mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2025-01-06 03:54:12 +02:00
9bfb74bb1d
* Auto-generated app passwords for Apple configuration profiles * Change password modal: add warning about app passwords
219 lines
7.6 KiB
PHP
219 lines
7.6 KiB
PHP
<?php
|
|
require_once 'inc/prerequisites.inc.php';
|
|
|
|
if (empty($mailcow_hostname)) {
|
|
exit();
|
|
}
|
|
if (!isset($_SESSION['mailcow_cc_role']) || $_SESSION['mailcow_cc_role'] != 'user') {
|
|
session_destroy();
|
|
// probably better than appending the whole current http query string
|
|
$append_get = (isset($_GET['only_email'])) ? '&only_email' : '';
|
|
$append_get .= (isset($_GET['app_password'])) ? '&app_password' : '';
|
|
header('Location: index.php?mobileconfig' . $append_get);
|
|
die();
|
|
}
|
|
|
|
error_reporting(0);
|
|
|
|
header('Content-Type: application/x-apple-aspen-config');
|
|
header('Content-Disposition: attachment; filename="'.$UI_TEXTS['main_name'].'.mobileconfig"');
|
|
|
|
$email = $_SESSION['mailcow_cc_username'];
|
|
$domain = explode('@', $_SESSION['mailcow_cc_username'])[1];
|
|
$identifier = implode('.', array_reverse(preg_split( '/(@|\.)/', $email))) . '.appleprofile.'.preg_replace('/[^a-zA-Z0-9]+/', '', $UI_TEXTS['main_name']);
|
|
|
|
try {
|
|
$stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
|
|
$stmt->execute(array(':username' => $email));
|
|
$MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
$displayname = htmlspecialchars(empty($MailboxData['name']) ? $email : $MailboxData['name'], ENT_NOQUOTES);
|
|
}
|
|
catch(PDOException $e) {
|
|
$displayname = $email;
|
|
}
|
|
|
|
if (isset($_GET['only_email'])) {
|
|
$onlyEmailAccount = true;
|
|
$description = 'IMAP';
|
|
} else {
|
|
$onlyEmailAccount = false;
|
|
$description = 'IMAP, CalDAV, CardDAV';
|
|
}
|
|
if (isset($_GET['app_password'])) {
|
|
$app_password = true;
|
|
$description .= ' with application password';
|
|
|
|
if (strpos($_SERVER['HTTP_USER_AGENT'], 'iPad') !== FALSE)
|
|
$platform = 'iPad';
|
|
elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'iPhone') !== FALSE)
|
|
$platform = 'iPhone';
|
|
elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'Macintosh') !== FALSE)
|
|
$platform = 'Mac';
|
|
else
|
|
$platform = $_SERVER['HTTP_USER_AGENT'];
|
|
|
|
$password = bin2hex(openssl_random_pseudo_bytes(16));
|
|
$attr = array(
|
|
'app_name' => $platform,
|
|
'app_passwd' => $password,
|
|
'app_passwd2' => $password,
|
|
'active' => 1,
|
|
'protocols' => array('imap_access', 'smtp_access'),
|
|
);
|
|
if (!$onlyEmailAccount) {
|
|
$attr['protocols'][] = 'dav_access';
|
|
}
|
|
app_passwd("add", $attr);
|
|
} else {
|
|
$app_password = false;
|
|
}
|
|
|
|
echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
|
|
?>
|
|
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
|
<plist version="1.0">
|
|
<dict>
|
|
<key>PayloadContent</key>
|
|
<array>
|
|
<dict>
|
|
<key>EmailAccountDescription</key>
|
|
<string><?=$email?></string>
|
|
<key>EmailAccountType</key>
|
|
<string>EmailTypeIMAP</string>
|
|
<key>EmailAccountName</key>
|
|
<string><?=$displayname?></string>
|
|
<key>EmailAddress</key>
|
|
<string><?=$email?></string>
|
|
<key>IncomingMailServerAuthentication</key>
|
|
<string>EmailAuthPassword</string>
|
|
<key>IncomingMailServerHostName</key>
|
|
<string><?=$autodiscover_config['imap']['server']?></string>
|
|
<key>IncomingMailServerPortNumber</key>
|
|
<integer><?=$autodiscover_config['imap']['port']?></integer>
|
|
<key>IncomingMailServerUseSSL</key>
|
|
<true/>
|
|
<key>IncomingMailServerUsername</key>
|
|
<string><?=$email?></string>
|
|
<?php if($app_password === true): ?>
|
|
<key>IncomingPassword</key>
|
|
<string><?=$password?></string>
|
|
<?php endif; ?>
|
|
<key>OutgoingMailServerAuthentication</key>
|
|
<string>EmailAuthPassword</string>
|
|
<key>OutgoingMailServerHostName</key>
