mirrors/flexisip-account-manager
1
0
Fork 0
mirror of https://gitlab.linphone.org/BC/public/flexisip-account-manager.git synced 2026-01-17 10:08:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add accounts management endpoints

Browse source 
Add account email reset endpoint
Update the dependencies
Complete tests
This commit is contained in:
Timothée Jaussoin 2020-12-07 15:25:34 +01:00
parent 220d596a7f
commit 5ddb669af1
18 changed files with 1381 additions and 732 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
flexiapi/.env.example
View file

@ -18,7 +18,7 @@ INSTANCE_CONFIRMED_REGISTRATION_TEXT= # Markdown text displayed when an account
NEWSLETTER_REGISTRATION_ADDRESS= # Address to contact when a user wants to register to the newsletter
PHONE_AUTHENTICATION=true # Toggle to enable/disable the SMS support
DEVICES_MANAGEMENT=true # Toggle to enable/disable the devices management support
DEVICES_MANAGEMENT=false # Toggle to enable/disable the devices management support
LOG_CHANNEL=stack

46
flexiapi/app/Account.php
View file

@ -22,10 +22,17 @@ namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Facades\Mail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Support\Str;
use App\ApiKey;
use App\Password;
use App\EmailChanged;
use App\Helpers\Utils;
use App\Events\AccountDeleting;
use App\Mail\ChangingEmail;
use App\Mail\ChangedEmail;
class Account extends Authenticatable
{
@ -33,9 +40,18 @@ class Account extends Authenticatable
protected $connection = 'external';
protected $with = ['passwords', 'admin', 'emailChanged'];
protected $dates = ['creation_time'];
protected $dateTimes = ['creation_time'];
protected $casts = [
'activated' => 'boolean',
];
public $timestamps = false;
protected $dispatchesEvents = [
// Remove all the related data, accross multiple database
// and without foreign-keys (sic)
'deleting' => AccountDeleting::class,
];
protected static function booted()
{
static::addGlobalScope('domain', function (Builder $builder) {
@ -78,6 +94,23 @@ class Account extends Authenticatable
return $this->attributes['username'].'@'.$this->attributes['domain'];
}
public function requestEmailUpdate(string $newEmail)
{
// Remove all the old requests
$this->emailChanged()->delete();
// Create a new one
$emailChanged = new EmailChanged;
$emailChanged->new_email = $newEmail;
$emailChanged->hash = Str::random(16);
$emailChanged->account_id = $this->id;
$emailChanged->save();
$this->refresh();
Mail::to($this)->send(new ChangingEmail($this));
}
public function generateApiKey()
{
$this->apiKey()->delete();
@ -92,4 +125,15 @@ class Account extends Authenticatable
{
return ($this->admin);
}
public function updatePassword($newPassword, $algorithm)
{
$this->passwords()->delete();
$password = new Password;
$password->account_id = $this->id;
$password->password = Utils::bchash($this->username, $this->domain, $newPassword, $algorithm);
$password->algorithm = $algorithm;
$password->save();
}
}

4
flexiapi/app/EmailChanged.php
View file

@ -25,6 +25,10 @@ class EmailChanged extends Model
{
protected $connection = 'local';
protected $table = 'email_changed';
protected $hidden = ['id', 'updated_at', 'hash', 'account_id'];
protected $casts = [
'created_at' => 'datetime:Y-m-d H:m:s',
];
public function account()
{

24
flexiapi/app/Events/AccountDeleting.php Normal file
View file

@ -0,0 +1,24 @@
<?php
namespace App\Events;
use Illuminate\Broadcasting\InteractsWithSockets;
use Illuminate\Foundation\Events\Dispatchable;
use Illuminate\Queue\SerializesModels;
use App\Account;
class AccountDeleting
{
use Dispatchable, InteractsWithSockets, SerializesModels;
public function __construct(Account $account)
{
$account->alias()->delete();
$account->passwords()->delete();
$account->nonces()->delete();
$account->admin()->delete();
$account->apiKey()->delete();
$account->emailChanged()->delete();
}
}

