private async static Task Authenticate(string[] args) { RadiusClient rc = new RadiusClient(args[0], args[1]); RadiusPacket authPacket = rc.Authenticate(args[2], args[3]); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 1, UTF8Encoding.UTF8.GetBytes("Testing"))); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 2, new[] { (byte)7 })); RadiusPacket receivedPacket = await rc.SendAndReceivePacket(authPacket); if (receivedPacket == null) { throw new Exception("Can't contact remote radius server !"); } switch (receivedPacket.PacketType) { case RadiusCode.ACCESS_ACCEPT: Console.WriteLine("Accepted"); foreach (var attr in receivedPacket.Attributes) { Console.WriteLine(attr.Type.ToString() + " = " + attr.Value); } break; case RadiusCode.ACCESS_CHALLENGE: Console.WriteLine("Challenged"); break; default: Console.WriteLine("Rejected"); break; } }
static int Main() { var username = Environment.GetEnvironmentVariable("username"); var password = Environment.GetEnvironmentVariable("password"); if (String.IsNullOrEmpty(username) || String.IsNullOrEmpty(password)) { Console.WriteLine("environment variables username or password undefined"); return(1); } if (Config.Settings == null) { Console.WriteLine("Config is empty/unreadable"); return(1); } if (Config.Settings.Servers == null || Config.Settings.Servers.Count == 0) { Console.WriteLine("No servers found in config"); return(1); } var res = Parallel.ForEach(Config.Settings.Servers.Cast <ServerElement>(), (server, state) => { // Console.WriteLine("server.name = {0}, sharedsecret={1}, retries={2}, wait={3}, authport={4}", server.Name, server.sharedsecret, server.retries, server.wait, server.authport); var rc = new RadiusClient(server.Name, server.sharedsecret, server.wait * 1000, server.authport); try { var authPacket = rc.Authenticate(username, password); if (Config.Settings.NAS_IDENTIFIER != null) { authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.NAS_IDENTIFIER, Encoding.ASCII.GetBytes(Config.Settings.NAS_IDENTIFIER))); } authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.NAS_PORT_TYPE, BitConverter.GetBytes((int)NasPortType.ASYNC))); var receivedPacket = rc.SendAndReceivePacket(authPacket, server.retries).Result; if (receivedPacket != null && receivedPacket.PacketType == RadiusCode.ACCESS_ACCEPT) { state.Stop(); } }catch (Exception) {} }); if (res.IsCompleted) { Console.WriteLine("Auth failed for: '{0}'", username); return(1); } else { Console.WriteLine("Auth Ok"); return(0); } }
private static void Main(string[] args) { if (args.Length != 4) { ShowUsage(); return; } try { RadiusClient rc = new RadiusClient(args[0], args[1]); RadiusPacket authPacket = rc.Authenticate(args[2], args[3]); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 1, UTF8Encoding.UTF8.GetBytes("Testing"))); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 2, new[] { (byte)7 })); RadiusPacket receivedPacket = rc.SendAndReceivePacket(authPacket).Result; if (receivedPacket == null) { throw new Exception("Can't contact remote radius server !"); } switch (receivedPacket.PacketType) { case RadiusCode.ACCESS_ACCEPT: Console.WriteLine("Accepted"); foreach (var attr in receivedPacket.Attributes) { Console.WriteLine(attr.Type.ToString() + " = " + attr.Value); } break; case RadiusCode.ACCESS_CHALLENGE: Console.WriteLine("Challenged"); break; default: Console.WriteLine("Rejected"); break; } } catch (Exception e) { Console.WriteLine("Error : " + e.Message); } Console.ReadLine(); }
/// <summary> /// Called by AD FS to perform the actual authentication. /// </summary> /// <param name="context"></param> /// <param name="proofData"></param> /// <param name="request"></param> /// <param name="claims"></param> /// <returns> If the Authentication Adapter has successfully performed /// the authentication a claim of type /// http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod /// is returned /// </returns> public IAdapterPresentation TryEndAuthentication(IAuthenticationContext context, IProofData proofData, System.Net.HttpListenerRequest request, out System.Security.Claims.Claim[] claims) { claims = null; IAdapterPresentation result = null; // Ensure the submitted form isn't empty. if (proofData == null || proofData.Properties == null || !proofData.Properties.ContainsKey("pin")) { if (this.debugLogging) { Logging.LogMessage("Either proofData is null or does not contain required property"); } throw new ExternalAuthenticationException(resMgr.GetString("Error_InvalidPIN", new System.Globalization.CultureInfo(context.Lcid)), context); } string pin = proofData.Properties["pin"].ToString(); string userName = this.identityClaim.Split('\\')[1]; // Construct RADIUS auth request. var authPacket = radiusClient.Authenticate(userName, pin); byte[] bIP = IPAddress.Parse(appConfig.NasAddress).GetAddressBytes(); authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.NAS_IP_ADDRESS, bIP)); var receivedPacket = radiusClient.SendAndReceivePacket(authPacket).Result; // Handle no response from RADIUS server. if (receivedPacket == null) { if (this.debugLogging) { Logging.LogMessage("No response received from RADIUS server."); } throw new ExternalAuthenticationException(resMgr.GetString("Error_RADIUS_NULL", new System.Globalization.CultureInfo(context.Lcid)), context); } // Examine the different RADIUS responses switch (receivedPacket.PacketType) { case RadiusCode.ACCESS_ACCEPT: System.Security.Claims.Claim claim = new System.Security.Claims.Claim("http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod", "http://schemas.microsoft.com/ws/2012/12/authmethod/otp"); claims = new System.Security.Claims.Claim[] { claim }; break; case RadiusCode.ACCESS_CHALLENGE: // No way to cater for this. Fail. result = new AdapterPresentation(resMgr.GetString("Error_RADIUS_ACCESS_CHALLENGE", new System.Globalization.CultureInfo(context.Lcid)), false); break; case RadiusCode.ACCESS_REJECT: result = new AdapterPresentation(resMgr.GetString("Error_InvalidPIN", new System.Globalization.CultureInfo(context.Lcid)), false); break; default: result = new AdapterPresentation(resMgr.GetString("Error_RADIUS_OTHER", new System.Globalization.CultureInfo(context.Lcid)), false); break; } if (this.debugLogging) { Logging.LogMessage( "Processed authentication response." + Environment.NewLine + "Packet Type: " + receivedPacket.PacketType.ToString() + Environment.NewLine + "User: " + this.identityClaim); } return(result); }
public static string AuthenticateRadius(string strHostName, uint nPort, string strSharedSecret, string strUserName, string strPassword, string strStateAttribut) { //strStateAttribut = "30-34-30-61-33-66-39-34-2D-65-39-39-36-2D-34-32-38-62-2D-38-32-65-63-2D-30-63-64-32-63-32-64-66-36-35-31-31"; //strStateAttribut = "040a3f94-e996-428b-82ec-0cd2c2df6511"; RadiusClient rc = new RadiusClient(strHostName, strSharedSecret, authPort: nPort); RadiusPacket authPacket = rc.Authenticate(strUserName, strPassword); if (strStateAttribut != "") { //string buffer = String.Join("", strStateAttribut.Split('-')); byte[] data = Encoding.UTF8.GetBytes(strStateAttribut); authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.STATE, data)); } else { authPacket.SetAttribute(new VendorSpecificAttribute(10135, 1, UTF8Encoding.UTF8.GetBytes("Testing"))); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 2, new[] { (byte)7 })); } RadiusPacket receivedPacket = rc.SendAndReceivePacket(authPacket); if (receivedPacket == null) { throw new SmartException(9901, "Can't contact remote radius server !"); } StringBuilder sbDebug = new StringBuilder(); StringBuilder sbRetour = new StringBuilder(); switch (receivedPacket.PacketType) { case RadiusCode.ACCESS_ACCEPT: sbRetour.Append("2#"); sbDebug.AppendLine("Access-Accept"); foreach (var attr in receivedPacket.Attributes) { sbDebug.AppendLine(attr.Type.ToString() + " = " + attr.Value); } break; case RadiusCode.ACCESS_CHALLENGE: sbRetour.Append("11#"); sbDebug.AppendLine("Access-Challenge"); foreach (var attr in receivedPacket.Attributes) { sbDebug.AppendLine(attr.Type.ToString() + " = " + attr.Value); if (attr.Type == RadiusAttributeType.STATE) { sbRetour.Append(attr.Value); } } break; case RadiusCode.ACCESS_REJECT: sbRetour.Append("3#"); sbDebug.AppendLine("Access-Reject"); if (!rc.VerifyAuthenticator(authPacket, receivedPacket)) { sbDebug.AppendLine("Authenticator check failed: Check your secret"); } break; default: sbRetour.Append("0#"); sbDebug.AppendLine("Rejected"); break; } //return sbDebug.ToString(); return(sbRetour.ToString()); }
/// <summary> /// Entry point /// </summary> /// <returns></returns> public static int Main() { _defaultLogFolder = Settings.Default.LogFolder; if (string.IsNullOrEmpty(_defaultLogFolder)) { return(5); } InitLogger(); var username = Environment.GetEnvironmentVariable("username"); var password = Environment.GetEnvironmentVariable("password"); if (string.IsNullOrEmpty(username)) { Log.ErrorLog.WriteLine("environment variable 'username' is undefined undefined"); return(1); } if (string.IsNullOrEmpty(password)) { Log.ErrorLog.WriteLine("environment variable 'password' is undefined undefined"); return(1); } if (Config.Settings == null) { Log.ErrorLog.WriteLine("Config is empty/unreadable"); return(2); } if (Config.Settings.Servers == null || Config.Settings.Servers.Count == 0) { Log.ErrorLog.WriteLine("No servers found in config"); return(3); } var res = Parallel.ForEach(Config.Settings.Servers.Cast <ServerElement>(), (server, state) => { Log.InformationLog.WriteLine(string.Format("server name = {0} , retries = {1}, wait = {2}, autport = {3}", server.Name, server.retries, server.wait, server.authport)); var rc = new RadiusClient(server.Name, server.sharedsecret, server.wait * 1000, server.authport); Log.InformationLog.WriteLine("Radius client initializated"); try { var authPacket = rc.Authenticate(username, password); if (Config.Settings.NAS_IDENTIFIER != null) { authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.NAS_IDENTIFIER, Encoding.ASCII.GetBytes(Config.Settings.NAS_IDENTIFIER))); } authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.NAS_PORT_TYPE, BitConverter.GetBytes((int)NasPortType.ASYNC))); var receivedPacket = rc.SendAndReceivePacket(authPacket, server.retries).Result; if (receivedPacket != null && receivedPacket.PacketType == RadiusCode.ACCESS_ACCEPT) { state.Stop(); } } catch (Exception ex) { Log.ErrorLog.WriteLine(ex); } }); if (res.IsCompleted) { //On a parcouru tous les srveurs et on n'a rien trouvé Log.ErrorLog.WriteLine(string.Format("Authentication failed for: {0}", username)); return(4); } else { Log.SuccessLog.WriteLine(string.Format("Authentication success for user {0}", username)); return(0); } }