init identity_provider only after all conditions are met

data/conf/phpfpm/crons/keycloak-sync.php

@@ -70,8 +70,6 @@ $_SESSION['acl']['protocol_access'] = "1";
 $_SESSION['acl']['mailbox_relayhost'] = "1";
 $_SESSION['acl']['unlimited_quota'] = "1";
 
-// Init Keycloak Provider
-$iam_provider = identity_provider('init');
 $iam_settings = identity_provider('get');
 if ($iam_settings['authsource'] != "keycloak" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) {
   session_destroy();
@@ -109,6 +107,9 @@ $lock_file_handle = fopen($lock_file, 'w');
 fwrite($lock_file_handle, getmypid());
 fclose($lock_file_handle);
 
+// Init Keycloak Provider
+$iam_provider = identity_provider('init');
+
 // Loop until all users have been retrieved
 while (true) {
   // Get admin access token

data/conf/phpfpm/crons/ldap-sync.php

@@ -70,8 +70,6 @@ $_SESSION['acl']['protocol_access'] = "1";
 $_SESSION['acl']['mailbox_relayhost'] = "1";
 $_SESSION['acl']['unlimited_quota'] = "1";
 
-// Init Provider
-$iam_provider = identity_provider('init');
 $iam_settings = identity_provider('get');
 if ($iam_settings['authsource'] != "ldap" || (intval($iam_settings['periodic_sync']) != 1 && intval($iam_settings['import_users']) != 1)) {
   session_destroy();
@@ -109,6 +107,9 @@ $lock_file_handle = fopen($lock_file, 'w');
 fwrite($lock_file_handle, getmypid());
 fclose($lock_file_handle);
 
+// Init Provider
+$iam_provider = identity_provider('init');
+
 // Get ldap users
 $ldap_query = $iam_provider->query();
 if (!empty($iam_settings['filter'])) {

data/web/inc/functions.auth.inc.php

@@ -476,8 +476,8 @@ function keycloak_mbox_login_rest($user, $pass, $iam_settings, $extra = null){
 }
 function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
   global $pdo;
-  global $iam_provider;
-
+  
+  $iam_provider = identity_provider();
   $is_internal = $extra['is_internal'];
   $create = $extra['create'];
 

data/web/inc/functions.inc.php

@@ -2099,12 +2099,20 @@ function uuid4() {
 }
 function identity_provider($_action, $_data = null, $_extra = null) {
   global $pdo;
+  global $iam_provider;
 
   $data_log = $_data;
   if (isset($data_log['client_secret'])) $data_log['client_secret'] = '*';
   if (isset($data_log['access_token'])) $data_log['access_token'] = '*';
 
   switch ($_action) {
+    case NULL:
+      if ($iam_provider) {
+        return $iam_provider;
+      } else {
+        $iam_provider = identity_provider("init");
+      }
+    break;
     case 'get':
       $settings = array();
       $stmt = $pdo->prepare("SELECT * FROM `identity_provider`;");