Add support for Nextcloud Notes app web login method
parent
d562420374
commit
3fd79702e1
@ -0,0 +1,142 @@
|
||||
<?php
|
||||
/*
|
||||
* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
*/
|
||||
|
||||
require __DIR__ . "/../required.php";
|
||||
|
||||
header("Content-Security-Policy: default-src '*';");
|
||||
header('Access-Control-Allow-Origin: *');
|
||||
|
||||
$redirecttologin = false;
|
||||
|
||||
$urlbase = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://" . $_SERVER['HTTP_HOST'] . (($_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443) ? ":" . $_SERVER['SERVER_PORT'] : "");
|
||||
$appurl = $urlbase . str_replace("lib/nextcloudlogin.php", "", str_replace("index.php/login/flow", "", $_SERVER["REQUEST_URI"]));
|
||||
$thisurl = $urlbase . $_SERVER["REQUEST_URI"];
|
||||
$iconurl = $appurl . "static/img/logo.svg";
|
||||
|
||||
/**
|
||||
* Show a simple HTML page with a line of text and a button. Matches the UI of
|
||||
* the AccountHub login flow.
|
||||
*
|
||||
* @global type $SETTINGS
|
||||
* @global type $SECURE_NONCE
|
||||
* @global type $Strings
|
||||
* @param string $title Text to show, passed through i18n
|
||||
* @param string $button Button text, passed through i18n
|
||||
* @param string $url URL for the button
|
||||
*/
|
||||
function showHTML(string $title, string $button, string $url) {
|
||||
global $SETTINGS, $SECURE_NONCE, $Strings;
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
<meta charset="UTF-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
|
||||
<title><?php echo $SETTINGS['site_title']; ?></title>
|
||||
|
||||
<link rel="icon" href="static/img/logo.svg">
|
||||
|
||||
<link href="static/css/bootstrap.min.css" rel="stylesheet">
|
||||
<style nonce="<?php echo $SECURE_NONCE; ?>">
|
||||
.display-5 {
|
||||
font-size: 2.5rem;
|
||||
font-weight: 300;
|
||||
line-height: 1.2;
|
||||
}
|
||||
|
||||
.banner-image {
|
||||
max-height: 100px;
|
||||
margin: 2em auto;
|
||||
border: 1px solid grey;
|
||||
border-radius: 15%;
|
||||
}
|
||||
</style>
|
||||
|
||||
<div class="container mt-4">
|
||||
<div class="row justify-content-center">
|
||||
<div class="col-12 text-center">
|
||||
<img class="banner-image" src="./static/img/logo.svg" />
|
||||
</div>
|
||||
|
||||
<div class="col-12 text-center">
|
||||
<h1 class="display-5 mb-4"><?php $Strings->get($title); ?></h1>
|
||||
</div>
|
||||
|
||||
<?php if (!empty($button)) { ?>
|
||||
<div class="col-12 col-sm-8 col-lg-6">
|
||||
<div class="card mt-4">
|
||||
<div class="card-body">
|
||||
<a href="<?php echo $url; ?>" class="btn btn-primary btn-block"><?php $Strings->get($button); ?></a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php } ?>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
|
||||
if (empty($_SESSION["login_code"])) {
|
||||
$redirecttologin = true;
|
||||
} else {
|
||||
try {
|
||||
$uidinfo = AccountHubApi::get("checkloginkey", ["code" => $_SESSION["login_code"]]);
|
||||
|
||||
if ($uidinfo["status"] == "ERROR") {
|
||||
throw new Exception();
|
||||
}
|
||||
if (is_numeric($uidinfo['uid'])) {
|
||||
$user = new User($uidinfo['uid'] * 1);
|
||||
foreach ($SETTINGS['permissions'] as $perm) {
|
||||
if (!$user->hasPermission($perm)) {
|
||||
showHTML("no access permission", "", "");
|
||||
die();
|
||||
}
|
||||
}
|
||||
|
||||
$addpassresp = AccountHubApi::get(
|
||||
"addapppassword",
|
||||
[
|
||||
"desc" => $SETTINGS["site_title"] . " - Nextcloud Notes API",
|
||||
"username" => $user->getUsername()
|
||||
],
|
||||
true
|
||||
);
|
||||
|
||||
$_SESSION["login_code"] = null;
|
||||
|
||||
$redirecturl = "nc://login/server:" . htmlentities($appurl) . "&user:" . htmlentities($user->getUsername()) . "&password:" . htmlentities($addpassresp["pass"]);
|
||||
|
||||
header("Location: $redirecturl");
|
||||
die("<a href='$redirecturl'>Click here</a>");
|
||||
} else {
|
||||
throw new Exception();
|
||||
}
|
||||
} catch (Exception $ex) {
|
||||
$redirecttologin = true;
|
||||
}
|
||||
}
|
||||
|
||||
if ($redirecttologin) {
|
||||
try {
|
||||
$codedata = AccountHubApi::get("getloginkey", ["appname" => $SETTINGS["site_title"], "appicon" => $iconurl]);
|
||||
|
||||
if ($codedata['status'] != "OK") {
|
||||
throw new Exception($Strings->get("login server unavailable", false));
|
||||
}
|
||||
|
||||
$_SESSION["login_code"] = $codedata["code"];
|
||||
|
||||
$locationurl = $codedata["loginurl"] . "?code=" . htmlentities($codedata["code"]) . "&redirect=" . htmlentities($thisurl);
|
||||
|
||||
header("Location: $locationurl");
|
||||
showHTML("Continue", "Continue", $locationurl);
|
||||
die();
|
||||
} catch (Exception $ex) {
|
||||
sendError($ex->getMessage());
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue