Results 1 to 2 of 2

Thread: Import email from a zimlet

Hybrid View

  1. #1
    Join Date
    Aug 2012
    Posts
    3
    Rep Power
    3

    Default Import email from a zimlet

    Hi,

    I am currently developing a Zimlet that allows to export / import an email with a simple drag and drop.
    I can export this fact without any worries.

    My problem is for the import, I can import an email only if I know the user's password .

    I want to import an email without needing his password.

    I looked for a preauth.jsp script , but without success.

    my preauth.jsp :

    Code:
    <%@ page import="java.security.InvalidKeyException" %>
    <%@ page import="java.security.NoSuchAlgorithmException" %>
    <%@ page import="java.security.SecureRandom" %>
    <%@ page import="java.util.HashMap" %>
    <%@ page import="java.util.Map" %>
    <%@ page import="java.util.Iterator" %>
    <%@ page import="java.util.TreeSet" %>
    <%@ page import="javax.crypto.Mac" %>
    <%@ page import="javax.crypto.SecretKey" %>
    <%!
     public static final String DOMAIN_KEY =
            "f28d68f8d7*****";
    
    
     public static String generateRedirect(HttpServletRequest request, String name) {
         HashMap params = new HashMap();
         String ts = System.currentTimeMillis()+"";
         params.put("account", name);
         params.put("by", "name"); // needs to be part of hmac
         params.put("timestamp", ts);
         params.put("expires", "0"); // means use the default
    
         String preAuth = computePreAuth(params, DOMAIN_KEY);
         return request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/service/preauth/?" +
               "account="+name+
               "&by=name"+
               "&timestamp="+ts+
               "&expires=0"+
               "&preauth="+preAuth;
      }
    
        public static  String computePreAuth(Map params, String key) {
            TreeSet names = new TreeSet(params.keySet());
            StringBuffer sb = new StringBuffer();
            for (Iterator it=names.iterator(); it.hasNext();) {
                if (sb.length() > 0) sb.append('|');
                sb.append(params.get(it.next()));
            }
            return getHmac(sb.toString(), key.getBytes());
        }
    
        private static String getHmac(String data, byte[] key) {
            try {
                ByteKey bk = new ByteKey(key);
                Mac mac = Mac.getInstance("HmacSHA1");
                mac.init(bk);
                return toHex(mac.doFinal(data.getBytes()));
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException("fatal error", e);
            } catch (InvalidKeyException e) {
                throw new RuntimeException("fatal error", e);
            }
        }
        
        
        static class ByteKey implements SecretKey {
            private byte[] mKey;
    
            ByteKey(byte[] key) {
                mKey = (byte[]) key.clone();;
            }
    
            public byte[] getEncoded() {
                return mKey;
            }
    
            public String getAlgorithm() {
                return "HmacSHA1";
            }
    
            public String getFormat() {
                return "RAW";
            }
       }
    
        public static String toHex(byte[] data) {
            StringBuilder sb = new StringBuilder(data.length * 2);
            for (int i=0; i<data.length; i++ ) {
               sb.append(hex[(data[i] & 0xf0) >>> 4]);
               sb.append(hex[data[i] & 0x0f] );
            }
            return sb.toString();
        }
    
        private static final char[] hex =
           { '0' , '1' , '2' , '3' , '4' , '5' , '6' , '7' ,
             '8' , '9' , 'a' , 'b' , 'c' , 'd' , 'e' , 'f'};
    
    
    %><%
    String redirect = generateRedirect(request,"user@domain");
    response.sendRedirect(redirect);
    
    %>
    <html>
    <head>
    <title>Pre-auth redirect</title>
    </head>
    <body>
    
    You should never see this page.
    
    </body>
    </html>
    Then the user selects a mail to import an I execute a php query with curl :

    Code:
    $_url = "http://server/zimbra/home/".$user."/inbox/";
    $post = array(
            "file_box"=>"@".$urlMail,
        );
    $user_pass = "login:pssword";
    
    curl_setopt($crl, CURLOPT_URL, $_url);
        curl_setopt($crl, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($crl, CURLOPT_USERPWD, $user_pass); // I need to delete this line.
        curl_setopt($crl, CURLOPT_POST, 1);
        curl_setopt($crl, CURLOPT_POSTFIELDS, $post); 
        curl_exec($crl);
        //This is for debugging
        $info = curl_getinfo($crl);
        foreach ($info as $key=>$value) {print "$key -> $value <br/> ";}
        //cleanup curl and close the file
        curl_close($crl);
    this script works only if we know login: password.

    I think that the solution lies in the cookie ZM_AUTH_TOKEN.
    if someone can help me plz.

  2. #2
    Join Date
    Aug 2012
    Posts
    3
    Rep Power
    3

    Default

    I found the solution !

    set cookie in the header with curl

    Code:
    curl_setopt($crl, CURLOPT_URL, $_url);
        curl_setopt($crl, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($crl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
        curl_setopt($crl, CURLOPT_HEADER, true);
        curl_setopt($crl,CURLOPT_HTTPHEADER, array('Cookie:ZM_AUTH_TOKEN='.$_COOKIE['ZM_AUTH_TOKEN']));
        curl_setopt($crl, CURLOPT_POST, 1);
        curl_setopt($crl, CURLOPT_POSTFIELDS, $post); 
        curl_exec($crl);
    $info = curl_getinfo($crl);
    curl_close($crl);

Similar Threads

  1. Email import and archiving
    By frankchavez in forum Administrators
    Replies: 4
    Last Post: 01-30-2013, 02:16 PM
  2. Import email from a zimlet
    By lebrak in forum Zimlets
    Replies: 0
    Last Post: 08-13-2012, 02:10 AM
  3. import email
    By melancholykid in forum General Questions
    Replies: 5
    Last Post: 02-22-2010, 11:43 AM
  4. missing email addresses on import
    By Adrian Bridgett in forum Migration
    Replies: 2
    Last Post: 02-07-2008, 02:42 AM
  5. Replies: 3
    Last Post: 05-29-2007, 01:20 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •