diff --git a/conf/provisioning.conf b/conf/provisioning.conf
index f7a5520..c4d4820 100644
--- a/conf/provisioning.conf
+++ b/conf/provisioning.conf
@@ -29,4 +29,11 @@ define("REMOTE_PROVISIONING_DEFAULT_CONFIG", "default.rc");
*/
define("REMOTE_PROVISIONING_DEFAULT_TRANSPORT", "tls");
+/*
+ * If set to True, provisioning.php will generate a new password if the account was not activated yet and activate it.
+ *
+ * Default value: False
+ */
+define("REMOTE_PROVISIONING_ONE_TIME_PASSWORD", False);
+
?>
\ No newline at end of file
diff --git a/src/xmlrpc/provisioning.php b/src/xmlrpc/provisioning.php
index f54f83f..11991ad 100644
--- a/src/xmlrpc/provisioning.php
+++ b/src/xmlrpc/provisioning.php
@@ -21,6 +21,10 @@
header("Access-Control-Allow-Origin: *");
include_once __DIR__ . '/../misc/utilities.php';
+include_once __DIR__ . '/../objects/account.php';
+include_once __DIR__ . '/../objects/password.php';
+
+$logger = Logger::getInstance();
if (isset($_GET['qrcode']) && $_GET['qrcode'] == 1) {
$query = $_GET;
@@ -79,6 +83,43 @@ $domain = isset($_GET['domain']) ? $_GET['domain'] : SIP_DOMAIN;
$transport = isset($_GET['transport']) ? $_GET['transport'] : REMOTE_PROVISIONING_DEFAULT_TRANSPORT;
if (!empty($username)) {
+ $ha1 = isset($_GET['ha1']) ? $_GET['ha1'] : null;
+ $algo = isset($_GET['algorithm']) ? $_GET['algorithm'] : DEFAULT_ALGORITHM;
+
+ if (REMOTE_PROVISIONING_ONE_TIME_PASSWORD) {
+ $database = new Database();
+ $db = $database->getConnection();
+ $account = new Account($db);
+ $account->username = $username;
+ $account->domain = $domain;
+
+ if ($account->getOne()) {
+ if (!is_activated($account->activated)) {
+ $password = new Password($db);
+ $password->account_id = $account->id;
+ $password->algorithm = $algo;
+
+ if ($password->getOne()) {
+ $new_password = generate_password();
+ $ha1 = hash_password($username, $new_password, $domain, $algo);
+ $password->password = $ha1;
+ if (!$password->update()) {
+ $logger->error("Failed to update password for account id " . $account->id);
+ }
+ } else {
+ $logger->error("Password not found for account id " . $account->id);
+ }
+
+ $account->activated = "1";
+ if (!$account->update()) {
+ $logger->error("Failed to activate account id " . $account->id);
+ }
+ } else {
+ $logger->message("Account id " . $account->id . " is already activated");
+ }
+ }
+ }
+
$xml .= '';
$xml .= '<sip:' . $username . '@' . $domain . '>';
$xml .= '<sip:' . $domain . ';transport=' . $transport . '>';
@@ -86,9 +127,6 @@ if (!empty($username)) {
$xml .= '1';
$xml .= '';
- $ha1 = isset($_GET['ha1']) ? $_GET['ha1'] : null;
- $algo = isset($_GET['algorithm']) ? $_GET['algorithm'] : DEFAULT_ALGORITHM;
-
if (!empty($ha1)) {
$xml .= '';
$xml .= '' . $username . '';