CODEWITHSUNDEEP
phpcpanelwhmcpanel-xmlapi
gondu riya
gondu riya

Reputation: 49

how to use Single Sign On to login user to cpanel?

I'm trying to implement this exact feature on my web app as used by whm. Please check this image

I read documentation for Single Sign On api and came up with following code:

<?php

// This can also be the reseller who owns the cPanel user.
$whmusername = "resellerusername";
$whmpassword = "abctesting";


// The user on whose behalf the API call runs.
$cpanel_user = "normaluser"; //under reseller

$query = "https://domainname.com:2087/json-api/create_user_session?api.version=1&user=$cpanel_user&service=cpaneld";

$curl = curl_init();                                     // Create Curl Object.
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);       // Allow self-signed certificates...
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);       // and certificates that don't match the hostname.
curl_setopt($curl, CURLOPT_HEADER, false);               // Do not include header in output
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);        // Return contents of transfer on curl_exec.
$header[0] = "Authorization: Basic " . base64_encode($whmusername.":".$whmpassword) . "\n\r";
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);         // Set the username and password.
curl_setopt($curl, CURLOPT_URL, $query);                 // Execute the query.
$result = curl_exec($curl);
if ($result == false) {
    error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");
                                                    // log error if curl exec fails
}


$decoded_response = json_decode( $result, true );
print_r($decoded_response);

$session_url = $decoded_response['data']['url'];
$cookie_jar = 'cookie.txt';

curl_setopt($curl, CURLOPT_HTTPHEADER, null);             // Unset the authentication header.
curl_setopt($curl, CURLOPT_COOKIESESSION, true);          // Initiate a new cookie session.
curl_setopt($curl, CURLOPT_COOKIEJAR, $cookie_jar);       // Set the cookie jar.
curl_setopt($curl, CURLOPT_COOKIEFILE, $cookie_jar);      // Set the cookie file.
curl_setopt($curl, CURLOPT_URL, $session_url);            // Set the query url to the session login url.

$result = curl_exec($curl);                               // Execute the session login call.
if ($result == false) {
    error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");
                                                    // Log an error if curl_exec fails.
}

$session_url = preg_replace( '{/login(?:/)??.*}', '', $session_url );  // make $session_url = https://10.0.0.1/$session_key

$query = "$session_url/execute/Ftp/list_ftp";

curl_setopt($curl, CURLOPT_URL, $query);  // Change the query url to use the UAPI call.
$result = curl_exec($curl);               // Execute the UAPI call.
if ($result == false) {
    error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");
                                                    // log error if curl exec fails
}

curl_close($curl);

print $result;

?>

I get this as output:

Array
(
    [data] => Array
        (
            [url] => https://domainname.com:2083/cpsess5326278746/login/?session=normaluser%3azRtR0RzLZ5owYZin%3acreate_user_session%2c4597fa33ff7ce68f3fdab84d9f3a51a1
            [session] => normaluser:zRtR0RzLZ5owYZin:create_user_session,4597fa33ff7ce68f3fdab84d9f3a51a1
            [expires] => 1490532538
            [cp_security_token] => /cpsess5326278746
            [service] => cpaneld
        )

    [metadata] => Array
        (
            [result] => 1
            [command] => create_user_session
            [version] => 1
            [reason] => Created session
        )

)
<br />
<b>Warning</b>:  curl_setopt(): You must pass either an object or an array with the CURLOPT_HTTPHEADER argument in <b>C:\xampp\htdocs\cpanel-api\open-cpanel.php</b> on line <b>34</b><br />
{"messages":null,"data":[{"homedir":"/home/normaluser","type":"main","user":"normaluser"},{"type":"logaccess","homedir":"/usr/local/apache/domlogs/normaluser","user":"normaluser_logs"}],"errors":null,"status":1,"metadata":{"transformed":1}}

but when I use this url in browser https://domainname.com:2083/cpsess5326278746/login/?session=normaluser%3azRtR0RzLZ5owYZin%3acreate_user_session%2c4597fa33ff7ce68f3fdab84d9f3a51a1,

it don't log me in to cPanel.

I've noticed that whm redirect page have following html code which logs user in:

<html slick-uniqueid="3"><head><meta http-equiv="refresh" content="2;URL=https://domainname.com:2083/cpsess7055670446/login/?session=normaluser:7PMD2WWAjnQc_cDL,e691a31623f55cf37ee32a63a390fb08"></head><body>
</body></html>

so how do I generate url like whm generates and log in user to cPanel (ie: open cpanel with normaluser logged in to it)?

Upvotes: 2

Views: 1372

Answers (1)

Abdullah Al Mamun
Abdullah Al Mamun

Reputation: 132

You can try this. It`s work for me.


       // This can also be the reseller who owns the cPanel user.
        $whmusername = "resellerusername";
        $whmpassword = "abctesting";


        // The user on whose behalf the API call runs.
        $cpanel_user = "normaluser"; //under reseller

        $query = "https://$hostname:2087/json-api/create_user_session?api.version=1&user=$cpanel_user&service=cpaneld";

        $curl = curl_init();                                     // Create Curl Object.
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);       // Allow self-signed certificates...
        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);       // and certificates that don't match the hostname.
        curl_setopt($curl, CURLOPT_HEADER, false);               // Do not include header in output
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);        // Return contents of transfer on curl_exec.
        $header[0] = "Authorization: Basic " . base64_encode($whmusername . ":" . $whmpassword) . "\n\r";
        curl_setopt($curl, CURLOPT_HTTPHEADER, $header);         // Set the username and password.
        curl_setopt($curl, CURLOPT_URL, $query);                 // Execute the query.
        $result = curl_exec($curl);

        if ($result == false) {
            error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");
            return response()->json(['error' => 'There is a problem, Please try again.']);
        }

        $decoded_response = json_decode( $result, true );

        //Access denied
        if (isset($decoded_response['cpanelresult'])){
            if($decoded_response['cpanelresult']['data']['result'] == 0)
                return response()->json(['error' => 'Action Failed Unable to auto-login. Please contact support']);
        }

        //Invalid username
        if ($decoded_response['metadata']['result'] == 0) return response()->json(['error' => 'Unable to login']);

        //$targetURL = $decoded_response['data']['url'];

        //return response()->json(['target_url' => $targetURL]);

        curl_close($curl);

        print $result;

Upvotes: 0

Related Questions