

		()

'; hesk_handle_messages(); echo '

'; } $provider_name = hesk_SESSION(array('new_provider','name')); $authorization_url = hesk_SESSION(array('new_provider','authorization_url')); $token_url = hesk_SESSION(array('new_provider','token_url')); $client_id = hesk_SESSION(array('new_provider','client_id')); $client_secret = hesk_SESSION(array('new_provider','client_secret')); $scope = hesk_SESSION(array('new_provider','scope')); $no_val_ssl = hesk_SESSION(array('new_provider','no_val_ssl')); $errors = hesk_SESSION(array('new_provider','errors')); $errors = is_array($errors) ? $errors : array(); if ( ! hesk_SESSION('edit_provider') && isset($_SERVER['HTTP_HOST']) && isset($_SERVER['REQUEST_URI'])) { $oauth_link = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; $oauth_link = hesk_clean_utf8($oauth_link); ?>

' . hesk_htmlspecialchars($oauth_link) . ''); ?>

$error\n"; } $hesk_error_buffer = $tmp; $hesk_error_buffer = $hesklang['rfm'].'

'.$hesk_error_buffer.''; hesk_process_messages($hesk_error_buffer,'oauth_providers.php'); } // Save the provider hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."oauth_providers` SET `name` = '".hesk_dbEscape($provider['name'])."', `authorization_url` = '".hesk_dbEscape($provider['authorization_url'])."', `token_url` = '".hesk_dbEscape($provider['token_url'])."', `client_id` = '".hesk_dbEscape($provider['client_id'])."', `client_secret` = '".hesk_dbEscape($provider['client_secret'])."', `scope` = '".hesk_dbEscape($provider['scope'])."', `no_val_ssl` = ".intval($provider['no_val_ssl']).", `verified` = 0 WHERE `id`={$id}"); // Redirect to OAuth provider for verification redirect_to_provider($provider, $id); /* TODO: only verify if needed? // If something changed in the DB, redirect to OAuth provider for verification if (hesk_dbAffectedRows() > 0) { hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."oauth_providers` SET `verified` = 0 WHERE `id`={$id}"); redirect_to_provider($provider, $id); } // No changes to the DB hesk_process_messages($hesklang['oauth_provider_saved'], 'NOREDIRECT', 'SUCCESS'); */ } // End save_provider() function edit_provider() { global $hesk_settings, $hesklang; // Get custom status ID $id = intval( hesk_GET('id') ) or hesk_error($hesklang['status_e_id']); // Get details from the database $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."oauth_providers` WHERE `id`={$id} LIMIT 1"); if ( hesk_dbNumRows($res) != 1 ) { hesk_error($hesklang['status_not_found']); } $provider = hesk_dbFetchAssoc($res); if (defined('HESK_DEMO')) { $provider['authorization_url'] = 'https://api.example.com/oauth2/authorization'; $provider['token_url'] = 'https://api.example.com/oauth2/token'; $provider['client_id'] = $hesklang['hdemo']; $provider['client_secret'] = $hesklang['hdemo']; } $_SESSION['new_provider'] = $provider; $_SESSION['edit_provider'] = true; } // End edit_provider() function remove_provider() { global $hesk_settings, $hesklang; // A security check hesk_token_check(); // Get ID $id = intval( hesk_GET('id') ) or hesk_error($hesklang['status_e_id']); // Provider being used? if (count(getProviderInUseArray($id))) { hesk_process_messages($hesklang['email_oauth_provider_cannot_be_deleted'], './oauth_providers.php'); return; } // Delete the provider hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."oauth_tokens` WHERE `provider_id`={$id}"); hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."oauth_providers` WHERE `id`={$id}"); // Were we successful? if ( hesk_dbAffectedRows() == 1 ) { // Show success message hesk_process_messages($hesklang['oauth_provider_deleted'],'./oauth_providers.php','SUCCESS'); } else { hesk_process_messages($hesklang['status_not_found'],'./oauth_providers.php'); } } // End remove_provider() function provider_validate() { global $hesk_settings, $hesklang; global $hesk_error_buffer; $hesk_error_buffer = array(); $provider = array(); $errors = array(); // Get name $provider['name'] = hesk_input(hesk_POST('name')); if (strlen($provider['name']) < 1) { $errors[] = 'name'; $hesk_error_buffer[] = $hesklang['oauth_provider_err_name']; } // Auth URL $provider['authorization_url'] = hesk_validateURL(hesk_POST('authorization_url')); if (strlen($provider['authorization_url']) < 1) { $errors[] = 'authorization_url'; $hesk_error_buffer[] = $hesklang['oauth_provider_err_auth_url']; } // Token URL $provider['token_url'] = hesk_validateURL(hesk_POST('token_url')); if (strlen($provider['token_url']) < 1) { $errors[] = 'token_url'; $hesk_error_buffer[] = $hesklang['oauth_provider_err_token_url']; } // Client ID $provider['client_id'] = hesk_input(hesk_POST('client_id'), 0, 0, HESK_SLASH); if (strlen($provider['client_id']) < 1) { $errors[] = 'client_id'; $hesk_error_buffer[] = $hesklang['oauth_provider_err_client_id']; } // Client Secret $provider['client_secret'] = hesk_input(hesk_POST('client_secret'), 0, 0, HESK_SLASH); if (strlen($provider['client_secret']) < 1) { $errors[] = 'client_secret'; $hesk_error_buffer[] = $hesklang['oauth_provider_err_client_secret']; } // Scope $provider['scope'] = hesk_input(hesk_POST('scope'), 0, 0, HESK_SLASH); if (strlen($provider['scope']) < 1) { $errors[] = 'scope'; $hesk_error_buffer[] = $hesklang['oauth_provider_err_scope']; } // Skip SSL certificate verification? $provider['no_val_ssl'] = (hesk_POST('no_val_ssl', 0) == 1) ? 1 : 0; // Any errors? if (count($hesk_error_buffer)) { foreach ($provider as $k => $v) { $provider[$k] = stripslashes($v); } $_SESSION['new_provider'] = $provider; $_SESSION['new_provider']['errors'] = $errors; return false; } return $provider; } // END provider_validate() function new_provider() { global $hesk_settings, $hesklang; global $hesk_error_buffer; // A security check # hesk_token_check('POST'); // Validate inputs if (($provider = provider_validate()) == false) { $tmp = ''; foreach ($hesk_error_buffer as $error) { $tmp .= "

