Copyright (C) 2025 EmmeV. - Released under GNU AGPL 3.0 License.
HTML; } else if (AUTH_TYPE === 'keycloak') { try { // Configura il client Keycloak $oidc = new OpenIDConnectClient( 'https://' + KEYCLOAK_DOMAIN + '/realms/' + KEYCLOAK_REALM + '/', KEYCLOAK_CLIENT_ID, KEYCLOAK_CLIENT_SECRET ); // Redirect post-login $oidc->setRedirectURL('https://' + APP_DOMAIN + '/admin/login.php'); $oidc->authenticate(); $userinfo = $oidc->getVerifiedClaims(); $_SESSION['admin'] = $userinfo->preferred_username; $_SESSION['auth_type'] = 'keycloak'; header("Location: index.php"); exit; } catch (Exception $e) { http_response_code(500); echo <<Copyright (C) 2025 EmmeV. - Released under GNU AGPL 3.0 License.
HTML; exit; } } else if (AUTH_TYPE === 'google') { try { $oidc = new OpenIDConnectClient( 'https://accounts.google.com', GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET ); $oidc->setRedirectURL(GOOGLE_REDIRECT_URI); $oidc->addScope(['openid', 'email', 'profile']); // Callback da Google if (isset($_GET['code'])) { $oidc->authenticate(); $email = $oidc->requestUserInfo('email'); $domain = substr(strrchr($email, "@"), 1); if (!GOOGLE_ONLY_ALLOWED_DOMAINS || in_array($domain, GOOGLE_ALLOWED_DOMAINS)) { $_SESSION['admin'] = $email; $_SESSION['auth_type'] = 'google'; header("Location: index.php"); exit; } else { http_response_code(403); echo <<Copyright (C) 2025 EmmeV. - Released under GNU AGPL 3.0 License.
HTML; exit; } } } catch (Exception $e) { http_response_code(500); echo <<Copyright (C) 2025 EmmeV. - Released under GNU AGPL 3.0 License.
HTML; exit; } } ?>