blob: 48e99b0c7f5578d4ce066ebbdf78a7a382e86f2e [file] [log] [blame]
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +01001<?php
2require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
3
4if (!isset($_SESSION['mailcow_cc_role'])) {
5 $_SESSION['oauth2_request'] = $_SERVER['REQUEST_URI'];
6 header('Location: /?oauth');
7}
8
9$request = OAuth2\Request::createFromGlobals();
10$response = new OAuth2\Response();
11
12if (!$oauth2_server->validateAuthorizeRequest($request, $response)) {
13 $response->send();
14 exit();
15}
16
17if (!isset($_POST['authorized'])):
18require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php';
19
20?>
21<div class="container">
22 <div class="panel panel-default">
23 <div class="panel-heading"><?=$lang['oauth2']['authorize_app'];?></div>
24 <div class="panel-body">
25 <?php
26 if ($_SESSION['mailcow_cc_role'] != 'user'):
27 $request = '';
28 ?>
29 <p><?=$lang['oauth2']['access_denied'];?></p>
30 <?php
31 else:
32 ?>
33 <p><?=$lang['oauth2']['scope_ask_permission'];?>:</p>
34 <dl class="dl-horizontal">
35 <dt><?=$lang['oauth2']['profile'];?></dt>
36 <dd><?=$lang['oauth2']['profile_desc'];?></dd>
37 </dl>
38 <form class="form-horizontal" autocapitalize="none" autocorrect="off" role="form" method="post">
39 <div class="form-group">
40 <div class="col-sm-10 text-center">
41 <button class="btn btn-success" name="authorized" type="submit" value="1"><?=$lang['oauth2']['permit'];?></button>
42 <a href="#" class="btn btn-default" onclick="window.history.back()" role="button"><?=$lang['oauth2']['deny'];?></a>
43 <input type="hidden" name="csrf_token" value="<?=$_SESSION['CSRF']['TOKEN'];?>">
44 </div>
45 </div>
46 </form>
47 <?php
48 endif;
49 ?>
50 </div>
51 </div>
52</div> <!-- /container -->
53<?php
54require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';
55exit();
56endif;
57
58// print the authorization code if the user has authorized your client
59$is_authorized = ($_POST['authorized'] == '1');
60$oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized, $_SESSION['mailcow_cc_username']);
61if ($is_authorized) {
62 unset($_SESSION['oauth2_request']);
63 if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {
64 session_unset();
65 session_destroy();
66 }
67 header('Location: ' . $response->getHttpHeader('Location'));
68 exit;
69}