mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2025-01-24 05:16:55 +02:00
[Web] IAM - add delete option & fix test connection
This commit is contained in:
parent
61ab17d8a1
commit
3c62a7fd9f
@ -2167,14 +2167,20 @@ function identity_provider($_action, $_data = null, $hide_secret = false) {
|
||||
return true;
|
||||
break;
|
||||
case 'test':
|
||||
$identity_provider_settings = identity_provider('get');
|
||||
$url = "{$identity_provider_settings['server_url']}/realms/{$identity_provider_settings['realm']}/protocol/openid-connect/token";
|
||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'danger',
|
||||
'log' => array(__FUNCTION__, $_action, $_data),
|
||||
'msg' => 'access_denied'
|
||||
);
|
||||
return false;
|
||||
}
|
||||
|
||||
$url = "{$_data['server_url']}/realms/{$_data['realm']}/protocol/openid-connect/token";
|
||||
$req = http_build_query(array(
|
||||
'grant_type' => 'password',
|
||||
'client_id' => $identity_provider_settings['client_id'],
|
||||
'client_secret' => $identity_provider_settings['client_secret'],
|
||||
'username' => "test",
|
||||
'password' => "test",
|
||||
'grant_type' => 'client_credentials',
|
||||
'client_id' => $_data['client_id'],
|
||||
'client_secret' => $_data['client_secret']
|
||||
));
|
||||
$curl = curl_init();
|
||||
curl_setopt($curl, CURLOPT_URL, $url);
|
||||
@ -2182,13 +2188,29 @@ function identity_provider($_action, $_data = null, $hide_secret = false) {
|
||||
curl_setopt($curl, CURLOPT_POSTFIELDS, $req);
|
||||
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
|
||||
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
|
||||
$res = json_decode(curl_exec($curl), true);
|
||||
$res = curl_exec($curl);
|
||||
$code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
|
||||
curl_close ($curl);
|
||||
|
||||
if ($res["error"] && $res["error"] === 'invalid_grant'){
|
||||
return true;
|
||||
}
|
||||
if ($code != 200) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
break;
|
||||
case "delete":
|
||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'danger',
|
||||
'log' => array(__FUNCTION__, $_action, $_data),
|
||||
'msg' => 'access_denied'
|
||||
);
|
||||
return false;
|
||||
}
|
||||
|
||||
$stmt = $pdo->prepare("DELETE FROM identity_provider;");
|
||||
$stmt->execute();
|
||||
|
||||
return true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
@ -752,14 +752,22 @@ jQuery(function($){
|
||||
// IAM test connection
|
||||
$('#iam_test_connection').click(async function(e){
|
||||
e.preventDefault();
|
||||
var res = await fetch("/api/v1/get/status/identity-provider", { method:'GET', cache:'no-cache' });
|
||||
var data = { attr: $('form[data-id="iam_sso"]').serializeObject() };
|
||||
var res = await fetch("/api/v1/edit/identity-provider-test", {
|
||||
headers: {
|
||||
"Content-Type": "application/json",
|
||||
},
|
||||
method:'POST',
|
||||
cache:'no-cache',
|
||||
body: JSON.stringify(data)
|
||||
});
|
||||
res = await res.json();
|
||||
console.log(res);
|
||||
if (res.type === 'success'){
|
||||
return mailcow_alert_box(lang_success.iam_test_connection, 'success');
|
||||
}
|
||||
return mailcow_alert_box(lang_danger.iam_test_connection, 'danger');
|
||||
});
|
||||
|
||||
$('#iam_rolemap_add').click(async function(e){
|
||||
e.preventDefault();
|
||||
|
||||
|
@ -1702,19 +1702,6 @@ if (isset($_GET['query'])) {
|
||||
'version' => $GLOBALS['MAILCOW_GIT_VERSION']
|
||||
));
|
||||
break;
|
||||
case "identity-provider":
|
||||
if (identity_provider('test')){
|
||||
echo json_encode(array(
|
||||
'type' => 'success',
|
||||
'msg' => 'connection successfull'
|
||||
));
|
||||
} else {
|
||||
echo json_encode(array(
|
||||
'type' => 'error',
|
||||
'msg' => 'connection failed'
|
||||
));
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
break;
|
||||
@ -1879,6 +1866,9 @@ if (isset($_GET['query'])) {
|
||||
case "rlhash":
|
||||
echo ratelimit('delete', null, implode($items));
|
||||
break;
|
||||
case "identity-provider":
|
||||
process_delete_return(identity_provider('delete'));
|
||||
break;
|
||||
// return no route found if no case is matched
|
||||
default:
|
||||
http_response_code(404);
|
||||
@ -2098,8 +2088,12 @@ if (isset($_GET['query'])) {
|
||||
case "cors":
|
||||
process_edit_return(cors('edit', $attr));
|
||||
case "identity_provider":
|
||||
case "identity-provider":
|
||||
process_edit_return(identity_provider('edit', $attr));
|
||||
break;
|
||||
case "identity-provider-test":
|
||||
process_edit_return(identity_provider('test', $attr));
|
||||
break;
|
||||
// return no route found if no case is matched
|
||||
default:
|
||||
http_response_code(404);
|
||||
|
Loading…
x
Reference in New Issue
Block a user