From 16d0bb79ee0bd13c19267f4bcc06cb4129a0f4de Mon Sep 17 00:00:00 2001
From: Thijs Kinkhorst <thijs@kinkhorst.com>
Date: Wed, 24 Feb 2016 14:56:19 +0000
Subject: [PATCH] Add parameter 'realm' that will be suffixed to the username
 entered.

---
 modules/radius/docs/radius.txt            |  9 +++++++++
 modules/radius/lib/Auth/Source/Radius.php | 14 ++++++++++++--
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/modules/radius/docs/radius.txt b/modules/radius/docs/radius.txt
index b411a9792..ae5e70d3a 100644
--- a/modules/radius/docs/radius.txt
+++ b/modules/radius/docs/radius.txt
@@ -52,6 +52,15 @@ authentication source which uses the `radius:Radius` module to
          */
         'nas_identifier' => 'client.example.org',
 
+        /*
+         * An optional realm that will be suffixed to the username entered
+         * by the user. When set to "example.edu", and the user enters
+         * "bob" as their username, the radius server will be queried for
+         * the username "bob@example.edu".
+         * Optional, defaults to NULL.
+         */
+        'realm' => 'example.edu',
+
         /*
          * The attribute name we should store the username in. Ths username
          * will not be saved in any attribute if this is NULL.
diff --git a/modules/radius/lib/Auth/Source/Radius.php b/modules/radius/lib/Auth/Source/Radius.php
index 93c1b13c3..994780686 100644
--- a/modules/radius/lib/Auth/Source/Radius.php
+++ b/modules/radius/lib/Auth/Source/Radius.php
@@ -39,6 +39,11 @@ class sspmod_radius_Auth_Source_Radius extends sspmod_core_Auth_UserPassBase
      */
     private $retries;
 
+    /**
+     * The realm to be added to the entered username.
+     */
+    private $realm;
+
     /**
      * The attribute name where the username should be stored.
      */
@@ -90,6 +95,7 @@ class sspmod_radius_Auth_Source_Radius extends sspmod_core_Auth_UserPassBase
         }
         $this->timeout = $config->getInteger('timeout', 5);
         $this->retries = $config->getInteger('retries', 3);
+        $this->realm = $config->getString('realm', null);
         $this->usernameAttribute = $config->getString('username_attribute', null);
         $this->nasIdentifier = $config->getString('nas_identifier',
             isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost');
@@ -139,10 +145,14 @@ class sspmod_radius_Auth_Source_Radius extends sspmod_core_Auth_UserPassBase
                 radius_strerror($radius));
         }
 
-        radius_put_attr($radius, RADIUS_USER_NAME, $username);
+        if ($this->realm === null) {
+            radius_put_attr($radius, RADIUS_USER_NAME, $username);
+        } else {
+            radius_put_attr($radius, RADIUS_USER_NAME, $username . '@' . $this->realm);
+        }
         radius_put_attr($radius, RADIUS_USER_PASSWORD, $password);
 
-        if ($this->nasIdentifier != null) {
+        if ($this->nasIdentifier !== null) {
             radius_put_attr($radius, RADIUS_NAS_IDENTIFIER, $this->nasIdentifier);
         }
 
-- 
GitLab