|
@@ -235,44 +235,48 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u
|
|
|
));
|
|
));
|
|
|
exit();
|
|
exit();
|
|
|
}
|
|
}
|
|
|
|
|
+ switch ($category) {
|
|
|
|
|
+ case "u2f-registration":
|
|
|
|
|
+ header('Content-Type: application/javascript');
|
|
|
|
|
+ if (($_SESSION["mailcow_cc_role"] == "admin" || $_SESSION["mailcow_cc_role"] == "domainadmin") && $_SESSION["mailcow_cc_username"] == $object) {
|
|
|
|
|
+ list($req, $sigs) = $u2f->getRegisterData(get_u2f_registrations($object));
|
|
|
|
|
+ $_SESSION['regReq'] = json_encode($req);
|
|
|
|
|
+ $_SESSION['regSigs'] = json_encode($sigs);
|
|
|
|
|
+ echo 'var req = ' . json_encode($req) . ';';
|
|
|
|
|
+ echo 'var registeredKeys = ' . json_encode($sigs) . ';';
|
|
|
|
|
+ echo 'var appId = req.appId;';
|
|
|
|
|
+ echo 'var registerRequests = [{version: req.version, challenge: req.challenge}];';
|
|
|
|
|
+ return;
|
|
|
|
|
+ }
|
|
|
|
|
+ else {
|
|
|
|
|
+ return;
|
|
|
|
|
+ }
|
|
|
|
|
+ break;
|
|
|
|
|
+ case "u2f-authentication":
|
|
|
|
|
+ header('Content-Type: application/javascript');
|
|
|
|
|
+ if (isset($_SESSION['pending_mailcow_cc_username']) && $_SESSION['pending_mailcow_cc_username'] == $object) {
|
|
|
|
|
+ $auth_data = $u2f->getAuthenticateData(get_u2f_registrations($object));
|
|
|
|
|
+ $challenge = $auth_data[0]->challenge;
|
|
|
|
|
+ $appId = $auth_data[0]->appId;
|
|
|
|
|
+ foreach ($auth_data as $each) {
|
|
|
|
|
+ $key = array(); // Empty array
|
|
|
|
|
+ $key['version'] = $each->version;
|
|
|
|
|
+ $key['keyHandle'] = $each->keyHandle;
|
|
|
|
|
+ $registeredKey[] = $key;
|
|
|
|
|
+ }
|
|
|
|
|
+ $_SESSION['authReq'] = json_encode($auth_data);
|
|
|
|
|
+ echo 'var appId = "' . $appId . '";';
|
|
|
|
|
+ echo 'var challenge = ' . json_encode($challenge) . ';';
|
|
|
|
|
+ echo 'var registeredKeys = ' . json_encode($registeredKey) . ';';
|
|
|
|
|
+ return;
|
|
|
|
|
+ }
|
|
|
|
|
+ else {
|
|
|
|
|
+ return;
|
|
|
|
|
+ }
|
|
|
|
|
+ break;
|
|
|
|
|
+ }
|
|
|
if (!isset($_SESSION['pending_mailcow_cc_username'])) {
|
|
if (!isset($_SESSION['pending_mailcow_cc_username'])) {
|
|
|
switch ($category) {
|
|
switch ($category) {
|
|
|
- case "u2f-registration":
|
|
|
|
|
- header('Content-Type: application/javascript');
|
|
|
|
|
- if (($_SESSION["mailcow_cc_role"] == "admin" || $_SESSION["mailcow_cc_role"] == "domainadmin") && $_SESSION["mailcow_cc_username"] == $object) {
|
|
|
|
|
- list($req, $sigs) = $u2f->getRegisterData(get_u2f_registrations($object));
|
|
|
|
|
- $_SESSION['regReq'] = json_encode($req);
|
|
|
|
|
- $_SESSION['regSigs'] = json_encode($sigs);
|
|
|
|
|
- echo 'var req = ' . json_encode($req) . ';';
|
|
|
|
|
- echo 'var registeredKeys = ' . json_encode($sigs) . ';';
|
|
|
|
|
- echo 'var appId = req.appId;';
|
|
|
|
|
- echo 'var registerRequests = [{version: req.version, challenge: req.challenge}];';
|
|
|
|
|
- }
|
|
|
|
|
- else {
|
|
|
|
|
- return;
|
|
|
|
|
- }
|
|
|
|
|
- break;
|
|
|
|
|
- case "u2f-authentication":
|
|
|
|
|
- header('Content-Type: application/javascript');
|
|
|
|
|
- if (isset($_SESSION['pending_mailcow_cc_username']) && $_SESSION['pending_mailcow_cc_username'] == $object) {
|
|
|
|
|
- $auth_data = $u2f->getAuthenticateData(get_u2f_registrations($object));
|
|
|
|
|
- $challenge = $auth_data[0]->challenge;
|
|
|
|
|
- $appId = $auth_data[0]->appId;
|
|
|
|
|
- foreach ($auth_data as $each) {
|
|
|
|
|
- $key = array(); // Empty array
|
|
|
|
|
- $key['version'] = $each->version;
|
|
|
|
|
- $key['keyHandle'] = $each->keyHandle;
|
|
|
|
|
- $registeredKey[] = $key;
|
|
|
|
|
- }
|
|
|
|
|
- $_SESSION['authReq'] = json_encode($auth_data);
|
|
|
|
|
- echo 'var appId = "' . $appId . '";';
|
|
|
|
|
- echo 'var challenge = ' . json_encode($challenge) . ';';
|
|
|
|
|
- echo 'var registeredKeys = ' . json_encode($registeredKey) . ';';
|
|
|
|
|
- }
|
|
|
|
|
- else {
|
|
|
|
|
- return;
|
|
|
|
|
- }
|
|
|
|
|
- break;
|
|
|
|
|
case "rspamd":
|
|
case "rspamd":
|
|
|
switch ($object) {
|
|
switch ($object) {
|
|
|
case "actions":
|
|
case "actions":
|
andryyy