public IRadiusPacket HandlePacket(IRadiusPacket packet)
{
var config = ConfigurationManager.AppSettings;
var domain = config.Get("Domain");
var groupName = config.Get("AdGroupName");
_log.Info($"Recived request with packet code {packet.Code}");
if (packet.Code == PacketCode.AccessRequest)
{
var userName = packet.GetAttribute <String>("User-Name");
var userPassword = packet.GetAttribute <String>("User-Password");
var userLogin = ValidateCredentials(domain, userName, userPassword, userName, userName);
var userInGroup = IsUserInAdGroup(domain, userName, groupName, userName, userPassword);
_log.Info($"User Login result ={userLogin} UserInGroup result = {userInGroup} for user {userName}");
if (userInGroup && userLogin)
{
var response = packet.CreateResponsePacket(PacketCode.AccessAccept);
response.AddAttribute("Acct-Interim-Interval", 60);
return(response);
}
return(packet.CreateResponsePacket(PacketCode.AccessReject));
}
_log.Info($"Cant handle request code {packet.Code}");
throw new InvalidOperationException($"Can't handle other requests besides AccessRequests with code {PacketCode.AccessRequest}");
}
public IRadiusPacket HandlePacket(IRadiusPacket packet)
{
if (packet.Code == PacketCode.AccountingRequest)
{
switch (packet.GetAttribute <AcctStatusType>("Acct-Status-Type"))
{
case AcctStatusType.Start:
case AcctStatusType.Stop:
case AcctStatusType.InterimUpdate:
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
default:
break;
}
}
else if (packet.Code == PacketCode.AccessRequest)
{
if (packet.GetAttribute <string>("User-Name") == UserName && packet.GetAttribute <string>("User-Password") == UserPassword)
{
var response = packet.CreateResponsePacket(PacketCode.AccessAccept);
response.AddAttribute("Acct-Interim-Interval", 60);
return(response);
}
return(packet.CreateResponsePacket(PacketCode.AccessReject));
}
throw new InvalidOperationException("Couldnt handle request?!");
}
private IRadiusPacket Interim(IRadiusPacket packet)
{
var user = UsernameDomain.Parse(packet.GetAttribute <String>("User-Name"));
var msisdn = packet.GetAttribute <String>("Calling-Station-Id");
var acctSessionId = packet.GetAttribute <String>("Acct-Session-Id");
var acctStatusType = "Alive"; // duuh
var acctInputOctets = packet.GetAttribute <UInt32>("Acct-Input-Octets");
var acctOutputOctets = packet.GetAttribute <UInt32>("Acct-Output-Octets");
var acctSessionTime = packet.GetAttribute <UInt32>("Acct-Session-Time");
var acctInputGigawords = packet.GetAttribute <UInt32?>("Acct-Input-Gigawords");
var acctOutputGigawords = packet.GetAttribute <UInt32?>("Acct-Output-Gigawords");
var nasIpAddress = packet.GetAttribute <IPAddress>("NAS-IP-Address");
var mccmnc = Utils.GetMccMncFrom3GPPLocationInfo(packet.GetAttribute <Byte[]>("3GPP-User-Location-Info")).mccmnc;
_log.Debug($"Handling interim packet for {msisdn} on {mccmnc} with AcctSessionId {acctSessionId}");
using (var db = _contextFactory.GetContext())
{
db.AccountingInterim(user.Username, user.Domain, msisdn, acctStatusType, acctSessionId, acctInputOctets, acctOutputOctets,
(int)acctSessionTime, acctInputGigawords, acctOutputGigawords);
}
Task.Factory.StartNew(() =>
{
if (CheckDisconnect(acctSessionId))
{
_disconnector.DisconnectUserByMsisdn(msisdn);
}
}, TaskCreationOptions.LongRunning);
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
}
private IRadiusPacket Start(IRadiusPacket packet)
{
var user = UsernameDomain.Parse(packet.GetAttribute <String>("User-Name"));
