From 0d78fcf68112fa90c34a4fc0775a8b553a20158d Mon Sep 17 00:00:00 2001 From: Junaid Saeed Uppal Date: Tue, 23 Dec 2025 23:33:21 +0500 Subject: [PATCH] Switch to authorization-only approach (like sample config) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit CGRateS PAP has null-padding bug that requires newer version with *strip fix. Using *authorize + *attributes instead of *radauth. This checks if account exists (authorization) but does NOT verify passwords (authentication). Same approach as the working sample. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- cgrates.json | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/cgrates.json b/cgrates.json index ce5d5b1..6858467 100644 --- a/cgrates.json +++ b/cgrates.json @@ -82,23 +82,23 @@ }, "request_processors": [ { - "id": "AuthPAP", + "id": "Authorization", "filters": ["*string:~*vars.*radReqType:*radAuth"], - "flags": ["*radauth", "*pap", "*log"], + "flags": ["*authorize", "*attributes", "*log"], "request_fields": [ - {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*constant", - "value": "test"} + {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "data"}, + {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", "value": "*prepaid", "mandatory": true}, + {"tag": "OriginID", "path": "*cgreq.OriginID", "type": "*composed", "value": "~*req.Acct-Session-Id", "mandatory": true}, + {"tag": "Account", "path": "*cgreq.Account", "type": "*composed", "value": "~*req.User-Name", "mandatory": true}, + {"tag": "Subject", "path": "*cgreq.Subject", "type": "*composed", "value": "~*req.User-Name", "mandatory": true}, + {"tag": "Destination", "path": "*cgreq.Destination", "type": "*constant", "value": "*any", "mandatory": true}, + {"tag": "SetupTime", "path": "*cgreq.SetupTime", "type": "*composed", "value": "~*req.Event-Timestamp;*now", "mandatory": true} ], "reply_fields": [ - {"tag": "RemoveOnError", "filters": ["*notempty:~*cgrep.Error:"], "type": "*removeall", "path": "*rep"}, - {"tag": "Code", "path": "*rep.*radReplyCode", "filters": ["*notempty:~*cgrep.Error:"], - "type": "*constant", "value": "AccessReject"}, {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "filters": ["*notempty:~*cgrep.Error:"], "type": "*variable", "value": "~*cgrep.Error"}, - {"tag": "SessionTimeout", "path": "*rep.Session-Timeout", "filters": ["*empty:~*cgrep.Error:"], - "type": "*constant", "value": "3600"}, - {"tag": "AcctInterimInterval", "path": "*rep.Acct-Interim-Interval", "filters": ["*empty:~*cgrep.Error:"], - "type": "*constant", "value": "30"} + {"tag": "SessionTimeout", "path": "*rep.Session-Timeout", "type": "*constant", "value": "3600"}, + {"tag": "AcctInterimInterval", "path": "*rep.Acct-Interim-Interval", "type": "*constant", "value": "30"} ] } ]