Lists other than request in rlm_rest

Jorge Pereira jpereira at freeradius.org
Tue Jan 12 03:53:13 CET 2021


Assuming that you want to “reply” jSON packet. You could do something like:

1. Set the mods-enable/rest with something like:

>> post-auth {
>>  uri = “/path?foo=postauth-whatever”
>>  method = “post”
>>  data = "%{control:Tmp-String-0}"
>>  body = 'json'
>>  force_to = 'plain'
>> }

2. Just do your logic like:

If ("%{User-Name}" == “ tapioca”) {
   update control {
       &Tmp-String-0 := “{ \”myfield\”: \”hello tapioca\” }”
   }
} else {
   update control {
       &Tmp-String-0 := “{ \”error\”: \”bad things here\” }”
   }
}

--
Jorge Pereira
jpereira at freeradius.org




> Em 11 de jan de 2021, à(s) 20:57, Nathan Ward <lists+freeradius at daork.net> escreveu:
> 
> Hi Jorge,
> 
>> On 12/01/2021, at 11:43 AM, Jorge Pereira <jpereira at freeradius.org> wrote:
>> 
>> Hi Nathan,
>> 
>> Take a look at the option “data” as described in https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/mods-available/rest#L78 <https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/mods-available/rest#L78>
>> 
>> e.g:
>> 
>> post-auth {
>>  uri = “/path?foo=postauth-whatever”
>>  method = “post”
>>  data = “{ control_tmp_string_0 = \”%{control:Tmp-String-0}\” }”
>>  body = 'json'
>>  force_to = 'plain'
>> }
>> 
>> You mean something like that?
> 
> That sort of thing - though this requires that I know what all the attributes are.
> Of course it’s my config, so I do, but I’d like to be able to just say “stick all the reply attributes in here” or something. Otherwise I have to have some logic to test for existence of each one, then include each instance of it, etc. etc.
> If I was proxying I would not know what all the attributes are - in my use case I’m not proxying, but I could imagine it would be useful for others.
> 
> I’m not above doing a patch to rlm_rest to be able to include the request/reply/control attribute lists rather than packet->vps - assuming that that’s not a crazy bad idea for internal reasons I don’t understand.. Thoughts?
> 
> --
> Nathan Ward
> 
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



More information about the Freeradius-Users mailing list