var msisdn = packet.GetAttribute <String>("Calling-Station-Id");
var acctSessionId = packet.GetAttribute <String>("Acct-Session-Id");
var acctStatusType = "Start"; // duuh
var locationInfo = Utils.GetMccMncFrom3GPPLocationInfo(packet.GetAttribute <Byte[]>("3GPP-User-Location-Info"));
_log.Debug($"Handling start packet for {msisdn} with AcctSessionId {acctSessionId}");
try
{
using (var db = _contextFactory.GetContext())
{
db.AccountingStart(user.Username, user.Domain, msisdn, acctStatusType, acctSessionId, locationInfo.mccmnc);
}
Task.Factory.StartNew(() => _welcomeSender.CheckWelcomeSms(msisdn), TaskCreationOptions.LongRunning);
}
catch (EntityCommandExecutionException ex)
{
if (ex.InnerException?.Message.Contains("duplicate") ?? false)
{
_log.Warn($"Duplicate start packet for AcctSessionId {acctSessionId}");
}
else
{
throw;
}
}
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
}
public IRadiusPacket HandlePacket(IRadiusPacket packet)
{
// Simulate lag
//Thread.Sleep(new Random().Next(100, 3000));
if (packet.Authenticator != null)
{
Console.WriteLine($"Authenticator {packet.Authenticator.ToHexString()}");
}
if (packet.SharedSecret != null)
{
Console.WriteLine($"SharedSecret {packet.SharedSecret.ToHexString()}");
}
foreach (var att in packet.Attributes)
{
Console.WriteLine($"ATT : {att.Key} - {att.Value}");
}
var userName = packet.GetAttribute <String>("User-Name");
var password = packet.GetAttribute <String>("User-Password");
var chap_password = packet.GetAttribute <byte[]>("CHAP-Password");
Console.WriteLine($"userName {userName} password : {password} chap-password : {chap_password?.ToHexString()}");
if (packet.Code == PacketCode.AccountingRequest)
{
var acctStatusType = packet.GetAttribute <AcctStatusType>("Acct-Status-Type");
if (acctStatusType == AcctStatusType.Start)
{
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
}
if (acctStatusType == AcctStatusType.Stop)
{
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
}
if (acctStatusType == AcctStatusType.InterimUpdate)
{
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
}
}
else if (packet.Code == PacketCode.AccessRequest)
{
if (packet.GetAttribute <String>("User-Name") == "*****@*****.**" && packet.GetAttribute <String>("User-Password") == "1234")
{
var response = packet.CreateResponsePacket(PacketCode.AccessAccept);
response.AddAttribute("Acct-Interim-Interval", 60);
return(response);
}
return(packet.CreateResponsePacket(PacketCode.AccessReject));
}
throw new InvalidOperationException("Couldnt handle request?!");
}
private IRadiusPacket Authenticate(IRadiusPacket packet)
{
var msisdn = packet.GetAttribute <String>("Calling-Station-Id");
if (!packet.Attributes.ContainsKey("3GPP-User-Location-Info"))
{
_log.Warn("Missing 3GPP-User-Location-Info in packet, ignoring");
return(null);
}
var locationInfo = Utils.GetMccMncFrom3GPPLocationInfo(packet.GetAttribute <Byte[]>("3GPP-User-Location-Info"));
_log.Debug($"Handling authentication packet for {msisdn} on network {locationInfo.locationType}:{locationInfo.mccmnc}");
using (var db = _contextFactory.GetContext())
{
if (locationInfo.mccmnc == "99999")
{
_log.Warn($"No location info for msisdn {msisdn} check m2m portal 3GPP-SGSN-Address: {packet.GetAttribute<IPAddress>("3GPP-SGSN-Address")}");
return(packet.CreateResponsePacket(PacketCode.AccessReject));
}
var result = db.Authenticate1(msisdn, "flexinets", msisdn, locationInfo.mccmnc).ToList();
if (result.Count > 0 && result.First() == null)
{