16
flexiapi/app/Http/Controllers/Account/EmailController.php
View file

@ -22,6 +22,7 @@ namespace App\Http\Controllers\Account;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Str;
use Illuminate\Validation\Rule;
use App\Http\Controllers\Controller;
use App\Mail\ChangingEmail;
@ -40,22 +41,11 @@ class EmailController extends Controller
public function requestUpdate(Request $request)
{
$request->validate([
'email_current' => ['required', Rule::in([$request->user()->email])],
'email' => 'required|different:email_current|confirmed|email',
]);
// Remove all the old requests
EmailChanged::where('account_id', $request->user()->id)->delete();
// Create a new one
$emailChanged = new EmailChanged;
$emailChanged->new_email = $request->get('email');
$emailChanged->hash = Str::random(16);
$emailChanged->account_id = $request->user()->id;
$emailChanged->save();
$request->user()->refresh();
Mail::to($request->user())->send(new ChangingEmail($request->user()));
$request->user()->requestEmailUpdate($request->get('email'));
$request->session()->flash('success', 'An email was sent with a confirmation link. Please click it to update your email address.');
return redirect()->route('account.panel');

16
flexiapi/app/Http/Controllers/Account/PasswordController.php
View file

@ -58,8 +58,7 @@ class PasswordController extends Controller
$password->password,
Utils::bchash($account->username, $account->domain, $request->get('old_password'), $password->algorithm)
)) {
$this->updatePassword($account, $request->get('password'), $algorithm);
$account->updatePassword($request->get('password'), $algorithm);
$request->session()->flash('success', 'Password successfully changed');
return redirect()->route('account.panel');
}
@ -68,7 +67,7 @@ class PasswordController extends Controller
return redirect()->back()->withErrors(['old_password' => 'Old password not correct']);
} else {
// No password yet
$this->updatePassword($account, $request->get('password'), $algorithm);
$account->updatePassword($request->get('password'), $algorithm);
if (!empty($account->email)) {
Mail::to($account)->send(new ConfirmedRegistration($account));
@ -79,15 +78,4 @@ class PasswordController extends Controller
return redirect()->route('account.panel');
}
}
private function updatePassword(Account $account, $newPassword, $algorithm)
{
$account->passwords()->delete();
$password = new Password;
$password->account_id = $account->id;
$password->password = Utils::bchash($account->username, $account->domain, $newPassword, $algorithm);
$password->algorithm = $algorithm;
$password->save();
}
}

2
flexiapi/app/Http/Controllers/AccountController.php
View file

@ -36,7 +36,7 @@ class AccountController extends Controller
}
return view('account.home', [
'count' => Account::count()
'count' => Account::where('activated', true)->count()
]);
}

73
flexiapi/app/Http/Controllers/Api/AccountController.php
View file

@ -19,48 +19,67 @@
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
use Illuminate\Support\Facades\Mail;
use Carbon\Carbon;
use App\Http\Controllers\Controller;
use App\Mail\ConfirmedRegistration;
use App\Helpers\Utils;
use App\Account;
use App\Password;
use App\Helpers\Utils;
class AccountController extends Controller
{
public function store(Request $request)
public function show(Request $request)
{
return Account::where('id', $request->user()->id)
->without(['api_key', 'email_changed.new_email'])
->first();
}
public function requestEmailUpdate(Request $request)
{
$request->validate([
'email' => ['required', 'email', Rule::notIn([$request->user()->email])],
]);
$request->user()->requestEmailUpdate($request->get('email'));
}
public function passwordUpdate(Request $request)
{
$request->validate([
'username' => 'required|unique:external.accounts,username|filled',
'algorithm' => 'required|in:SHA-256,MD5',
'password' => 'required|filled',
'domain' => 'min:3',
'activated' => 'boolean|nullable',
'password' => 'required',
]);
$algorithm = $request->has('password_sha256') ? 'SHA-256' : 'MD5';
$account = new Account;
$account->username = $request->get('username');
$account->email = $request->get('email');
$account->activated = $request->has('activated')
? (bool)$request->get('activated')
: false;
$account->domain = $request->has('domain')
? $request->get('domain')
: config('app.sip_domain');
$account->ip_address = $request->ip();
$account->creation_time = Carbon::now();
$account->user_agent = config('app.name');
$account = $request->user();
$account->activated = true;
$account->save();
$password = new Password;
$password->account_id = $account->id;
$password->password = Utils::bchash($account->username, $account->domain, $request->get('password'), $request->get('algorithm'));
$password->algorithm = $request->get('algorithm');
$password->save();
$algorithm = $request->get('algorithm');
return response()->json($account);
if ($account->passwords()->count() > 0) {
$request->validate(['old_password' => 'required']);
foreach ($account->passwords as $password) {
if (hash_equals(
$password->password,
Utils::bchash($account->username, $account->domain, $request->get('old_password'), $password->algorithm)
)) {
$account->updatePassword($request->get('password'), $algorithm);
return response()->json();
}
}
return response()->json(['errors' => ['old_password' => 'Incorrect old password']], 422);
} else {
$account->updatePassword($request->get('password'), $algorithm);
if (!empty($account->email)) {
Mail::to($account)->send(new ConfirmedRegistration($account));
}
}
}
}

100
flexiapi/app/Http/Controllers/Api/Admin/AccountController.php Normal file
View file

@ -0,0 +1,100 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Carbon\Carbon;
use App\Account;
use App\Password;
use App\Helpers\Utils;
class AccountController extends Controller
{
public function index(Request $request)
{
return Account::without(['passwords', 'admin'])->paginate(20);
}
public function show(Request $request, $id)
{
return Account::without(['passwords', 'admin'])->findOrFail($id);
}
public function destroy(Request $request, $id)
{
$account = Account::findOrFail($id);
$account->delete();
}
public function activate(Request $request, $id)
{
$account = Account::findOrFail($id);
$account->activated = true;
$account->save();
return $account;
}
public function deactivate(Request $request, $id)
{
$account = Account::findOrFail($id);
$account->activated = false;
$account->save();
return $account;
}
public function store(Request $request)
{
$request->validate([
'username' => 'required|unique:external.accounts,username|filled',
'algorithm' => 'required|in:SHA-256,MD5',
'password' => 'required|filled',
'domain' => 'min:3',
'activated' => 'boolean|nullable',
]);
$algorithm = $request->has('password_sha256') ? 'SHA-256' : 'MD5';
$account = new Account;
$account->username = $request->get('username');
$account->email = $request->get('email');
$account->activated = $request->has('activated')
? (bool)$request->get('activated')
: false;
$account->domain = $request->has('domain')
? $request->get('domain')
: config('app.sip_domain');
$account->ip_address = $request->ip();
$account->creation_time = Carbon::now();
$account->user_agent = config('app.name');
$account->save();
$password = new Password;
$password->account_id = $account->id;
$password->password = Utils::bchash($account->username, $account->domain, $request->get('password'), $request->get('algorithm'));
$password->algorithm = $request->get('algorithm');
$password->save();
return response()->json($account);
}
}

1
flexiapi/app/Password.php
View file

@ -28,6 +28,7 @@ class Password extends Model
protected $connection = 'external';
public $timestamps = false;
protected $hidden = ['id', 'password', 'account_id', 'created_at', 'updated_at'];
public function account()
{

1481
flexiapi/composer.lock generated
View file

File diff suppressed because it is too large Load diff

2
flexiapi/config/app.php
View file

@ -19,7 +19,7 @@ return [
'newsletter_registration_address' => env('NEWSLETTER_REGISTRATION_ADDRESS', ''),
'phone_authentication' => env('PHONE_AUTHENTICATION', true),
'devices_management' => env('DEVICES_MANAGEMENT', true),
'devices_management' => env('DEVICES_MANAGEMENT', false),
'proxy_registrar_address' => env('ACCOUNT_PROXY_REGISTRAR_ADDRESS', 'sip.domain.com'),
'transport_protocol_text' => env('ACCOUNT_TRANSPORT_PROTOCOL_TEXT', 'TLS (recommended), TCP or UDP'),

29
flexiapi/database/migrations/2020_11_30_123051_create_aliases_table.php Normal file
View file

@ -0,0 +1,29 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreateAliasesTable extends Migration
{
public function up()
{
if (!Schema::connection('external')->hasTable('aliases')) {
Schema::connection('external')->create('aliases', function (Blueprint $table) {
$table->id();
$table->integer('account_id')->unsigned();
$table->string('alias', 64);
$table->string('domain', 64);
$table->foreign('account_id')->references('id')
->on('accounts')->onDelete('cascade');
});
}
}
public function down()
{
//Schema::dropIfExists('aliases');
}
}

