init identity_provider only after all conditions are met

2025-12-25 07:41:30 +00:00 · 2024-02-26 13:12:44 +01:00
parent 6928eb632e
commit d237157c0b
4 changed files with 16 additions and 6 deletions
--- a/data/conf/phpfpm/crons/keycloak-sync.php
+++ b/data/conf/phpfpm/crons/keycloak-sync.php
@@ -70,8 +70,6 @@ $_SESSION['acl']['protocol_access'] = "1";
 $_SESSION['acl']['mailbox_relayhost'] = "1";
 $_SESSION['acl']['unlimited_quota'] = "1";

-// Init Keycloak Provider
-$iam_provider = identity_provider('init');
 $iam_settings = identity_provider('get');
 if ($iam_settings['authsource'] != "keycloak" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) {
  session_destroy();
@@ -109,6 +107,9 @@ $lock_file_handle = fopen($lock_file, 'w');
 fwrite($lock_file_handle, getmypid());
 fclose($lock_file_handle);

+// Init Keycloak Provider
+$iam_provider = identity_provider('init');
+
 // Loop until all users have been retrieved
 while (true) {
  // Get admin access token
--- a/data/conf/phpfpm/crons/ldap-sync.php
+++ b/data/conf/phpfpm/crons/ldap-sync.php
@@ -70,8 +70,6 @@ $_SESSION['acl']['protocol_access'] = "1";
 $_SESSION['acl']['mailbox_relayhost'] = "1";
 $_SESSION['acl']['unlimited_quota'] = "1";

-// Init Provider
-$iam_provider = identity_provider('init');
 $iam_settings = identity_provider('get');
 if ($iam_settings['authsource'] != "ldap" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) {
  session_destroy();
@@ -109,6 +107,9 @@ $lock_file_handle = fopen($lock_file, 'w');
 fwrite($lock_file_handle, getmypid());
 fclose($lock_file_handle);

+// Init Provider
+$iam_provider = identity_provider('init');
+
 // Get ldap users
 $ldap_query = $iam_provider->query();
 if (!empty($iam_settings['filter'])) {