var response = packet.CreateResponsePacket(PacketCode.AccessAccept);
response.AddAttribute("Acct-Interim-Interval", 60);
return(response);
}
else
{
try
{
var mccmnc = Convert.ToInt32(locationInfo.mccmnc);
var network = db.Networks.SingleOrDefault(o => o.mccmnc == mccmnc);
var simcard = db.SimCards.SingleOrDefault(o => o.Msisdn == msisdn);
var sb = new StringBuilder();
sb.AppendLine($"Authentication failed for {msisdn} on network {mccmnc} ({network?.providername}, {network?.countryname})");
if (simcard.user_id == null)
{
sb.AppendLine("Sim card not mapped to a user");
}
else
{
sb.AppendLine($"User: {simcard.UserSetting.user.username}@{simcard.UserSetting.user.realm}, group: {simcard.UserSetting.user.directory.name}");
}
_log.Warn(sb.ToString().Trim()); // todo needs throttling to reduce unwanted spam
}
catch (Exception ex)
{
_log.Error("huh?", ex);
}
return(packet.CreateResponsePacket(PacketCode.AccessReject));
}
}
}
private IRadiusPacket Stop(IRadiusPacket packet)
{
var user = UsernameDomain.Parse(packet.GetAttribute <String>("User-Name"));
var msisdn = packet.GetAttribute <String>("Calling-Station-Id");
var acctSessionId = packet.GetAttribute <String>("Acct-Session-Id");
var acctStatusType = "Stop"; // duuh
var acctInputOctets = packet.GetAttribute <UInt32>("Acct-Input-Octets");
var acctOutputOctets = packet.GetAttribute <UInt32>("Acct-Output-Octets");
var acctSessionTime = packet.GetAttribute <UInt32>("Acct-Session-Time");
var acctTerminateCause = packet.GetAttribute <UInt32>("Acct-Terminate-Cause"); // oh crap, guess i need values as well...
var acctInputGigawords = packet.GetAttribute <UInt32?>("Acct-Input-Gigawords");
var acctOutputGigawords = packet.GetAttribute <UInt32?>("Acct-Output-Gigawords");
_log.Debug($"Handling stop packet for {msisdn} with AcctSessionId {acctSessionId}");
try
{
using (var db = _contextFactory.GetContext())
{
db.AccountingStop(user.Username, user.Domain, msisdn, acctStatusType, acctSessionId, acctInputOctets, acctOutputOctets,
(int)acctSessionTime, acctTerminateCause.ToString(), acctInputGigawords, acctOutputGigawords);
}
}
catch (EntityCommandExecutionException ex)
{
if (ex.InnerException?.Message.Contains("duplicate") ?? false)
{
_log.Warn($"Duplicate stop packet for AcctSessionId {acctSessionId}");
}
else
{
throw;
}
}
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
}
/// <summary>
/// Authenticate user through proxy or locally
/// </summary>
/// <param name="packet"></param>
/// <returns></returns>
private IRadiusPacket AuthenticateUser(IRadiusPacket packet)
{
var usernamedomain = packet.GetAttribute <String>("User-Name").ToLowerInvariant();
var packetPassword = packet.GetAttribute <String>("User-Password");
var proxyresponse = _authProxy.ProxyAuthentication(usernamedomain, packetPassword);
if (proxyresponse.HasValue)
{
_log.Info($"Got response from proxy for username {usernamedomain}");
return(packet.CreateResponsePacket(proxyresponse.Value));
}
else
{
using (var db = _contextFactory.GetContext())
{
var username = UsernameDomain.Parse(usernamedomain);
var userid = _userAuthProvider.AuthenticateAsync(username.Username, username.Domain, packetPassword).Result;
if (userid.HasValue)
{
return(packet.CreateResponsePacket(PacketCode.AccessAccept));
}
else
{
var user = db.users.SingleOrDefault(o => o.username == username.Username && o.realm == username.Domain);
if (user == null)
{
_log.Warn($"Username {usernamedomain} not found");
}
else if (user.status != 1)
{
_log.Warn($"Username {usernamedomain} is not active, email: {user.email}");
}
else
{
_log.Warn($"Bad password for user {usernamedomain}, password is {packetPassword.Length} characters, email: {user.email}");
}
var location = packet.GetAttribute <String>("Ipass-Location-Description");
if (!String.IsNullOrEmpty(location))
{
_log.Warn($"iPass location description: {location}");
}
return(packet.CreateResponsePacket(PacketCode.AccessReject));
}
}
}
}
public IRadiusPacket HandlePacket(IRadiusPacket packet)
{
if (packet.Code == PacketCode.AccessRequest)
{
if (packet.GetAttribute <String>("User-Password") == "arctangent")
{
var responsepacket = packet.CreateResponsePacket(PacketCode.AccessAccept);
responsepacket.AddAttribute("Service-Type", 1);
responsepacket.AddAttribute("Login-Service", 0);
responsepacket.AddAttribute("Login-IP-Host", IPAddress.Parse("192.168.1.3"));
return(responsepacket);
}
}
var sb = new StringBuilder();
sb.AppendLine($"Packet dump for {packet.Identifier}:");
foreach (var attribute in packet.Attributes)
{
attribute.Value.ForEach(o => sb.AppendLine($"{attribute.Key} : {o} [{o.GetType()}]"));
}
Console.WriteLine(sb.ToString());
//Console.WriteLine(packet.GetAttribute<String>("3GPP-GGSN-MCC-MNC"));
throw new InvalidOperationException("Couldnt handle request?!");
}
/// <summary>
/// Authentication
/// </summary>
/// <param name="packet"></param>
/// <returns></returns>
private IRadiusPacket HandleAuthenticationPacket(IRadiusPacket packet)
{
_log.Info($"Handling {packet.Code} packet for {packet.GetAttribute<String>("User-Name")}");
var usernamedomain = packet.GetAttribute <String>("User-Name").ToLowerInvariant();
var response = AuthenticateUser(packet);
if (response.Code == PacketCode.AccessReject)
{
_failures.Add(usernamedomain);
}
else if (response.Code == PacketCode.AccessAccept)
{
if (_failures.Contains(usernamedomain))
{
_log.Warn($"Username {usernamedomain} authenticated after failures");
_failures.Remove(usernamedomain);
}
}
return(response);
}
public IRadiusPacket HandlePacket(IRadiusPacket packet)
{
if (packet.Code == PacketCode.AccessRequest)
{
return(Authenticate(packet));
}
else if (packet.Code == PacketCode.AccountingRequest && packet.GetAttribute <AcctStatusType>("Acct-Status-Type") == AcctStatusType.Start)
{
return(Start(packet));
}
else if (packet.Code == PacketCode.AccountingRequest && packet.GetAttribute <AcctStatusType>("Acct-Status-Type") == AcctStatusType.Stop)
{
return(Stop(packet));
}
else if (packet.Code == PacketCode.AccountingRequest && packet.GetAttribute <AcctStatusType>("Acct-Status-Type") == AcctStatusType.InterimUpdate)
{
return(Interim(packet));
}
throw new InvalidOperationException($"Nothing configured for {packet.Code}");
}
public IRadiusPacket HandlePacket(IRadiusPacket packet)
{
// Simulate lag
//Thread.Sleep(new Random().Next(100, 3000));
if (packet.Code == PacketCode.AccountingRequest)
{
var acctStatusType = packet.GetAttribute <AcctStatusType>("Acct-Status-Type");
if (acctStatusType == AcctStatusType.Start)
{
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
}
if (acctStatusType == AcctStatusType.Stop)
{
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
}
if (acctStatusType == AcctStatusType.InterimUpdate)
{
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
}
}
else if (packet.Code == PacketCode.AccessRequest)
{
if (packet.GetAttribute <String>("User-Name") == "*****@*****.**" && packet.GetAttribute <String>("User-Password") == "1234")
{
var response = packet.CreateResponsePacket(PacketCode.AccessAccept);
