radius: Make secret actually configurable

Author: the-maldridge

main.go

@@ -56,7 +56,11 @@ func main() {
 	}
 	nacl.SetServiceName("netradius")
 
-	srvr, err := radius.New(radius.WithLogger(appLogger), radius.WithNetAuth(nacl))
+	srvr, err := radius.New(
+		radius.WithLogger(appLogger),
+		radius.WithNetAuth(nacl),
+		radius.WithSecret(os.Getenv("NETAUTH_RADIUS_SECRET")),
+	)
 	if err != nil {
 		appLogger.Error("Error initializing", "error", err)
 		os.Exit(1)

radius/option.go

@@ -19,3 +19,11 @@ func WithNetAuth(n netauth) Option {
 		return nil
 	}
 }
+
+// WithSecret sets the RADIUS secret for the server.
+func WithSecret(scrt string) Option {
+	return func(s *Server) error {
+		s.secret = scrt
+		return nil
+	}
+}

radius/server.go

@@ -42,7 +42,7 @@ func (s *Server) handler(w radius.ResponseWriter, r *radius.Request) {
 func (s *Server) Serve() error {
 	server := radius.PacketServer{
 		Handler:      radius.HandlerFunc(s.handler),
-		SecretSource: radius.StaticSecretSource([]byte("secret")),
+		SecretSource: radius.StaticSecretSource([]byte(s.secret)),
 	}
 	s.radsrv = server
 

radius/type.go

@@ -13,6 +13,8 @@ type Server struct {
 	n   netauth
 
 	radsrv radius.PacketServer
+
+	secret string
 }
 
 // Option enables passing of various options to the server on startup.