blob: 1fdcd0335d66a38a4e7ccfe56e21d397753dfde2 [file] [log] [blame]
Matthias Andreas Benkard12a57352021-12-28 18:02:04 +01001<?php
2require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
3
4if (!isset($_SESSION['mailcow_cc_role'])) {
5 $_SESSION['oauth2_request'] = $_SERVER['REQUEST_URI'];
6 header('Location: /?oauth');
7}
8
9$request = OAuth2\Request::createFromGlobals();
10$response = new OAuth2\Response();
11
12if (!$oauth2_server->validateAuthorizeRequest($request, $response)) {
13 $response->send();
14 exit;
15}
16
17if (!isset($_POST['authorized'])) {
18 require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php';
19
20 $template = 'oauth/authorize.twig';
21 $template_data = [];
22
23 require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';
24 exit;
25}
26
27// print the authorization code if the user has authorized your client
28$is_authorized = ($_POST['authorized'] == '1');
29$oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized, $_SESSION['mailcow_cc_username']);
30if ($is_authorized) {
31 unset($_SESSION['oauth2_request']);
32 if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {
33 session_unset();
34 session_destroy();
35 }
36 header('Location: ' . $response->getHttpHeader('Location'));
37 exit;
38}