Skip to content

modoboa api v2 compatibility #9987

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
jquiros2 wants to merge 4 commits into
base: master
Choose a base branch
from
+47 −28
Open

modoboa api v2 compatibility #9987

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2bfb63b
modoboa2.php
jquiros2 Sep 26, 2025
bed7f35
modoboa api v2
jquiros2 Sep 26, 2025
b3003cb
tried adding modoboa2.php as a driver and changing driver in config, …
jquiros2 Sep 26, 2025
03e00df
updated modoboa version comment
jquiros2 Sep 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
75 changes: 47 additions & 28 deletions plugins/password/drivers/modoboa.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,14 @@

/**
* Modoboa Password Driver
* Minor modification from 2.0, updated to use Modoboa v2 password endpoint.
* Payload uses form-encoded data: current password and new password.
* Endpoint: PUT /api/v2/accounts/{id}/password/
*
* Payload is json string containing username, oldPassword and newPassword
* Return value is a json string saying result: true if success.
* Return value is a status constant (PASSWORD_SUCCESS on success,
* PASSWORD_CONNECT_ERROR on failure).
*
* @version 2.0
* @version 2.1
*
* @author stephane @actionweb.fr
*
Expand All @@ -25,9 +28,9 @@
* You should have received a copy of the GNU General Public License
* along with this program. If not, see https://www.gnu.org/licenses/.
*
* The driver need modoboa core 1.10.6 or later
* The driver needs Modoboa core 2.0.0 or later
*
* You need to define theses variables in plugin/password/config.inc.php
* You need to define these variables in plugin/password/config.inc.php
*
* $config['password_driver'] = 'modoboa'; // use modoboa as driver
* $config['password_modoboa_api_token'] = ''; // put token number from Modoboa server
Expand All @@ -40,59 +43,75 @@ public function save($curpass, $passwd, $username)
{
// Init config access
$rcmail = rcmail::get_instance();
$token = $rcmail->config->get('password_modoboa_api_token');
$token = $rcmail->config->get('password_modoboa_api_token');
$IMAPhost = $_SESSION['imap_host'];
// uncomment and add your url if you use a differente url for your modoboa instance and api:
//$IMAPhost = 'mymodoboa.somewhere.net';
Copy link
Member

@alecpl alecpl Oct 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please, remove this comment or introduce a new config option.


// Use v2 API: search user by username
$client = password::get_http_client();
$url = "https://{$IMAPhost}/api/v1/accounts/?search=" . urlencode($username);
$url = "https://{$IMAPhost}/api/v2/accounts/?search=" . urlencode($username);

$options = [
'http_errors' => true,
'headers' => [
'Authorization' => "Token {$token}",
'Cache-Control' => 'no-cache',
'Content-Type' => 'application/json',
'Authorization' => "Token " . $token,
'Accept' => 'application/json',
],
];

// Call GET to fetch values from modoboa server
// Call GET to fetch user details
try {
$response = $client->get($url, $options);
$response = $response->getBody()->getContents();
$responseBody = $response->getBody()->getContents();
} catch (\Exception $e) {
rcube::raise_error("Password plugin: Error fetching {$url} : {$e->getMessage()}", true);
return PASSWORD_CONNECT_ERROR;
}

// Decode json string
$decoded = json_decode($response);
$decoded = json_decode($responseBody);
Copy link
Member

@alecpl alecpl Oct 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needless variable rename.


if (!is_array($decoded)) {
if (!is_array($decoded) || empty($decoded)) {
return PASSWORD_CONNECT_ERROR;
}

// Get user ID (pk)
$userid = $decoded[0]->pk;

// Encode json with new password
$options['body'] = json_encode([
'username' => $decoded[0]->username,
'mailbox' => $decoded[0]->mailbox,
'role' => $decoded[0]->role,
'password' => $passwd, // new password
]);

$url = "https://{$IMAPhost}/api/v1/accounts/{$userid}/";
// Call v2 password endpoint with form-encoded data
$url2 = "https://{$IMAPhost}/api/v2/accounts/" . $userid . "/password/";
$options2 = [
'http_errors' => true,
'headers' => [
'Authorization' => "Token " . $token,
'Accept' => 'application/json',
// Content-Type will be set automatically when using form_params
],
'form_params' => [
'password' => $curpass, // current password
'new_password' => $passwd // new password
],
];

// Call HTTP API Modoboa
// Execute password change
try {
$response = $client->put($url, $options);
$response = $response->getBody()->getContents();
$response2 = $client->put($url2, $options2);
$responseBody2 = $response2->getBody()->getContents();
$httpCode = $response2->getStatusCode();
} catch (\Exception $e) {
rcube::raise_error("Password plugin: Error on {$url} : {$e->getMessage()}", true);
rcube::raise_error("Password plugin: Error on {$url2} : {$e->getMessage()}", true);
return PASSWORD_CONNECT_ERROR;
}

return PASSWORD_SUCCESS;
// Check for success
if ($httpCode >= 200 && $httpCode < 300) {
return PASSWORD_SUCCESS;
}

// Log for debugging if needed
rcube::raise_error("Password plugin: Unexpected response from {$url2}. HTTP {$httpCode}. Response: {$responseBody2}", true);
return PASSWORD_CONNECT_ERROR;
}
}
?>
Copy link
Member

@alecpl alecpl Oct 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No closing tags, please.