The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED API for SSO to individual email address rather than account

Discussion in 'cPanel Developers' started by Michael Turner, Jun 5, 2017.

Tags:
  1. Michael Turner

    Joined:
    Mar 31, 2017
    Messages:
    13
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Tampa, FL
    cPanel Access Level:
    DataCenter Provider
    As I understand it, there is no API call to give webmail access to an individual email account, but the API call cp_create_user_session allows Single Sign On for webmail access to the master email account. Am I missing some technique that would allow me to place the user in a specific webmail account for a specific email once I generate the SSO session?
     
  2. Michael Turner

    Joined:
    Mar 31, 2017
    Messages:
    13
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Tampa, FL
    cPanel Access Level:
    DataCenter Provider
    Seems like there is.... I see logged sessions from specific email users. :

    Code:
    Current Sessions (6)
    User Session Timestamp Browser Remote Host Authenticated Applications
    sixth@example.com [bdabnchciuc4tfu790fvjfm8q1] Thu, 18 May 2017 10:17:55 -0500 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 static-173-78-153-228.tampfl.fios.frontiernet.net [1.1.1.228] horde, imp, ingo, kronolith, turba, nag, mnemo, trean, timeobjects
    master_user [uiqeq53msntd67j8lul5vpdpi7] Thu, 01 Jun 2017 08:03:47 -0500 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 static-173-78-153-228.tampfl.fios.frontiernet.net [1.1.1.228] horde, imp, ingo, kronolith, turba, nag, mnemo, trean, timeobjects
    345sgdfg@example.com [kjjqvok69lus5r547q8oh5qg06] Thu, 18 May 2017 10:21:59 -0500 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 static-173-78-153-228.tampfl.fios.frontiernet.net [1.1.1.228] horde, imp, ingo, kronolith, turba, nag, mnemo, trean, timeobjects 
    
     
    #2 Michael Turner, Jun 5, 2017
    Last edited by a moderator: Jun 5, 2017
  3. Michael Turner

    Joined:
    Mar 31, 2017
    Messages:
    13
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Tampa, FL
    cPanel Access Level:
    DataCenter Provider
    looks like it is
    getabsbrowsedir
     
  4. Michael Turner

    Joined:
    Mar 31, 2017
    Messages:
    13
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Tampa, FL
    cPanel Access Level:
    DataCenter Provider
    and browseboxes

    but I am having difficulty using the paths returned. Any hints regarding how to reconcile full or relative paths to the webmail path?
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,086
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you clarify how you achieve this outside of the API so we can verify the specific functionality you are seeking?

    Thank you.
     
  6. Michael Turner

    Joined:
    Mar 31, 2017
    Messages:
    13
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Tampa, FL
    cPanel Access Level:
    DataCenter Provider
    If you access the hosting account and navigate to the email, you can get a list of all the email addresses. Each email listed has a webmail link:
    <a id="email_table_menu_webmail_8" href="webmailform.html?user=001@example.com&domain=example.com" target="_blank">Access Webmail</a>

    Currently, I am only able to direct users to the hosting accounts master email account via webmail with API call create_user_session, using the URL returned. I'd like to send the user to the specific email (even though the user can navigate to the specific email from the master email account).
     
    #6 Michael Turner, Jun 7, 2017
    Last edited: Jun 7, 2017
  7. Michael Turner

    Joined:
    Mar 31, 2017
    Messages:
    13
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Tampa, FL
    cPanel Access Level:
    DataCenter Provider
    The URL I am currently using to login users is:
    Code:
    https://example.dnc.io:2096/cpsess0892882848/login/?session=username%3arUOiFCt6vTcb5BBv%3acreate_user_session%2cd0dff965711404b736e94dbaf475ba1d
    It works, in the sense that the user is taken to that account. But I want a specific account email address
     
    #7 Michael Turner, Jun 7, 2017
    Last edited by a moderator: Jun 7, 2017
  8. Michael Turner

    Joined:
    Mar 31, 2017
    Messages:
    13
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Tampa, FL
    cPanel Access Level:
    DataCenter Provider
    From within the hosting account, I go to email account... & get this part:

    001.png

    Then click on 'more' and get this dropdown:

    002.png

    The Access Webmail link is where I want to take my users directly.

