paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Web] oauth authorize - added missing twig templating

master
Kristian Feldsam 2021-10-22 14:37:26 +02:00
parent 51d48a3c7c
commit 72ceeda872
2 changed files with 65 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
data/web/oauth/authorize.php
View File

@ -11,49 +11,18 @@ $response = new OAuth2\Response();
if (!$oauth2_server->validateAuthorizeRequest($request, $response)) { if (!$oauth2_server->validateAuthorizeRequest($request, $response)) {
$response->send(); $response->send();
exit(); exit;
} }
if (!isset($_POST['authorized'])): if (!isset($_POST['authorized'])) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php';
?> $template = 'oauth/authorize.twig';
<div class="container"> $template_data = [];
<div class="panel panel-default">
<div class="panel-heading"><?=$lang['oauth2']['authorize_app'];?></div>
<div class="panel-body">
<?php
if ($_SESSION['mailcow_cc_role'] != 'user'):
$request = '';
?>
<p><?=$lang['oauth2']['access_denied'];?></p>
<?php
else:
?>
<p><?=$lang['oauth2']['scope_ask_permission'];?>:</p>
<dl class="dl-horizontal">
<dt><?=$lang['oauth2']['profile'];?></dt>
<dd><?=$lang['oauth2']['profile_desc'];?></dd>
</dl>
<form class="form-horizontal" autocapitalize="none" autocorrect="off" role="form" method="post">
<div class="form-group">
<div class="col-sm-10 text-center">
<button class="btn btn-success" name="authorized" type="submit" value="1"><?=$lang['oauth2']['permit'];?></button>
<a href="#" class="btn btn-default" onclick="window.history.back()" role="button"><?=$lang['oauth2']['deny'];?></a>
<input type="hidden" name="csrf_token" value="<?=$_SESSION['CSRF']['TOKEN'];?>">
</div>
</div>
</form>
<?php
endif;
?>
</div>
</div>
</div> <!-- /container -->
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';
exit(); exit;
endif; }
// print the authorization code if the user has authorized your client // print the authorization code if the user has authorized your client
$is_authorized = ($_POST['authorized'] == '1'); $is_authorized = ($_POST['authorized'] == '1');

27
data/web/templates/oauth/authorize.twig 100644
View File

@ -0,0 +1,27 @@
{% extends 'base.twig' %}
{% block content %}
<div class="panel panel-default">
<div class="panel-heading">{{ lang.oauth2.authorize_app }}</div>
<div class="panel-body">
{% if mailcow_cc_role == 'user' %}
<p>{{ lang.oauth2.scope_ask_permission }}:</p>
<dl class="dl-horizontal">
<dt>{{ lang.oauth2.profile }}</dt>
<dd>{{ lang.oauth2.profile_desc }}</dd>
</dl>
<form class="form-horizontal" autocapitalize="none" autocorrect="off" role="form" method="post">
<div class="form-group">
<div class="col-sm-10 text-center">
<button class="btn btn-success" name="authorized" type="submit" value="1">{{ lang.oauth2.permit }}</button>
<a href="#" class="btn btn-default" onclick="window.history.back()" role="button">{{ lang.oauth2.deny }}</a>
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
</div>
</div>
</form>
{% else %}
<p>{{ lang.oauth2.access_denied }}</p>
{% endif %}
</div>
</div>
{% endblock %}