51
flexiapi/resources/views/documentation.blade.php
View file

@ -48,10 +48,39 @@ For the moment only DIGEST-MD5 and DIGEST-SHA-256 are supported through the auth
<h2>Endpoints</h2>
<h3>Accounts</h3>
<h3>Accounts (User)</h3>
<h4><code>GET /accounts/me</code></h4>
<p>Retrieve the account information.</p>
<h4><code>POST /accounts/email/request</code></h4>
<p>Change the account email. An email will be sent to the new email address to confirm the operation.</p>
<p>JSON parameters:</p>
<ul>
<li><code>email</code> the new email address</li>
</ul>
<h4><code>POST /accounts/password</code></h4>
<p>Change the account password.</p>
<p>JSON parameters:</p>
<ul>
<li><code>algorithm</code> required, values can be <code>SHA-256</code> or <code>MD5</code></li>
<li><code>old_password</code> required if the password is already set, the old password</li>
<li><code>password</code> required, the new password</li>
</ul>
<h3>Accounts (Administrator)</h3>
<p>Those endpoints are authenticated and requires an admin account.</p>
<h4><code>POST /accounts</code></h4>
<p>To create an account directly from the API.</p>
<p>JSON parameters:</p>
<ul>
@ -62,7 +91,25 @@ For the moment only DIGEST-MD5 and DIGEST-SHA-256 are supported through the auth
<li><code>activated</code> optional, a boolean, set to <code>false</code> by default</li>
</ul>
<p>To create an account directly from the API.<br />This endpoint is authenticated and requires an admin account.</p>
<h4><code>GET /accounts</code></h4>
<p>Retrieve all the accounts, paginated.</p>
<h4><code>GET /accounts/{id}</code></h4>
<p>Retrieve a specific account.</p>
<h4><code>DELETE /accounts/{id}</code></h4>
<p>Delete a specific account and its related information.</p>
<h4><code>GET /accounts/{id}/activate</code></h4>
<p>Activate an account.</p>
<h4><code>GET /accounts/{id}/deactivate</code></h4>
<p>Deactivate an account.</p>
<h3>Ping</h3>

11
flexiapi/routes/api.php
View file

@ -30,7 +30,16 @@ Route::group(['middleware' => ['auth.digest_or_key']], function () {
Route::get('devices', 'Api\DeviceController@index');
Route::delete('devices/{uuid}', 'Api\DeviceController@destroy');
Route::get('accounts/me', 'Api\AccountController@show');
Route::post('accounts/email/request', 'Api\AccountController@requestEmailUpdate');
Route::post('accounts/password', 'Api\AccountController@passwordUpdate');
Route::group(['middleware' => ['auth.admin']], function () {
Route::post('accounts', 'Api\AccountController@store');
Route::get('accounts/{id}/activate', 'Api\Admin\AccountController@activate');
Route::get('accounts/{id}/deactivate', 'Api\Admin\AccountController@deactivate');
Route::post('accounts', 'Api\Admin\AccountController@store');
Route::get('accounts', 'Api\Admin\AccountController@index');
Route::get('accounts/{id}', 'Api\Admin\AccountController@show');
Route::delete('accounts/{id}', 'Api\Admin\AccountController@destroy');
});
});

