git subrepo commit (merge) mailcow/src/mailcow-dockerized

subrepo: subdir:   "mailcow/src/mailcow-dockerized"
  merged:   "32243e56"
upstream: origin:   "https://github.com/mailcow/mailcow-dockerized.git"
  branch:   "master"
  commit:   "e2b4b6f6"
git-subrepo: version:  "0.4.3"
  origin:   "???"
  commit:   "???"
Change-Id: I51e2016ef5ab88a8b0bdc08551b18f48ceef0aa5
diff --git a/mailcow/src/mailcow-dockerized/data/web/oauth/authorize.php b/mailcow/src/mailcow-dockerized/data/web/oauth/authorize.php
index 48e99b0..1fdcd03 100644
--- a/mailcow/src/mailcow-dockerized/data/web/oauth/authorize.php
+++ b/mailcow/src/mailcow-dockerized/data/web/oauth/authorize.php
@@ -1,69 +1,38 @@
-<?php

-require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';

-

-if (!isset($_SESSION['mailcow_cc_role'])) {

-  $_SESSION['oauth2_request'] = $_SERVER['REQUEST_URI'];

-  header('Location: /?oauth');

-}

-

-$request = OAuth2\Request::createFromGlobals();

-$response = new OAuth2\Response();

-

-if (!$oauth2_server->validateAuthorizeRequest($request, $response)) {

-  $response->send();

-  exit();

-}

-

-if (!isset($_POST['authorized'])):

-require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php';

-

-?>

-<div class="container">

-  <div class="panel panel-default">

-    <div class="panel-heading"><?=$lang['oauth2']['authorize_app'];?></div>

-    <div class="panel-body">

-      <?php

-      if ($_SESSION['mailcow_cc_role'] != 'user'):

-      $request = '';

-      ?>

-      <p><?=$lang['oauth2']['access_denied'];?></p>

-      <?php

-      else:

-      ?>

-      <p><?=$lang['oauth2']['scope_ask_permission'];?>:</p>

-      <dl class="dl-horizontal">

-        <dt><?=$lang['oauth2']['profile'];?></dt>

-        <dd><?=$lang['oauth2']['profile_desc'];?></dd>

-      </dl>

-      <form class="form-horizontal" autocapitalize="none" autocorrect="off" role="form" method="post">

-        <div class="form-group">

-          <div class="col-sm-10 text-center">

-            <button class="btn btn-success" name="authorized" type="submit" value="1"><?=$lang['oauth2']['permit'];?></button>

-            <a href="#" class="btn btn-default" onclick="window.history.back()" role="button"><?=$lang['oauth2']['deny'];?></a>

-            <input type="hidden" name="csrf_token" value="<?=$_SESSION['CSRF']['TOKEN'];?>">

-          </div>

-        </div>

-      </form>

-      <?php

-      endif;

-      ?>

-    </div>

-  </div>

-</div> <!-- /container -->

-<?php

-require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';

-exit();

-endif;

-

-// print the authorization code if the user has authorized your client

-$is_authorized = ($_POST['authorized'] == '1');

-$oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized, $_SESSION['mailcow_cc_username']);

-if ($is_authorized) {

-  unset($_SESSION['oauth2_request']);

-  if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {

-    session_unset();

-    session_destroy();

-  }

-  header('Location: ' . $response->getHttpHeader('Location'));

-  exit;

-}

+<?php
+require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
+
+if (!isset($_SESSION['mailcow_cc_role'])) {
+  $_SESSION['oauth2_request'] = $_SERVER['REQUEST_URI'];
+  header('Location: /?oauth');
+}
+
+$request = OAuth2\Request::createFromGlobals();
+$response = new OAuth2\Response();
+
+if (!$oauth2_server->validateAuthorizeRequest($request, $response)) {
+  $response->send();
+  exit;
+}
+
+if (!isset($_POST['authorized'])) {
+  require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php';
+
+  $template = 'oauth/authorize.twig';
+  $template_data = [];
+
+  require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';
+  exit;
+}
+
+// print the authorization code if the user has authorized your client
+$is_authorized = ($_POST['authorized'] == '1');
+$oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized, $_SESSION['mailcow_cc_username']);
+if ($is_authorized) {
+  unset($_SESSION['oauth2_request']);
+  if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {
+    session_unset();
+    session_destroy();
+  }
+  header('Location: ' . $response->getHttpHeader('Location'));
+  exit;
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/oauth/profile.php b/mailcow/src/mailcow-dockerized/data/web/oauth/profile.php
index 4364c19..ff6b583 100644
--- a/mailcow/src/mailcow-dockerized/data/web/oauth/profile.php
+++ b/mailcow/src/mailcow-dockerized/data/web/oauth/profile.php
@@ -15,6 +15,7 @@
     echo json_encode(array(

       'success' => true,

       'username' => $token['user_id'],

+      'id' => $token['user_id'],

       'identifier' => $token['user_id'],

       'email' => (!empty($mailbox['username']) ? $mailbox['username'] : ''),

       'full_name' => (!empty($mailbox['name']) ? $mailbox['name'] : 'mailcow administrative user'),