sharpetronics/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-12-10 00:05:27 -05:00
Code Issues Projects Releases Wiki Activity

[Web] update mailbox on idp login

Browse Source
This commit is contained in:
FreddleSpl0it 2024-12-02 10:35:45 +01:00
parent 6fa1c9f63d
commit f36184df64
No known key found for this signature in database
GPG Key ID: 00E14E7634F4BEC5
2 changed files with 63 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
data/web/inc/functions.auth.inc.php
View File

@ -449,18 +449,26 @@ function keycloak_mbox_login_rest($user, $pass, $extra = null){
return false; return false;
} }
// get mapped template, if not set return false // get mapped template
// also return false if no mappers were defined
$user_template = $user_res['attributes']['mailcow_template'][0]; $user_template = $user_res['attributes']['mailcow_template'][0];
if ($create && (empty($iam_settings['mappers']) || !$user_template)){ $mapper_key = array_search($user_template, $iam_settings['mappers']);
return false;
} else if (!$create) { if (!$create) {
// login success - dont create mailbox // login success
if ($mapper_key !== false) {
// update user
mailbox('edit', 'mailbox_from_template', array(
'username' => $user,
'name' => $user_res['name'],
'template' => $iam_settings['templates'][$mapper_key],
'hasAccess' => true
));
}
return 'user'; return 'user';
} }
// check if matching attribute exist // check if matching attribute exist
$mapper_key = array_search($user_template, $iam_settings['mappers']); if (empty($iam_settings['mappers']) || !$user_template) return false;
if ($mapper_key === false) return false; if ($mapper_key === false) return false;
// create mailbox // create mailbox
@ -469,7 +477,8 @@ function keycloak_mbox_login_rest($user, $pass, $extra = null){
'local_part' => explode('@', $user)[0], 'local_part' => explode('@', $user)[0],
'name' => $user_res['name'], 'name' => $user_res['name'],
'authsource' => 'keycloak', 'authsource' => 'keycloak',
'template' => $iam_settings['templates'][$mapper_key] 'template' => $iam_settings['templates'][$mapper_key],
'hasAccess' => true
)); ));
if (!$create_res) return false; if (!$create_res) return false;
@ -536,18 +545,26 @@ function ldap_mbox_login($user, $pass, $extra = null){
return false; return false;
} }
// get mapped template, if not set return false // get mapped template
// also return false if no mappers were defined
$user_template = $user_res[$iam_settings['attribute_field']][0]; $user_template = $user_res[$iam_settings['attribute_field']][0];
if ($create && (empty($iam_settings['mappers']) || !$user_template)){ $mapper_key = array_search($user_template, $iam_settings['mappers']);
return false;
} else if (!$create) { if (!$create) {
// login success - dont create mailbox // login success
if ($mapper_key !== false) {
// update user
mailbox('edit', 'mailbox_from_template', array(
'username' => $user,
'name' => $user_res['displayname'][0],
'template' => $iam_settings['templates'][$mapper_key],
'hasAccess' => true
));
}
return 'user'; return 'user';
} }
// check if matching attribute exist // check if matching attribute exist
$mapper_key = array_search($user_template, $iam_settings['mappers']); if (empty($iam_settings['mappers']) || !$user_template) return false;
if ($mapper_key === false) return false; if ($mapper_key === false) return false;
// create mailbox // create mailbox
@ -556,7 +573,8 @@ function ldap_mbox_login($user, $pass, $extra = null){
'local_part' => explode('@', $user)[0], 'local_part' => explode('@', $user)[0],
'name' => $user_res['displayname'][0], 'name' => $user_res['displayname'][0],
'authsource' => 'ldap', 'authsource' => 'ldap',
'template' => $iam_settings['templates'][$mapper_key] 'template' => $iam_settings['templates'][$mapper_key],
'hasAccess' => true
)); ));
if (!$create_res) return false; if (!$create_res) return false;

59
data/web/inc/functions.inc.php
View File

@ -2512,31 +2512,9 @@ function identity_provider($_action = null, $_data = null, $_extra = null) {
// check if email address is given // check if email address is given
if (empty($info['email'])) return false; if (empty($info['email'])) return false;
// get mapped template, if not set return false // get mapped template
// also return false if no mappers were defined
$user_template = $info['mailcow_template']; $user_template = $info['mailcow_template'];
if (empty($iam_settings['mappers']) || empty($user_template)){
clear_session();
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $info['email']),
'msg' => array('login_failed', 'empty attribute mapping or missing template attribute')
);
return false;
}
// check if matching attribute exist
$mapper_key = array_search($user_template, $iam_settings['mappers']); $mapper_key = array_search($user_template, $iam_settings['mappers']);
if ($mapper_key === false) {
clear_session();
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $info['email']),
'msg' => array('login_failed', 'specified template not found')
);
return false;
}
// token valid, get mailbox // token valid, get mailbox
$stmt = $pdo->prepare("SELECT * FROM `mailbox` $stmt = $pdo->prepare("SELECT * FROM `mailbox`
@ -2550,13 +2528,15 @@ function identity_provider($_action = null, $_data = null, $_extra = null) {
$row = $stmt->fetch(PDO::FETCH_ASSOC); $row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row){ if ($row){
// success // success
// update user if ($mapper_key !== false) {
mailbox('edit', 'mailbox_from_template', array( // update user
'username' => $info['email'], mailbox('edit', 'mailbox_from_template', array(
'name' => $info['name'], 'username' => $info['email'],
'template' => $iam_settings['templates'][$mapper_key], 'name' => $info['name'],
'hasAccess' => true 'template' => $iam_settings['templates'][$mapper_key],
)); 'hasAccess' => true
));
}
set_user_loggedin_session($info['email']); set_user_loggedin_session($info['email']);
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'success', 'type' => 'success',
@ -2566,6 +2546,25 @@ function identity_provider($_action = null, $_data = null, $_extra = null) {
return true; return true;
} }
if (empty($iam_settings['mappers']) || empty($user_template)){
clear_session();
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $info['email']),
'msg' => array('login_failed', 'empty attribute mapping or missing template attribute')
);
return false;
}
if ($mapper_key === false) {
clear_session();
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $info['email']),
'msg' => array('login_failed', 'specified template not found')
);
return false;
}
// create mailbox // create mailbox
$create_res = mailbox('add', 'mailbox_from_template', array( $create_res = mailbox('add', 'mailbox_from_template', array(
'domain' => explode('@', $info['email'])[1], 'domain' => explode('@', $info['email'])[1],