public/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-12-19 21:01:31 +00:00
Code Issues Releases Wiki Activity

fix keycloak mailpassword flow

Browse Source
This commit is contained in:
FreddleSpl0it
2023-09-26 16:06:35 +02:00
committed by DerLinkman
parent 73a044ec14
commit 3a4c0c84a3
3 changed files with 7 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
data/conf/dovecot/auth/mailcowauth.php
View File

@@ -43,6 +43,7 @@ catch (PDOException $e) {
require_once 'functions.inc.php'; require_once 'functions.inc.php';
require_once 'functions.auth.inc.php'; require_once 'functions.auth.inc.php';
require_once 'sessions.inc.php'; require_once 'sessions.inc.php';
require_once 'functions.mailbox.inc.php';
// Init provider // Init provider
$iam_provider = identity_provider('init'); $iam_provider = identity_provider('init');

13
data/web/inc/functions.auth.inc.php
View File

@@ -178,7 +178,7 @@ function user_login($user, $pass, $extra = null){
// user does not exist, try call keycloak login and create user if possible via rest flow // user does not exist, try call keycloak login and create user if possible via rest flow
if (!$row){ if (!$row){
$iam_settings = identity_provider('get'); $iam_settings = identity_provider('get');
if ($iam_settings['authsource'] == 'keycloak' && intval($iam_settings['mailboxpassword_flow']) == 1){ if ($iam_settings['authsource'] == 'keycloak' && intval($iam_settings['mailpassword_flow']) == 1){
$result = keycloak_mbox_login_rest($user, $pass, $iam_settings, array('is_internal' => $is_internal, 'create' => true)); $result = keycloak_mbox_login_rest($user, $pass, $iam_settings, array('is_internal' => $is_internal, 'create' => true));
if ($result !== false) return $result; if ($result !== false) return $result;
} }
@@ -190,7 +190,7 @@ function user_login($user, $pass, $extra = null){
if ($row['authsource'] == 'keycloak'){ if ($row['authsource'] == 'keycloak'){
// user authsource is keycloak, try using via rest flow // user authsource is keycloak, try using via rest flow
$iam_settings = identity_provider('get'); $iam_settings = identity_provider('get');
if (intval($iam_settings['mailboxpassword_flow']) == 1){ if (intval($iam_settings['mailpassword_flow']) == 1){
$result = keycloak_mbox_login_rest($user, $pass, $iam_settings, array('is_internal' => $is_internal)); $result = keycloak_mbox_login_rest($user, $pass, $iam_settings, array('is_internal' => $is_internal));
return $result; return $result;
} else { } else {
@@ -367,8 +367,8 @@ function keycloak_mbox_login_rest($user, $pass, $iam_settings, $extra = null){
// get mapped template, if not set return false // get mapped template, if not set return false
// also return false if no mappers were defined // also return false if no mappers were defined
$user_template = $user_data['attributes']['mailcow_template'][0]; $user_template = $user_res['attributes']['mailcow_template'][0];
if ($create && (empty($iam_settings['mappers']) || $user_template)){ if ($create && (empty($iam_settings['mappers']) || !$user_template)){
return false; return false;
} else if (!$create) { } else if (!$create) {
// login success - dont create mailbox // login success - dont create mailbox
@@ -393,11 +393,6 @@ function keycloak_mbox_login_rest($user, $pass, $iam_settings, $extra = null){
)); ));
if (!$create_res) return false; if (!$create_res) return false;
// check if created mailbox from template is even active
// maybe dont even create it if active != 1
if ($mailbox_attributes['active'] != 1){
return false;
}
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'success', 'type' => 'success',

2
docker-compose.yml
View File

@@ -124,6 +124,8 @@ services:
- ./data/web/inc/functions.inc.php:/mailcowauth/functions.inc.php:z - ./data/web/inc/functions.inc.php:/mailcowauth/functions.inc.php:z
- ./data/web/inc/functions.auth.inc.php:/mailcowauth/functions.auth.inc.php:z - ./data/web/inc/functions.auth.inc.php:/mailcowauth/functions.auth.inc.php:z
- ./data/web/inc/sessions.inc.php:/mailcowauth/sessions.inc.php:z - ./data/web/inc/sessions.inc.php:/mailcowauth/sessions.inc.php:z
- ./data/web/inc/functions.mailbox.inc.php:/mailcowauth/functions.mailbox.inc.php:z
- ./data/web/inc/functions.ratelimit.inc.php:/mailcowauth/functions.ratelimit.inc.php:z
- rspamd-vol-1:/var/lib/rspamd - rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/ - mysql-socket-vol-1:/var/run/mysqld/
- ./data/conf/sogo/:/etc/sogo/:z - ./data/conf/sogo/:/etc/sogo/:z