mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2024-12-23 02:04:46 +02:00
init identity_provider only after all conditions are met
This commit is contained in:
parent
6928eb632e
commit
d237157c0b
@ -70,8 +70,6 @@ $_SESSION['acl']['protocol_access'] = "1";
|
||||
$_SESSION['acl']['mailbox_relayhost'] = "1";
|
||||
$_SESSION['acl']['unlimited_quota'] = "1";
|
||||
|
||||
// Init Keycloak Provider
|
||||
$iam_provider = identity_provider('init');
|
||||
$iam_settings = identity_provider('get');
|
||||
if ($iam_settings['authsource'] != "keycloak" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) {
|
||||
session_destroy();
|
||||
@ -109,6 +107,9 @@ $lock_file_handle = fopen($lock_file, 'w');
|
||||
fwrite($lock_file_handle, getmypid());
|
||||
fclose($lock_file_handle);
|
||||
|
||||
// Init Keycloak Provider
|
||||
$iam_provider = identity_provider('init');
|
||||
|
||||
// Loop until all users have been retrieved
|
||||
while (true) {
|
||||
// Get admin access token
|
||||
|
@ -70,8 +70,6 @@ $_SESSION['acl']['protocol_access'] = "1";
|
||||
$_SESSION['acl']['mailbox_relayhost'] = "1";
|
||||
$_SESSION['acl']['unlimited_quota'] = "1";
|
||||
|
||||
// Init Provider
|
||||
$iam_provider = identity_provider('init');
|
||||
$iam_settings = identity_provider('get');
|
||||
if ($iam_settings['authsource'] != "ldap" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) {
|
||||
session_destroy();
|
||||
@ -109,6 +107,9 @@ $lock_file_handle = fopen($lock_file, 'w');
|
||||
fwrite($lock_file_handle, getmypid());
|
||||
fclose($lock_file_handle);
|
||||
|
||||
// Init Provider
|
||||
$iam_provider = identity_provider('init');
|
||||
|
||||
// Get ldap users
|
||||
$ldap_query = $iam_provider->query();
|
||||
if (!empty($iam_settings['filter'])) {
|
||||
|
@ -476,8 +476,8 @@ function keycloak_mbox_login_rest($user, $pass, $iam_settings, $extra = null){
|
||||
}
|
||||
function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
|
||||
global $pdo;
|
||||
global $iam_provider;
|
||||
|
||||
|
||||
$iam_provider = identity_provider();
|
||||
$is_internal = $extra['is_internal'];
|
||||
$create = $extra['create'];
|
||||
|
||||
|
@ -2099,12 +2099,20 @@ function uuid4() {
|
||||
}
|
||||
function identity_provider($_action, $_data = null, $_extra = null) {
|
||||
global $pdo;
|
||||
global $iam_provider;
|
||||
|
||||
$data_log = $_data;
|
||||
if (isset($data_log['client_secret'])) $data_log['client_secret'] = '*';
|
||||
if (isset($data_log['access_token'])) $data_log['access_token'] = '*';
|
||||
|
||||
switch ($_action) {
|
||||
case NULL:
|
||||
if ($iam_provider) {
|
||||
return $iam_provider;
|
||||
} else {
|
||||
$iam_provider = identity_provider("init");
|
||||
}
|
||||
break;
|
||||
case 'get':
|
||||
$settings = array();
|
||||
$stmt = $pdo->prepare("SELECT * FROM `identity_provider`;");
|
||||
|
Loading…
Reference in New Issue
Block a user