216
flexiapi/tests/Feature/AccountApiTest.php
View file

@ -146,6 +146,7 @@ class AccountApiTest extends TestCase
public function testActivated()
{
$admin = Admin::factory()->create();
$admin->account->generateApiKey();
$password = $admin->account->passwords()->first();
$username = 'username';
@ -166,6 +167,219 @@ class AccountApiTest extends TestCase
'username' => $username,
'domain' => config('app.sip_domain'),
'activated' => true,
]);;
]);
}
public function testSimpleAccount()
{
$password = Password::factory()->create();
$password->account->generateApiKey();
$this->keyAuthenticated($password->account)
->get($this->route.'/me')
->assertStatus(200)
->assertJson([
'username' => $password->account->username,
'activated' => false
]);
}
public function testChangeEmail()
{
$password = Password::factory()->create();
$password->account->generateApiKey();
$newEmail = 'new_email@test.com';
// Bad email
$this->keyAuthenticated($password->account)
->json($this->method, $this->route.'/email/request', [
'email' => 'gnap'
])
->assertStatus(422);
// Same email
$this->keyAuthenticated($password->account)
->json($this->method, $this->route.'/email/request', [
'email' => $password->account->email
])
->assertStatus(422);
// Correct email
$this->keyAuthenticated($password->account)
->json($this->method, $this->route.'/email/request', [
'email' => $newEmail
])
->assertStatus(200);
$this->keyAuthenticated($password->account)
->get($this->route.'/me')
->assertStatus(200)
->assertJson([
'username' => $password->account->username,
'email_changed' => [
'new_email' => $newEmail
]
]);
}
public function testChangePassword()
{
$account = Account::factory()->create();
$account->generateApiKey();
$password = 'password';
$algorithm = 'MD5';
$newPassword = 'new_password';
$newAlgorithm = 'SHA-256';
// Wrong algorithm
$this->keyAuthenticated($account)
->json($this->method, $this->route.'/password', [
'algorithm' => '123',
'password' => $password
])
->assertStatus(422)
->assertJson([
'errors' => ['algorithm' => true]
]);
// Fresh password without an old one
$this->keyAuthenticated($account)
->json($this->method, $this->route.'/password', [
'algorithm' => $algorithm,
'password' => $password
])
->assertStatus(200);
// First check
$this->keyAuthenticated($account)
->get($this->route.'/me')
->assertStatus(200)
->assertJson([
'username' => $account->username,
'passwords' => [[
'algorithm' => $algorithm
]]
]);
// Set new password without old one
$this->keyAuthenticated($account)
->json($this->method, $this->route.'/password', [
'algorithm' => $newAlgorithm,
'password' => $newPassword
])
->assertStatus(422)
->assertJson([
'errors' => ['old_password' => true]
]);
// Set the new password with incorrect old password
$response = $this->keyAuthenticated($account)
->json($this->method, $this->route.'/password', [
'algorithm' => $newAlgorithm,
'old_password' => 'blabla',
'password' => $newPassword
])
->assertJson([
'errors' => ['old_password' => true]
])
->assertStatus(422);
// Set the new password
$this->keyAuthenticated($account)
->json($this->method, $this->route.'/password', [
'algorithm' => $newAlgorithm,
'old_password' => $password,
'password' => $newPassword
])
->assertStatus(200);
// Second check
$this->keyAuthenticated($account)
->get($this->route.'/me')
->assertStatus(200)
->assertJson([
'username' => $account->username,
'passwords' => [[
'algorithm' => $newAlgorithm
]]
]);
}
public function testActivateDeactivate()
{
$password = Password::factory()->create();
$admin = Admin::factory()->create();
$admin->account->generateApiKey();
// deactivate
$this->keyAuthenticated($admin->account)
->get($this->route.'/'.$password->account->id.'/deactivate')
->assertStatus(200)
->assertJson([
'activated' => false
]);
$this->keyAuthenticated($admin->account)
->get($this->route.'/'.$password->account->id)
->assertStatus(200)
->assertJson([
'activated' => false
]);
$this->keyAuthenticated($admin->account)
->get($this->route.'/'.$password->account->id.'/activate')
->assertStatus(200)
->assertJson([
'activated' => true
]);
$this->keyAuthenticated($admin->account)
->get($this->route.'/'.$password->account->id)
->assertStatus(200)
->assertJson([
'activated' => true
]);
}
public function testGetAll()
{
Password::factory()->create();
$admin = Admin::factory()->create();
$admin->account->generateApiKey();
// /accounts
$this->keyAuthenticated($admin->account)
->get($this->route)
->assertStatus(200)
->assertJson([
'total' => 2
]);
// /accounts/id
$this->keyAuthenticated($admin->account)
->get($this->route.'/'.$admin->id)
->assertStatus(200)
->assertJson([
'id' => 1
]);
}
public function testDelete()
{
$password = Password::factory()->create();
$admin = Admin::factory()->create();
$admin->account->generateApiKey();
$this->keyAuthenticated($admin->account)
->delete($this->route.'/'.$password->account->id)
->assertStatus(200);
$this->keyAuthenticated($admin->account)
->get($this->route.'/'.$password->account->id)
->assertStatus(404);
}
}

