/**
* @return string
*/
public function GetAuthTokenQ()
{
return \RainLoop\Utils::EncodeKeyValuesQ(array('token', $this->sEmail, $this->sLogin, $this->sPassword, \RainLoop\Utils::Fingerprint(), $this->sSignMeToken, $this->sParentEmail, \RainLoop\Utils::GetShortToken(), $this->sProxyAuthUser, $this->sProxyAuthPassword, 0));
}
/**
* @param string $sToken
* @param bool $bThrowExceptionOnFalse = true
* @param bool $bValidateShortToken = true
* @param bool $bQ = false
*
* @return \RainLoop\Model\Account|bool
* @throws \RainLoop\Exceptions\ClientException
*/
public function GetAccountFromCustomToken($sToken, $bThrowExceptionOnFalse = true, $bValidateShortToken = true, $bQ = false)
{
$oResult = false;
if (!empty($sToken)) {
$aAccountHash = $bQ ? \RainLoop\Utils::DecodeKeyValuesQ($sToken) : \RainLoop\Utils::DecodeKeyValues($sToken);
if (!empty($aAccountHash[0]) && 'token' === $aAccountHash[0] && 8 <= \count($aAccountHash) && !empty($aAccountHash[7]) && (!$bValidateShortToken || \RainLoop\Utils::GetShortToken() === $aAccountHash[7] || isset($aAccountHash[10]) && 0 < $aAccountHash[10] && \time() < $aAccountHash[10])) {
$oAccount = $this->LoginProvide($aAccountHash[1], $aAccountHash[2], $aAccountHash[3], empty($aAccountHash[5]) ? '' : $aAccountHash[5], $bThrowExceptionOnFalse);
if ($oAccount instanceof \RainLoop\Model\Account) {
if (!empty($aAccountHash[8]) && !empty($aAccountHash[9])) {
$oAccount->SetProxyAuthUser($aAccountHash[8]);
$oAccount->SetProxyAuthPassword($aAccountHash[9]);
}
$this->Logger()->AddSecret($oAccount->Password());
$this->Logger()->AddSecret($oAccount->ProxyAuthPassword());
$oAccount->SetParentEmail($aAccountHash[6]);
$oResult = $oAccount;
}
} else {
if ($bThrowExceptionOnFalse) {
throw new \RainLoop\Exceptions\ClientException(\RainLoop\Notifications::AuthError);
}
}
}
if ($bThrowExceptionOnFalse && !$oResult instanceof \RainLoop\Model\Account) {
throw new \RainLoop\Exceptions\ClientException(\RainLoop\Notifications::AuthError);
}
return $oResult;
}
/**
* @return \RainLoop\Service
*/
public function Handle()
{
if (!\class_exists('MailSo\\Version')) {
return $this;
}
$this->oActions->BootStart();
$this->oActions->ParseQueryAuthString();
$bCached = false;
$sResult = '';
$sQuery = \trim(\trim($this->oHttp->GetServer('QUERY_STRING', '')), ' /');
$iPos = \strpos($sQuery, '&');
if (0 < $iPos) {
$sQuery = \substr($sQuery, 0, $iPos);
}
$this->oActions->Plugins()->RunHook('filter.http-query', array(&$sQuery));
$aPaths = \explode('/', $sQuery);
$this->oActions->Plugins()->RunHook('filter.http-paths', array(&$aPaths));
$bAdmin = false;
$sAdminPanelHost = $this->oActions->Config()->Get('security', 'admin_panel_host', '');
if (empty($sAdminPanelHost)) {
$bAdmin = !empty($aPaths[0]) && \in_array(\strtolower($aPaths[0]), array('admin', 'cp'));
} else {
if (empty($aPaths[0]) && \MailSo\Base\Utils::StrToLowerIfAscii($sAdminPanelHost) === \MailSo\Base\Utils::StrToLowerIfAscii($this->oHttp->GetHost())) {
$bAdmin = true;
}
}
if ($bAdmin && !$this->oActions->Config()->Get('security', 'allow_admin_panel', true)) {
echo $this->oActions->ErrorTemplates('Access Denied.', 'Access to the RainLoop Webmail Admin Panel is not allowed!', true);
return $this;
}
$bIndex = true;
if (0 < \count($aPaths) && !empty($aPaths[0]) && !$bAdmin && 'index' !== $aPaths[0]) {
$bIndex = false;
$sMethodName = 'Service' . $aPaths[0];
if (\method_exists($this->oServiceActions, $sMethodName) && \is_callable(array($this->oServiceActions, $sMethodName))) {
$this->oServiceActions->SetQuery($sQuery)->SetPaths($aPaths);
