1
0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2024-12-23 02:04:46 +02:00

init identity_provider only after all conditions are met

This commit is contained in:
FreddleSpl0it 2024-02-26 13:12:44 +01:00
parent 6928eb632e
commit d237157c0b
No known key found for this signature in database
GPG Key ID: 00E14E7634F4BEC5
4 changed files with 16 additions and 6 deletions

View File

@ -70,8 +70,6 @@ $_SESSION['acl']['protocol_access'] = "1";
$_SESSION['acl']['mailbox_relayhost'] = "1";
$_SESSION['acl']['unlimited_quota'] = "1";
// Init Keycloak Provider
$iam_provider = identity_provider('init');
$iam_settings = identity_provider('get');
if ($iam_settings['authsource'] != "keycloak" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) {
session_destroy();
@ -109,6 +107,9 @@ $lock_file_handle = fopen($lock_file, 'w');
fwrite($lock_file_handle, getmypid());
fclose($lock_file_handle);
// Init Keycloak Provider
$iam_provider = identity_provider('init');
// Loop until all users have been retrieved
while (true) {
// Get admin access token

View File

@ -70,8 +70,6 @@ $_SESSION['acl']['protocol_access'] = "1";
$_SESSION['acl']['mailbox_relayhost'] = "1";
$_SESSION['acl']['unlimited_quota'] = "1";
// Init Provider
$iam_provider = identity_provider('init');
$iam_settings = identity_provider('get');
if ($iam_settings['authsource'] != "ldap" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) {
session_destroy();
@ -109,6 +107,9 @@ $lock_file_handle = fopen($lock_file, 'w');
fwrite($lock_file_handle, getmypid());
fclose($lock_file_handle);
// Init Provider
$iam_provider = identity_provider('init');
// Get ldap users
$ldap_query = $iam_provider->query();
if (!empty($iam_settings['filter'])) {

View File

@ -476,8 +476,8 @@ function keycloak_mbox_login_rest($user, $pass, $iam_settings, $extra = null){
}
function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
global $pdo;
global $iam_provider;
$iam_provider = identity_provider();
$is_internal = $extra['is_internal'];
$create = $extra['create'];

View File

@ -2099,12 +2099,20 @@ function uuid4() {
}
function identity_provider($_action, $_data = null, $_extra = null) {
global $pdo;
global $iam_provider;
$data_log = $_data;
if (isset($data_log['client_secret'])) $data_log['client_secret'] = '*';
if (isset($data_log['access_token'])) $data_log['access_token'] = '*';
switch ($_action) {
case NULL:
if ($iam_provider) {
return $iam_provider;
} else {
$iam_provider = identity_provider("init");
}
break;
case 'get':
$settings = array();
$stmt = $pdo->prepare("SELECT * FROM `identity_provider`;");