9
flexiapi/tests/TestCase.php
View file

@ -20,6 +20,7 @@
namespace Tests;
use App\Password;
use App\Account;
use App\Helpers\Utils;
use Illuminate\Foundation\Testing\TestCase as BaseTestCase;
@ -30,6 +31,14 @@ abstract class TestCase extends BaseTestCase
const ALGORITHMS = ['md5' => 'MD5', 'sha256' => 'SHA-256'];
protected function keyAuthenticated(Account $account)
{
return $this->withHeaders([
'From' => 'sip:'.$account->identifier,
'x-api-key' => $account->apiKey->key,
]);
}
protected function generateFirstResponse(Password $password)
{
return $this->withHeaders([

30
src/xmlrpc/provisioning.php
View file

@ -125,11 +125,11 @@ if (file_exists(REMOTE_PROVISIONING_DEFAULT_CONFIG)) {
$transport = isset($_GET['transport']) ? $_GET['transport'] : REMOTE_PROVISIONING_DEFAULT_TRANSPORT;
$request_params = array(
"username" => $username,
"domain" => $domain,
"transport" => $transport,
"ha1" => null,
"algo" => DEFAULT_ALGORITHM,
"username" => $username,
"domain" => $domain,
"transport" => $transport,
"ha1" => null,
"algo" => DEFAULT_ALGORITHM,
);
if (!empty($username)) {
@ -176,16 +176,16 @@ if (!empty($username)) {
$logger->message("Account id " . $account->id . " is already activated");
}
}
}
}
$request_params["ha1"] = $ha1;
$request_params["algo"] = $algo;
$request_params["ha1"] = $ha1;
$request_params["algo"] = $algo;
$xml .= '<section name="proxy_' . $proxy_config_index . '">';
$xml .= '<entry name="reg_identity"' . (REMOTE_PROVISIONING_OVERWRITE_ALL ? ' overwrite="true"' : '') . '>&lt;sip:' . $username . '@' . $domain . '&gt;</entry>';
$xml .= '<entry name="reg_sendregister"' . (REMOTE_PROVISIONING_OVERWRITE_ALL ? ' overwrite="true"' : '') . '>1</entry>';
$xml .= '<entry name="refkey"' . (REMOTE_PROVISIONING_OVERWRITE_ALL ? ' overwrite="true"' : '') . '>push_notification</entry>';
if (get_config_value(CUSTOM_HOOKS, FALSE)) {
$xml .= '<entry name="refkey"' . (REMOTE_PROVISIONING_OVERWRITE_ALL ? ' overwrite="true"' : '') . '>push_notification</entry>';
if (get_config_value(CUSTOM_HOOKS, FALSE)) {
provisioning_hook_on_proxy_config($xml, $request_params);
}
$xml .= '</section>';
@ -195,16 +195,16 @@ if (!empty($username)) {
$xml .= '<entry name="username"' . (REMOTE_PROVISIONING_OVERWRITE_ALL ? ' overwrite="true"' : '') . '>' . $username . '</entry>';
$xml .= '<entry name="ha1"' . (REMOTE_PROVISIONING_OVERWRITE_ALL ? ' overwrite="true"' : '') . '>' . $ha1 . '</entry>';
$xml .= '<entry name="realm"' . (REMOTE_PROVISIONING_OVERWRITE_ALL ? ' overwrite="true"' : '') . '>' . $domain . '</entry>';
$xml .= '<entry name="algorithm"' . (REMOTE_PROVISIONING_OVERWRITE_ALL ? ' overwrite="true"' : '') . '>' . $algo . '</entry>';
if (get_config_value(CUSTOM_HOOKS, FALSE)) {
provisioning_hook_on_auth_info($xml, $request_params);
}
$xml .= '<entry name="algorithm"' . (REMOTE_PROVISIONING_OVERWRITE_ALL ? ' overwrite="true"' : '') . '>' . $algo . '</entry>';
if (get_config_value(CUSTOM_HOOKS, FALSE)) {
provisioning_hook_on_auth_info($xml, $request_params);
}
$xml .= '</section>';
}
}
if (get_config_value(CUSTOM_HOOKS, FALSE)) {
provisioning_hook_on_additional_section($xml, $request_params);
provisioning_hook_on_additional_section($xml, $request_params);
}
$xml .= '</config>';