$sResult = \call_user_func(array($this->oServiceActions, $sMethodName));
} else {
if (!$this->oActions->Plugins()->RunAdditionalPart($aPaths[0], $aPaths)) {
$bIndex = true;
}
}
}
if ($bIndex) {
@header('Content-Type: text/html; charset=utf-8');
$this->oHttp->ServerNoCache();
$aTemplateParameters = $this->indexTemplateParameters($bAdmin);
$sCacheFileName = '';
if ($this->oActions->Config()->Get('labs', 'cache_system_data', true)) {
$sCacheFileName = 'TMPL:' . $aTemplateParameters['{{BaseHash}}'];
$sResult = $this->oActions->Cacher()->Get($sCacheFileName);
}
if (0 === \strlen($sResult)) {
$sResult = \strtr(\file_get_contents(APP_VERSION_ROOT_PATH . 'app/templates/Index.html'), $aTemplateParameters);
$sResult = \RainLoop\Utils::ClearHtmlOutput($sResult);
if (0 < \strlen($sCacheFileName)) {
$this->oActions->Cacher()->Set($sCacheFileName, $sResult);
}
} else {
$bCached = true;
}
$sResult .= '<!--';
$sResult .= ' [version:' . APP_VERSION;
$sResult .= '][time:' . \substr(\microtime(true) - APP_START, 0, 6);
$sResult .= '][cached:' . ($bCached ? 'true' : 'false');
$sResult .= '][hash:' . $aTemplateParameters['{{BaseHash}}'];
$sResult .= '][session:' . \md5(\RainLoop\Utils::GetShortToken());
$sResult .= '] -->';
}
// Output result
echo $sResult;
unset($sResult);
$this->oActions->BootEnd();
return $this;
}
/**
* @param string $sEncriptedString
* @param string $sKey
*
* @return string
*/
public static function DecryptStringQ($sEncriptedString, $sKey)
{
// if (\MailSo\Base\Utils::FunctionExistsAndEnabled('openssl_pkey_get_private'))
// {
// return \RainLoop\Utils::DecryptStringRSA($sEncriptedString,
// $sKey.'Q'.\RainLoop\Utils::GetShortToken());
// }
return \MailSo\Base\Crypt::XxteaDecrypt($sEncriptedString, $sKey . 'Q' . \RainLoop\Utils::GetShortToken());
}
/**
* @return \RainLoop\Service
*/
public function Handle()
{
if (!\class_exists('MailSo\\Version')) {
return $this;
}
$this->oActions->BootStart();
$this->oActions->ParseQueryAuthString();
$bCached = false;
$sResult = '';
$sQuery = \trim(\trim($this->oHttp->GetServer('QUERY_STRING', '')), ' /');
$iPos = \strpos($sQuery, '&');
if (0 < $iPos) {
$sQuery = \substr($sQuery, 0, $iPos);
}
$this->oActions->Plugins()->RunHook('filter.http-query', array(&$sQuery));
$aPaths = \explode('/', $sQuery);
$this->oActions->Plugins()->RunHook('filter.http-paths', array(&$aPaths));
$bAdmin = false;
$sAdminPanelHost = $this->oActions->Config()->Get('security', 'admin_panel_host', '');
if (empty($sAdminPanelHost)) {
$bAdmin = !empty($aPaths[0]) && \in_array(\strtolower($aPaths[0]), array('admin', 'cp'));
} else {
if (empty($aPaths[0]) && \MailSo\Base\Utils::StrToLowerIfAscii($sAdminPanelHost) === \MailSo\Base\Utils::StrToLowerIfAscii($this->oHttp->GetHost())) {
$bAdmin = true;
}
}
if ($bAdmin && !$this->oActions->Config()->Get('security', 'allow_admin_panel', true)) {
echo $this->oActions->ErrorTemplates('Access Denied.', 'Access to the RainLoop Webmail Admin Panel is not allowed!', true);
return $this;
}
$bIndex = true;
if (0 < \count($aPaths) && !empty($aPaths[0]) && !$bAdmin && 'index' !== $aPaths[0]) {
$bIndex = false;
$sMethodName = 'Service' . $aPaths[0];
if (\method_exists($this->oServiceActions, $sMethodName) && \is_callable(array($this->oServiceActions, $sMethodName))) {
$this->oServiceActions->SetQuery($sQuery)->SetPaths($aPaths);
$sResult = \call_user_func(array($this->oServiceActions, $sMethodName));
} else {
if (!$this->oActions->Plugins()->RunAdditionalPart($aPaths[0], $aPaths)) {
$bIndex = true;
}
}
}
if ($bIndex) {
