self-hosted/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-01-10 04:18:10 +02:00
Code Issues Releases Activity

init identity_provider only after all conditions are met

Browse Source
This commit is contained in:
FreddleSpl0it 2024-02-26 13:12:44 +01:00
parent 6928eb632e
commit d237157c0b
No known key found for this signature in database
GPG Key ID: 00E14E7634F4BEC5
4 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
data/conf/phpfpm/crons/keycloak-sync.php
View File

@ -70,8 +70,6 @@ $_SESSION['acl']['protocol_access'] = "1";
$_SESSION['acl']['mailbox_relayhost'] = "1"; $_SESSION['acl']['mailbox_relayhost'] = "1";
$_SESSION['acl']['unlimited_quota'] = "1"; $_SESSION['acl']['unlimited_quota'] = "1";
// Init Keycloak Provider
$iam_provider = identity_provider('init');
$iam_settings = identity_provider('get'); $iam_settings = identity_provider('get');
if ($iam_settings['authsource'] != "keycloak" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) { if ($iam_settings['authsource'] != "keycloak" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) {
session_destroy(); session_destroy();
@ -109,6 +107,9 @@ $lock_file_handle = fopen($lock_file, 'w');
fwrite($lock_file_handle, getmypid()); fwrite($lock_file_handle, getmypid());
fclose($lock_file_handle); fclose($lock_file_handle);
// Init Keycloak Provider
$iam_provider = identity_provider('init');
// Loop until all users have been retrieved // Loop until all users have been retrieved
while (true) { while (true) {
// Get admin access token // Get admin access token

5
data/conf/phpfpm/crons/ldap-sync.php
View File

@ -70,8 +70,6 @@ $_SESSION['acl']['protocol_access'] = "1";
$_SESSION['acl']['mailbox_relayhost'] = "1"; $_SESSION['acl']['mailbox_relayhost'] = "1";
$_SESSION['acl']['unlimited_quota'] = "1"; $_SESSION['acl']['unlimited_quota'] = "1";
// Init Provider
$iam_provider = identity_provider('init');
$iam_settings = identity_provider('get'); $iam_settings = identity_provider('get');
if ($iam_settings['authsource'] != "ldap" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) { if ($iam_settings['authsource'] != "ldap" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) {
session_destroy(); session_destroy();
@ -109,6 +107,9 @@ $lock_file_handle = fopen($lock_file, 'w');
fwrite($lock_file_handle, getmypid()); fwrite($lock_file_handle, getmypid());
fclose($lock_file_handle); fclose($lock_file_handle);
// Init Provider
$iam_provider = identity_provider('init');
// Get ldap users // Get ldap users
$ldap_query = $iam_provider->query(); $ldap_query = $iam_provider->query();
if (!empty($iam_settings['filter'])) { if (!empty($iam_settings['filter'])) {

2
data/web/inc/functions.auth.inc.php
View File

@ -476,8 +476,8 @@ function keycloak_mbox_login_rest($user, $pass, $iam_settings, $extra = null){
} }
function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){ function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
global $pdo; global $pdo;
global $iam_provider;
$iam_provider = identity_provider();
$is_internal = $extra['is_internal']; $is_internal = $extra['is_internal'];
$create = $extra['create']; $create = $extra['create'];

8
data/web/inc/functions.inc.php
View File

@ -2099,12 +2099,20 @@ function uuid4() {
} }
function identity_provider($_action, $_data = null, $_extra = null) { function identity_provider($_action, $_data = null, $_extra = null) {
global $pdo; global $pdo;
global $iam_provider;
$data_log = $_data; $data_log = $_data;
if (isset($data_log['client_secret'])) $data_log['client_secret'] = '*'; if (isset($data_log['client_secret'])) $data_log['client_secret'] = '*';
if (isset($data_log['access_token'])) $data_log['access_token'] = '*'; if (isset($data_log['access_token'])) $data_log['access_token'] = '*';
switch ($_action) { switch ($_action) {
case NULL:
if ($iam_provider) {
return $iam_provider;
} else {
$iam_provider = identity_provider("init");
}
break;
case 'get': case 'get':
$settings = array(); $settings = array();
$stmt = $pdo->prepare("SELECT * FROM `identity_provider`;"); $stmt = $pdo->prepare("SELECT * FROM `identity_provider`;");