Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame^] | 1 | <?php
|
| 2 | require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
|
| 3 |
|
| 4 | if (!isset($_SESSION['mailcow_cc_role'])) {
|
| 5 | $_SESSION['oauth2_request'] = $_SERVER['REQUEST_URI'];
|
| 6 | header('Location: /?oauth');
|
| 7 | }
|
| 8 |
|
| 9 | $request = OAuth2\Request::createFromGlobals();
|
| 10 | $response = new OAuth2\Response();
|
| 11 |
|
| 12 | if (!$oauth2_server->validateAuthorizeRequest($request, $response)) {
|
| 13 | $response->send();
|
| 14 | exit();
|
| 15 | }
|
| 16 |
|
| 17 | if (!isset($_POST['authorized'])):
|
| 18 | require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php';
|
| 19 |
|
| 20 | ?>
|
| 21 | <div class="container">
|
| 22 | <div class="panel panel-default">
|
| 23 | <div class="panel-heading"><?=$lang['oauth2']['authorize_app'];?></div>
|
| 24 | <div class="panel-body">
|
| 25 | <?php
|
| 26 | if ($_SESSION['mailcow_cc_role'] != 'user'):
|
| 27 | $request = '';
|
| 28 | ?>
|
| 29 | <p><?=$lang['oauth2']['access_denied'];?></p>
|
| 30 | <?php
|
| 31 | else:
|
| 32 | ?>
|
| 33 | <p><?=$lang['oauth2']['scope_ask_permission'];?>:</p>
|
| 34 | <dl class="dl-horizontal">
|
| 35 | <dt><?=$lang['oauth2']['profile'];?></dt>
|
| 36 | <dd><?=$lang['oauth2']['profile_desc'];?></dd>
|
| 37 | </dl>
|
| 38 | <form class="form-horizontal" autocapitalize="none" autocorrect="off" role="form" method="post">
|
| 39 | <div class="form-group">
|
| 40 | <div class="col-sm-10 text-center">
|
| 41 | <button class="btn btn-success" name="authorized" type="submit" value="1"><?=$lang['oauth2']['permit'];?></button>
|
| 42 | <a href="#" class="btn btn-default" onclick="window.history.back()" role="button"><?=$lang['oauth2']['deny'];?></a>
|
| 43 | <input type="hidden" name="csrf_token" value="<?=$_SESSION['CSRF']['TOKEN'];?>">
|
| 44 | </div>
|
| 45 | </div>
|
| 46 | </form>
|
| 47 | <?php
|
| 48 | endif;
|
| 49 | ?>
|
| 50 | </div>
|
| 51 | </div>
|
| 52 | </div> <!-- /container -->
|
| 53 | <?php
|
| 54 | require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';
|
| 55 | exit();
|
| 56 | endif;
|
| 57 |
|
| 58 | // print the authorization code if the user has authorized your client
|
| 59 | $is_authorized = ($_POST['authorized'] == '1');
|
| 60 | $oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized, $_SESSION['mailcow_cc_username']);
|
| 61 | if ($is_authorized) {
|
| 62 | unset($_SESSION['oauth2_request']);
|
| 63 | if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {
|
| 64 | session_unset();
|
| 65 | session_destroy();
|
| 66 | }
|
| 67 | header('Location: ' . $response->getHttpHeader('Location'));
|
| 68 | exit;
|
| 69 | }
|