@header('Content-Type: text/html; charset=utf-8');
$this->oHttp->ServerNoCache();
$aData = $this->startUpData($bAdmin);
$sCacheFileName = '';
if ($this->oActions->Config()->Get('labs', 'cache_system_data', true)) {
$sCacheFileName = 'TMPL:' . $aData['Hash'];
$sResult = $this->oActions->Cacher()->Get($sCacheFileName);
}
if (0 === \strlen($sResult)) {
$sJsBoot = \file_get_contents(APP_VERSION_ROOT_PATH . 'static/js/boot.js');
$sResult = \strtr(\file_get_contents(APP_VERSION_ROOT_PATH . 'app/templates/Index.html'), array('{{BaseRandHash}}' => \md5(\rand(1000, 9000) . \microtime(true)), '{{BaseAppDataScriptLink}}' => $bAdmin ? './?/AdminAppData/' : './?/AppData/', '{{BaseAppFaviconIcoFile}}' => $aData['FaviconIcoLink'], '{{BaseAppFaviconPngFile}}' => $aData['FaviconPngLink'], '{{BaseAppAppleTouchFile}}' => $aData['AppleTouchLink'], '{{BaseAppMainCssLink}}' => $aData['AppCssLink'], '{{BaseAppBootScriptSource}}' => $sJsBoot, '{{BaseAppLibsScriptLink}}' => $aData['LibJsLink'], '{{BaseAppEditorScriptLink}}' => $aData['EditorJsLink'], '{{BaseAppMainScriptLink}}' => $aData['AppJsLink'], '{{BaseAppLoadingDescription}}' => \htmlspecialchars($aData['LoadingDescription'], ENT_QUOTES | ENT_IGNORE, 'UTF-8'), '{{BaseDir}}' => \in_array($aData['Language'], array('ar', 'he', 'ur')) ? 'rtl' : 'ltr'));
$sResult = \RainLoop\Utils::ClearHtmlOutput($sResult);
if (0 < \strlen($sCacheFileName)) {
$this->oActions->Cacher()->Set($sCacheFileName, $sResult);
}
} else {
$bCached = true;
}
$sResult .= '<!--';
$sResult .= ' [version:' . APP_VERSION;
$sResult .= '][time:' . \substr(\microtime(true) - APP_START, 0, 6);
$sResult .= '][cached:' . ($bCached ? 'true' : 'false');
$sResult .= '][session:' . \md5(\RainLoop\Utils::GetShortToken());
$sResult .= '] -->';
}
// Output result
echo $sResult;
unset($sResult);
$this->oActions->BootEnd();
return $this;
}
/**
* @param string $sToken
* @param bool $bThrowExceptionOnFalse = true
* @param bool $bValidateShortToken = true
*
* @return \RainLoop\Account|bool
* @throws \RainLoop\Exceptions\ClientException
*/
public function GetAccountFromCustomToken($sToken, $bThrowExceptionOnFalse = true, $bValidateShortToken = true)
{
$oResult = false;
if (!empty($sToken)) {
$aAccountHash = \RainLoop\Utils::DecodeKeyValues($sToken);
if (!empty($aAccountHash[0]) && 'token' === $aAccountHash[0] && 8 === \count($aAccountHash) && !empty($aAccountHash[7]) && (!$bValidateShortToken || \RainLoop\Utils::GetShortToken() === $aAccountHash[7])) {
$oAccount = $this->LoginProvide($aAccountHash[1], $aAccountHash[2], $aAccountHash[3], empty($aAccountHash[5]) ? '' : $aAccountHash[5]);
if ($oAccount instanceof \RainLoop\Account) {
$this->Logger()->AddSecret($oAccount->Password());
$oAccount->SetParentEmail($aAccountHash[6]);
$oResult = $oAccount;
} else {
$oDomain = $this->DomainProvider()->Load(\MailSo\Base\Utils::GetDomainFromEmail($aAccountHash[1]), true);
if ($bThrowExceptionOnFalse) {
if (!$oDomain instanceof \RainLoop\Domain) {
throw new \RainLoop\Exceptions\ClientException(\RainLoop\Notifications::DomainNotAllowed);
} else {
if (!$oDomain->ValidateWhiteList($aAccountHash[1], $aAccountHash[2])) {
throw new \RainLoop\Exceptions\ClientException(\RainLoop\Notifications::AccountNotAllowed);
}
}
}
}
} else {
if ($bThrowExceptionOnFalse) {
throw new \RainLoop\Exceptions\ClientException(\RainLoop\Notifications::AuthError);
}
}
}
if ($bThrowExceptionOnFalse && !$oResult instanceof \RainLoop\Account) {
throw new \RainLoop\Exceptions\ClientException(\RainLoop\Notifications::AuthError);
}
return $oResult;
}
