Adding Cleartext-Password for EAP requests (new module development)
Suneth Kariyawasam
sunethnk at gmail.com
Wed Aug 11 16:12:44 CEST 2021
REST module works based on the HTTP response code and the response body
needs to be in a specific format if I am not mistaken (Please correct me if
I am wrong). This module will use a config similar to below where regex and
json-c pointer support is added to evaluate the response body.
openiam {
connect_uri = "
http://officedepotpoc.openiam.com/idp/rest/api/auth/public/login"
http_method = "POST"
connect_timeout = 5000
http_headers = '{"Host" : "freeradius.local", "Accept":
"application/json", "Content-Type" : "application/json" }'
payload = '{ "login" : "%{User-Name}" , "password" : "%{User-Password}"
}'
verify_status = '{"/status" : 200, "/error" : false, "/errorList" :
"^null$" ,"/tokenInfo/authToken" : ".*", "/passwordExpired" : false,
"/possibleErrors" : "^null$" }'
reply_avp_map = '{ "Cisco-AVPair" : "/tokenInfo/authToken" }'
}
On Wed, Aug 11, 2021 at 7:38 PM Alan DeKok <aland at deployingradius.com>
wrote:
> On Aug 11, 2021, at 10:06 AM, Suneth Kariyawasam <sunethnk at gmail.com>
> wrote:
> >
> > I have gone through the code and the documentation but no luck.
>
> There are literally hundreds of examples of adding attributes to a
> request. Just pick a module and read it.
>
> > The module can be open sourced because it adds the support for
> > authorization from a RESTful API and parses the response based on the
> > JSON/XML fields, finally authorizes the request.
>
> There's already a REST module which does that. Why is there a need for
> a new module?
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/devel.html
More information about the Freeradius-Devel
mailing list