$error

\n"; } $hesk_error_buffer = $tmp; $hesk_error_buffer = $hesklang['rfm'].'

'.$hesk_error_buffer.''; hesk_process_messages($hesk_error_buffer,'oauth_providers.php'); } // Insert provider into database hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."oauth_providers` (`name`, `authorization_url`, `token_url`, `client_id`, `client_secret`, `scope`, `no_val_ssl`, `verified`) VALUES ('".hesk_dbEscape($provider['name'])."', '".hesk_dbEscape($provider['authorization_url'])."', '".hesk_dbEscape($provider['token_url'])."', '".hesk_dbEscape($provider['client_id'])."', '".hesk_dbEscape($provider['client_secret'])."', '".hesk_dbEscape($provider['scope'])."', ".intval($provider['no_val_ssl']).", 0)"); $inserted_id = hesk_dbInsertID(); $_SESSION['providerord'] = $inserted_id; //-- Send user to OAuth provider redirect_to_provider($provider, $inserted_id); } // End new_provider() function redirect_to_provider($provider, $id) { $redirect_url = hesk_get_oauth_redirect_url(); $return_location = $provider['authorization_url'] . "?client_id={$provider['client_id']}" . "&response_type=code" . "&redirect_uri={$redirect_url}" . "&response_mode=query" . "&access_type=offline" . "&scope={$provider['scope']}" . "&state=provider{$id}"; header('Location: '.$return_location); exit(); } function verify_provider() { global $hesk_settings, $hesklang; // Get ID $id = intval( hesk_GET('id') ) or hesk_error($hesklang['status_e_id']); $rs = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."oauth_providers` WHERE `id`=".$id); if (hesk_dbNumRows($rs) === 0) { hesk_process_messages($hesklang['oauth_provider_not_found'], './oauth_providers.php'); } $row = hesk_dbFetchAssoc($rs); redirect_to_provider($row, $row['id']); } function getProviderInUseArray($id) { global $hesk_settings, $hesklang; $in_use = array(); if ($hesk_settings['smtp'] && $hesk_settings['smtp_conn_type'] == 'oauth' && $hesk_settings['smtp_oauth_provider'] == $id) { $in_use[] = $hesklang['email_sending']; } if ($hesk_settings['imap'] && $hesk_settings['imap_conn_type'] == 'oauth' && $hesk_settings['imap_oauth_provider'] == $id) { $in_use[] = $hesklang['imap']; } if ($hesk_settings['pop3'] && $hesk_settings['pop3_conn_type'] == 'oauth' && $hesk_settings['pop3_oauth_provider'] == $id) { $in_use[] = $hesklang['pop3']; } return $in_use; }