Last active
June 12, 2018 18:44
-
-
Save dominicgan/75b9aafb90d1802e4d7ed602948ae310 to your computer and use it in GitHub Desktop.
PHP Curl to authenticate with Zimbra API (Using Yii 1.1)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// ... | |
// login actions | |
// ... | |
if ($form->submitted('login') && $form->validate()) { | |
// assuming successful login = correct credentials, | |
// auth with zimbra for email and calendar, and create Z_AUTH_TOKEN | |
// 2 tokens, one for personal mail domain and the other for general calendar | |
// ZIMB_TKN & ZIMB_TKN_CAL | |
// 1.1) Create a temp file to store cookie info | |
$cookie_jar = tempnam('/tmp','ZmC'); | |
// 1.2) Set cookie expiry period | |
$date_of_expiry = time() + (7 * 24 * 60 * 60); // one week expiry from creation | |
// if (YII_DEBUG != true){ | |
// 2.1) Accounts to auth with (assuming user email is stored in the db) | |
$zimbra_email_id = Yii::app()->user->email; | |
// 2.2) User credentials | |
$username = Yii::app()->user->email; | |
$userpass = $_POST['LoginForm']['password']; | |
$user_pass = $username.':'.$userpass; | |
if (($pos = strpos($zimbra_email_id, "@")) !== FALSE) { | |
$auth_domain = 'mail.'.substr($zimbra_email_id, $pos+1); // email domain to auth | |
} | |
// 2.3) Auth url. Since there is no auth-only url, request for drafts folder to authenticate | |
// (fastest request assuming least amount of messages in drafts folder) | |
$auth_url = "https://".$auth_domain."/home/".$zimbra_email_id."/drafts/?auth=sc&fmt=json"; | |
// 2.4) temp place to put the file | |
$save_as_folder = "zimbra_json"; | |
// 2.5) temp file name | |
$auth_file_name = $zimbra_email_id.'.auth'.'.json'; | |
// 2.6) Concatenate folder and name | |
$auth_file = $_SERVER['DOCUMENT_ROOT'].'/assets//'.$save_as_folder.'/'.$auth_file_name; | |
// 3) Auth with zimbra server via curl | |
$auth_crl = curl_init(); | |
$fp = fopen($auth_file, "w"); | |
curl_setopt($auth_crl, CURLOPT_COOKIESESSION, true); | |
curl_setopt($auth_crl, CURLOPT_URL, $auth_url); | |
curl_setopt($auth_crl, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($auth_crl, CURLOPT_FOLLOWLOCATION, true); | |
curl_setopt($auth_crl, CURLOPT_USERPWD, $user_pass); | |
curl_setopt($auth_crl, CURLOPT_COOKIEJAR, $cookie_jar); | |
curl_setopt($auth_crl, CURLOPT_FILE, $fp); | |
curl_setopt($auth_crl, CURLOPT_HTTPAUTH, CURLAUTH_ANY); | |
curl_setopt($auth_crl, CURLOPT_POSTREDIR, 2); | |
$auth_data = curl_exec($auth_crl); | |
$auth_info = curl_getinfo($auth_crl); | |
if(curl_errno($auth_crl)){ | |
echo 'Curl error: ' . curl_error($auth_crl); | |
} | |
curl_close($auth_crl); | |
fclose($fp); | |
// 4) Since we cannot save the temp generated cookie file (mostly because I don't know how to), | |
// we will grab the value of the ZM_AUTH_TOKEN that was created with the auth request and write | |
// it to a PHP cookie for reference in other pages of the site. | |
$zimb_cookie = file_get_contents($cookie_jar); | |
$zimb_cookie = base64_encode($zimb_cookie); | |
setcookie( "ZIMB_TKN", $zimb_cookie, $date_of_expiry, "/"); | |
// 5) Finally remove the temp file containing auth data which is now stored in the cookie. | |
unlink($cookie_jar); | |
// } | |
// ... | |
// continue login redirection/etc | |
// ... | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment