Пример #1
0
use SURFnet\VPN\Common\Logger;
use SURFnet\VPN\Server\OtpLog;
use SURFnet\VPN\Server\Exception\TwoFactorException;
$logger = new Logger(basename($argv[0]));
$envData = [];
try {
    $envKeys = ['INSTANCE_ID', 'POOL_ID', 'common_name', 'username', 'password'];
    // read environment variables
    foreach ($envKeys as $envKey) {
        $envValue = getenv($envKey);
        if (empty($envValue)) {
            throw new RuntimeException(sprintf('environment variable "%s" is not set', $envKey));
        }
        $envData[$envKey] = $envValue;
    }
    $otpLog = new OtpLog(new PDO(sprintf('sqlite://%s/openvpn-data/%s/otp.sqlite', dirname(__DIR__), $envData['INSTANCE_ID'])));
    $connection = new TwoFactor(dirname(__DIR__), $otpLog);
    $connection->twoFactor($envData);
    $envData['ok'] = true;
    $envData['password'] = '******';
    $logger->info(json_encode($envData));
} catch (TwoFactorException $e) {
    $envData['ok'] = false;
    $envData['password'] = '******';
    $envData['error_msg'] = $e->getMessage();
    $logger->error(json_encode($envData));
    exit(1);
} catch (Exception $e) {
    $logger->error($e->getMessage());
    exit(1);
}
Пример #2
0
    $service->addAfterHook('no_cache', new NoCacheHook());
    // Authentication
    $authMethod = $config->v('authMethod');
    $tpl->addDefault(['authMethod' => $authMethod]);
    $session = new Session($request->getServerName(), $request->getRoot(), $config->v('secureCookie'));
    switch ($authMethod) {
        case 'MellonAuthentication':
            $service->addBeforeHook('auth', new MellonAuthenticationHook($config->v('MellonAuthentication', 'attribute')));
            break;
        case 'FormAuthentication':
            $tpl->addDefault(['_show_logout' => true]);
            $service->addBeforeHook('auth', new FormAuthenticationHook($session, $tpl));
            $service->addModule(new FormAuthenticationModule($config->v('FormAuthentication'), $session, $tpl));
            break;
        default:
            throw new RuntimeException('unsupported authentication mechanism');
    }
    // vpn-server-api
    $serverClient = new ServerClient(new GuzzleHttpClient(['defaults' => ['auth' => [$config->v('apiUser'), $config->v('apiPass')]]]), $config->v('apiUri'));
    $service->addBeforehook('two_factor', new TwoFactorHook($session, $tpl, $serverClient));
    // two factor module
    $twoFactorModule = new TwoFactorModule($serverClient, $session, $tpl);
    $service->addModule($twoFactorModule);
    $adminPortalModule = new AdminPortalModule($tpl, $serverClient);
    $service->addModule($adminPortalModule);
    $service->run($request)->send();
} catch (Exception $e) {
    $logger->error($e->getMessage());
    $response = new HtmlResponse($e->getMessage(), 500);
    $response->send();
}