    /Michael
     
  9. Michael Turner

    Joined:
    Mar 31, 2017
    Messages:
    13
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Tampa, FL
    cPanel Access Level:
    DataCenter Provider
    I am going to post some code and attempt to be clear regarding what I am attempting to accomplish.

    I want a link from my own web interface directly into a users webmail, accessing the users individual email address.
    user username with email addresses 001@example.com, 002@example.com, 003@example.com, 004@example.com. I am able to reset the passwords for each of the 4 addresses, I am able to delete the email addresses and I am able to edit the disk quota for each address without sending the user to the cpanel webinterface. However, when I want to read the messages in each address, I have to access the master account and navigate to the specific address. I am looking for a technique to send users directly to their web address account to read their webmail for each specific account.

    In my attempt to direct users to their webmail, I have succeeded in using WHM API 1 function create_user_session to generate a session for use on the URL to identify users and allow them to access their webmail account.

    As I understand it, I need to use the cpsession##### generated in the create_user_session step to allow users to access directly from my host webinterface to the cpanel webmail interface.
    Code:
    <PHP code: this code works, we've been using it for a while>
    public function runquery($request="", $object=null, $server){
            foreach($object as $key=>$value){
                $params.="&".$key."=".$value;
            }
    
            $query="https://".$server.":2087/json-api/".$request."?api.version=1".$params;
            $this->curl = curl_init();
            curl_setopt($this->curl, CURLOPT_SSL_VERIFYPEER,0);
            curl_setopt($this->curl, CURLOPT_SSL_VERIFYHOST,0);
            curl_setopt($this->curl, CURLOPT_HEADER,0);
            curl_setopt($this->curl, CURLOPT_RETURNTRANSFER,1);
            curl_setopt($this->curl,CURLOPT_VERBOSE,0);
            $header[0] = "Authorization: Basic " . base64_encode($whm_user.":".$whm_pass) . "\n\r";
            curl_setopt($this->curl, CURLOPT_HTTPHEADER, $header);
            curl_setopt($this->curl, CURLOPT_URL, $query);
            $result = curl_exec($this->curl);
    
            $code = curl_getinfo($this->curl, CURLINFO_HTTP_CODE);
    
            if ($result == false){
             $this->error("curl_exec threw error \"" . curl_error($this->curl) . "\" for $query");
            }
    
            if($code<>200){
              $this->error("Got response ".$code." from ".$server);
            }
    
    // new PHP code:
    
    $decoded_response = json_decode($result, true);
    $session_url = urldecode($decoded_response['data']['url']);
    // $session_url looks like: [URL]https://host001.example.com:2096/cpsess1506012239/login/?session=username:5ATGAQ7lmtKpNsmu:create_user_session,345e34b4ed19236957ed630a39cc2599[/URL]
    // using this URL directly gives no joy
    
    $cookie_jar = 'cookie.txt'; 
    curl_setopt($this->curl, CURLOPT_HTTPHEADER, array());           // Unset the authentication header.
    curl_setopt($this->curl, CURLOPT_COOKIESESSION, true);          // Initiate a new cookie session.
    curl_setopt($this->curl, CURLOPT_COOKIEJAR, $cookie_jar);       // Set the cookie jar.
    curl_setopt($this->curl, CURLOPT_COOKIEFILE, $cookie_jar);      // Set the cookie file.
    curl_setopt($this->curl, CURLOPT_URL, $session_url);                 // Set the query url to the session login url.
    $result2 = curl_exec($this->curl);                                              // Execute the session login call.
    
    $code = curl_getinfo($this->curl, CURLINFO_HTTP_CODE);
    // $code here responds with http 302. I could filter out 404 etc, but these error codes are not helpful
    curl_close($this->curl);
    return $result2;
    }
    </END PHP code>
    
    $result2 looks something like:
    Code:
    <html><head><META HTTP-EQUIV="refresh" CONTENT="2;URL=/cpsess0123456789/webmail/paper_lantern/index.html?login=1&post_login=63249329327397"></head><body></body></html>
    
    preg_match('/(URL=)(.*)(\"\>\<\/head\>)/', $result2, $match);
    
    I passed this $session_url which looks like:
    https://host001.example.com:2096/cpsess0123456789
    to the location.href of a javascript embedded in a page, redirecting my users, and splicing on my desired URL:

    I also tried passing the URL from $result2, but that doesnt seem to be what I want. I am attempting to generate a URL that looks like when pulled from source code in the interface screen above (more->access webmail):
    https://host001.example.com:2096/cpsess0123456789/frontend/paper_lantern/mail/webmailform.html?user=user001@example.com&domain=example.com

    Note: The server I am serving this page from is not the same server I a directing the users to their webmail on. I recognize this may be a problem. Is it?