|
|
<string><?=$autodiscover_config['smtp']['server']?></string>
|
|
<key>OutgoingMailServerPortNumber</key>
|
|
<integer><?=$autodiscover_config['smtp']['port']?></integer>
|
|
<key>OutgoingMailServerUseSSL</key>
|
|
<true/>
|
|
<key>OutgoingMailServerUsername</key>
|
|
<string><?=$email?></string>
|
|
<key>OutgoingPasswordSameAsIncomingPassword</key>
|
|
<true/>
|
|
<key>PayloadDescription</key>
|
|
<string>Configures email account.</string>
|
|
<key>PayloadDisplayName</key>
|
|
<string>IMAP Account (<?=$email?>)</string>
|
|
<key>PayloadIdentifier</key>
|
|
<string><?=$identifier?>.email</string>
|
|
<key>PayloadOrganization</key>
|
|
<string></string>
|
|
<key>PayloadType</key>
|
|
<string>com.apple.mail.managed</string>
|
|
<key>PayloadUUID</key>
|
|
<string><?=getGUID()?></string>
|
|
<key>PayloadVersion</key>
|
|
<integer>1</integer>
|
|
<key>PreventAppSheet</key>
|
|
<false/>
|
|
<key>PreventMove</key>
|
|
<false/>
|
|
<key>SMIMESigningUserOverrideable</key>
|
|
<true/>
|
|
<key>SMIMESigningCertificateUUIDUserOverrideable</key>
|
|
<true/>
|
|
<key>SMIMEEncryptByDefaultUserOverrideable</key>
|
|
<true/>
|
|
<key>SMIMEEncryptionCertificateUUIDUserOverrideable</key>
|
|
<true/>
|
|
<key>SMIMEEnableEncryptionPerMessageSwitch</key>
|
|
<true/>
|
|
</dict>
|
|
<?php if($onlyEmailAccount === false): ?>
|
|
<dict>
|
|
<key>CalDAVAccountDescription</key>
|
|
<string><?=$email?></string>
|
|
<key>CalDAVHostName</key>
|
|
<string><?=$autodiscover_config['caldav']['server']?></string>
|
|
<key>CalDAVPort</key>
|
|
<real><?=$autodiscover_config['caldav']['port']?></real>
|
|
<key>CalDAVPrincipalURL</key>
|
|
<string>/SOGo/dav/<?=$email?></string>
|
|
<key>CalDAVUseSSL</key>
|
|
<true/>
|
|
<key>CalDAVUsername</key>
|
|
<string><?=$email?></string>
|
|
<key>PayloadDescription</key>
|
|
<string>Configures CalDAV account.</string>
|
|
<key>PayloadDisplayName</key>
|
|
<string>CalDAV (<?=$email?>)</string>
|
|
<key>PayloadIdentifier</key>
|
|
<string><?=$identifier?>.CalDAV</string>
|
|
<key>PayloadOrganization</key>
|
|
<string></string>
|
|
<key>PayloadType</key>
|
|
<string>com.apple.caldav.account</string>
|
|
<key>PayloadUUID</key>
|
|
<string><?=getGUID()?></string>
|
|
<key>PayloadVersion</key>
|
|
<integer>1</integer>
|
|
</dict>
|
|
<dict>
|
|
<key>CardDAVAccountDescription</key>
|
|
<string><?=$email?></string>
|
|
<key>CardDAVHostName</key>
|
|
<string><?=$autodiscover_config['carddav']['server']?></string>
|
|
<key>CardDAVPort</key>
|
|
<integer><?=$autodiscover_config['carddav']['port']?></integer>
|
|
<key>CardDAVPrincipalURL</key>
|
|
<string>/SOGo/dav/<?=$email?></string>
|
|
<key>CardDAVUseSSL</key>
|
|
<true/>
|
|
<key>CardDAVUsername</key>
|
|
<string><?=$email?></string>
|
|
<key>PayloadDescription</key>
|
|
<string>Configures CardDAV accounts</string>
|
|
<key>PayloadDisplayName</key>
|
|
<string>CardDAV (<?=$email?>)</string>
|
|
<key>PayloadIdentifier</key>
|
|
<string><?=$identifier?>.carddav</string>
|
|
<key>PayloadOrganization</key>
|
|
<string></string>
|
|
<key>PayloadType</key>
|
|
<string>com.apple.carddav.account</string>
|
|
<key>PayloadUUID</key>
|
|
<string><?=getGUID()?></string>
|
|
<key>PayloadVersion</key>
|
|
<integer>1</integer>
|
|
</dict>
|
|
<?php endif; ?>
|
|
</array>
|
|
<key>PayloadDescription</key>
|
|
<string><?=$description?></string>
|
|
<key>PayloadDisplayName</key>
|
|
<string><?=$email?></string>
|
|
<key>PayloadIdentifier</key>
|
|
<string><?=$identifier?></string>
|
|
<key>PayloadOrganization</key>
|
|
<string><?=$UI_TEXTS['main_name']?></string>
|
|
<key>PayloadRemovalDisallowed</key>
|
|
<false/>
|
|
<key>PayloadType</key>
|
|
<string>Configuration</string>
|
|
<key>PayloadUUID</key>
|
|
<string><?=getGUID()?></string>
|
|
<key>PayloadVersion</key>
|
|
<integer>1</integer>
|
|
</dict>
|
|
</plist>
|