82                 }
83                 break;
84         case "radauth":
85                 if($myAC->authUserToken($argv[2], $argv[3])==1) {
86                         syslog(LOG_WARNING, "Got good request for user, ".$argv[2]);
87                         exit(0);
88                 } else {
89                         syslog(LOG_WARNING, "Got bad request for user, ".$argv[2]);
90                         exit(255);
91                 }
92                 break;
93         case "getotk":
94                 $val = $myAC->getOtkID($argv[2]);
95                 if($val === false) {
96                         echo "Failure\n";
97                 } else {
98                         echo "$val\n";
99                 }
100                 break;
101         case "auth":
102                 if($myAC->authUserToken($argv[2], $argv[3])==1) {
103                         echo "Pass!\n";
104                 } else {
105                         echo "Fail!\n";
106                 }
107                 break;
108         case "add":
109                 $return = $myAC->addUser($argv[2]);
110                 echo "Created user, ".$argv[2]." returned $return\n";
111                 break;
112         case "delete":
113                 $res = $myAC->deleteUser($argv[2]);
114                 if($res) {
115                         echo "Deleted\n";
116                 } else {
117                         echo "Failure?\n";
118                 }
119                 break;
120         case "authpass":
121                 $ret = $myAC->authUserPass($argv[2], $argv[3]);
122                 if($ret) echo "Authenticated\n";
123                 else echo "Failed\n";
124                 break;
125         case "setpass":
126                 $res = $myAC->setUserPass($argv[2], $argv[3]);
127                 if($res) echo "Password Set\n";
128                 else echo "Failure?\n";
129                 break;
130         case "setname":
131                 $ret = $myAC->setUserRealName($argv[2], $argv[3]);
132                 if($ret) echo "Real Name Set\n";
133                 else echo "Failure?\n";
134                 break;
135         case "settoken":
136                 $ret = $myAC->setUserToken($argv[2], $argv[3]);
137                 if($ret) echo "Token Set\n";
138                 else echo "Failure?\n";
139                 break;
140         case "settype":
141                 $ret = $myAC->setUserTokenType($argv[2], $argv[3]);
142                 if($ret) echo "Token Type Set\n";
143                 else echo "Failure?\n";
144                 break;
145         case "getusers":
146                 $users = $myAC->getUsers();
147                 foreach($users as $user) {
148                         if($user["realname"] != "") $realname = $user["realname"];
149                         else $realname = "- Not Set -";
150                         
151                         if($user["haspass"]) $haspass = "Yes";
152                         else $haspass = "No";
153                         
154                         if($user["hastoken"]) $hastoken = "Yes";
155                         else $hastoken = "No";
156                         
157                         echo "Username: ".$user["username"]."\n";
158                         echo "\tReal Name: ".$realname."\n";
159                         echo "\tHas Password?: ".$haspass."\n";
160                         echo "\tHas Token?: ".$hastoken."\n\n";
161                 }
162                 break;
163         default:
164                 echo "See the usage...\n";
165 }
166 ?>