    I tried a third round of CURL... which was intended to follow instructions I read indicating that the session id would not be recognized until utilized.

    curl_setopt($this->curl, CURLOPT_URL, $query);
    $result3 = html_entity_decode( curl_exec($this->curl) );

    But pulling the cpsess### from there didn't seem to result in anything useful. Sending the users to that page resulted in invalid token login error.

    Where am I going off track?
     
    #9 Michael Turner, Jun 12, 2017
    Last edited by a moderator: Jun 12, 2017
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,086
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello Michael,

    I'm not sure that functionality is supported. I recommend sending an email to integration [@] cpanel.net to see if one of our integration developers can help clarify if this is possible.

    Thank you.
     
  11. Sebastian Ng

    Sebastian Ng Member

    Joined:
    May 2, 2017
    Messages:
    16
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Penang, Malaysia
    cPanel Access Level:
    Root Administrator
    Dear @Michael Turner,

    Have you manage to get "host001.example.com:2096/cpsess0123456789/frontend/paper_lantern/mail/webmailform.html?user=user001@example.com&domain=example.com" this working?

    Give me some tips, i also in this.

    Sebastian Ng
     
  12. Michael Turner

    Joined:
    Mar 31, 2017
    Messages:
    13
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Tampa, FL
    cPanel Access Level:
    DataCenter Provider
    Yes, @Sebastian Ng I was given a solution by William Little at cpanel integrations. Here is his email:

     
    #12 Michael Turner, Jul 17, 2017
    Last edited by a moderator: Jul 18, 2017
    Sebastian Ng and cPanelMichael like this.
  13. Sebastian Ng

    Sebastian Ng Member

    Joined:
    May 2, 2017
    Messages:
    16
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Penang, Malaysia
    cPanel Access Level:
    Root Administrator
    Dear @Michael Turner ,

    Thank you, i manage to create the user session.
    I still facing some problem to open webmail.

    I tried
    1. "/frontend/paper_lantern/mail/webmailform.html?user=user001@example.com&domain=example.com" fail.
    2. "webmail/paper_lantern/index.html?login=1" this give me some indication does work properly not expected result.

    How did you manage to open webmail?

    Sorry to trouble you again.

    regards,
    Sebastian Ng
     
  14. Michael Turner

    Joined:
    Mar 31, 2017
    Messages:
    13
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Tampa, FL
    cPanel Access Level:
    DataCenter Provider
    No, that approach does not work. (IE manually creating a URL behind the session_id does not work.)

    What does work is to include the specific email for user -> "user=001@example.com" as a parameter when generating the session key with API function create_user_session (check manual: WHM API 1 Functions - create_user_session - Software Development Kit - cPanel Documentation).

    Note that this email address for user technique only works when service is set to webmaild.

    The URL returned by create_user_session is then exactly what you need, you need not try to assemble one manually.

    <code>
    $data=new stdClass;
    $data->user=$email;
    $data->service="webmaild";
    $data->cpanel_jsonapi_user=$username;
    $data->cpanel_jsonapi_module="Email";
    $return = create_user_session($data); // function create_user_session should have the curl code--available on cpanel site
    </code>

    your query for the curl will look like this:

    $query= "https://your.server.com:2087/
    json-api/cpanel/?cpanel_jsonapi_module=Email&cpanel_jsonapi_apiversion=1&cpanel_jsonapi_func=
    create_user_session&user=$email&service=webmaild&cpanel_jsonapi_user=$username";


    Note there is both an cpanel_jsonapi_user and the user parameter, which is an email address.

    The response will have a URL you can use to access the specific email address account.
     
    Sebastian Ng and cPanelMichael like this.
  15. Sebastian Ng

    Sebastian Ng Member

    Joined:
    May 2, 2017
    Messages:
    16
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Penang, Malaysia
    cPanel Access Level:
    Root Administrator
    Dear @Michael Turner,

    Thank you very much, i manage to get it get the link.

    The link i print it and copy to a new tab it works.

    Regards,
    Sebastian Ng
     
    cPanelMichael likes this.
Loading...

Share This Page