response.AddAttribute("Acct-Interim-Interval", 60);
return(response);
}
return(packet.CreateResponsePacket(PacketCode.AccessReject));
}
throw new InvalidOperationException("Couldnt handle request?!");
}
/// <summary>
/// Accounting
/// </summary>
/// <param name="packet"></param>
/// <returns></returns>
private IRadiusPacket HandleAccountingPacket(IRadiusPacket packet)
{
var acctStatusType = packet.GetAttribute <AcctStatusType>("Acct-Status-Type");
if (acctStatusType == AcctStatusType.Start || acctStatusType == AcctStatusType.Stop)
{
var usernamedomain = UsernameDomain.Parse(packet.GetAttribute <String>("User-Name"));
var nodeid = GetUserNodeId(usernamedomain.Username, usernamedomain.Domain);
_log.Info($"Handling {acctStatusType} packet for {usernamedomain}");
try
{
using (var db = _contextFactory.GetContext())
{
var entry = new radiatoraccounting
{
username = usernamedomain.Username,
realm = usernamedomain.Domain,
node_id = nodeid,
ACCTSTATUSTYPE = (packet.GetAttribute <AcctStatusType>("Acct-Status-Type")).ToString(),
ACCTINPUTOCTETS = Convert.ToUInt32(packet.GetAttribute <UInt32?>("Acct-Input-Octets")),
ACCTOUTPUTOCTETS = Convert.ToUInt32(packet.GetAttribute <UInt32?>("Acct-Output-Octets")),
ACCTSESSIONID = packet.GetAttribute <String>("Acct-Session-Id"),
ACCTSESSIONTIME = Convert.ToInt32(packet.GetAttribute <UInt32?>("Acct-Session-Time")),
NASIDENTIFIER = packet.GetAttribute <String>("NAS-Identifier"),
NASPORT = packet.GetAttribute <UInt32?>("NAS-Port"),
NASPORTTYPE = packet.GetAttribute <UInt32?>("NAS-Port-Type").ToString(),
WISPrLocationName = packet.GetAttribute <String>("WISPr-Location-Name"),
temp = packet.GetAttribute <String>("Ipass-Location-Description"),
timestamp_datetime = packet.Attributes.ContainsKey("Timestamp") ? (DateTime?)DateTimeOffset.FromUnixTimeSeconds(packet.GetAttribute <Int32>("Timestamp")).UtcDateTime : DateTime.UtcNow
};
db.radiatoraccountings.Add(entry);
db.SaveChanges();
}
}
catch (DbUpdateConcurrencyException)
{
_log.Info($"Duplicate {acctStatusType} request received");
}
catch (Exception ex)
{
_log.Error("Something went wrong", ex);
}
if (acctStatusType == AcctStatusType.Start)
{
try
{
using (var db = _contextFactory.GetContext())
{
db.radiatoronlines.Add(new radiatoronline
{
username = usernamedomain.Username,
realm = usernamedomain.Domain,
node_id = nodeid,
ACCTSESSIONID = packet.GetAttribute <String>("Acct-Session-Id"),
timestamp_datetime = packet.Attributes.ContainsKey("Timestamp") ? (DateTime?)DateTimeOffset.FromUnixTimeSeconds(packet.GetAttribute <Int32>("Timestamp")).UtcDateTime : DateTime.UtcNow,
NASIDENTIFIER = packet.GetAttribute <String>("NAS-Identifier"),
NASPORT = packet.GetAttribute <UInt32?>("NAS-Port"),
NASPORTTYPE = packet.GetAttribute <UInt32?>("NAS-Port-Type").ToString(),
WISPrLocationName = packet.GetAttribute <String>("Ipass-Location-Description")
});
db.SaveChanges();
}
}
catch (DbUpdateConcurrencyException)
{
_log.Info("Cannot insert duplicate in radiatoronline");
}
}
if (acctStatusType == AcctStatusType.Stop)
{
try
{
using (var db = _contextFactory.GetContext())
{
var acctsessionid = packet.GetAttribute <String>("Acct-Session-Id");
var online = db.radiatoronlines.SingleOrDefault(o => o.ACCTSESSIONID == acctsessionid);
if (online != null)
{
db.radiatoronlines.Remove(online);
db.SaveChanges();
}
}
}
catch (DbUpdateConcurrencyException)
{
_log.Info("Nothing to remove from online");
}
}
}
return(packet.CreateResponsePacket(PacketCode.AccountingResponse));
}