[GH-ISSUE #601] Setting Phone number via API #121

New issue

Open

opened 2026-02-26 05:33:23 +03:00 by kerem · 2 comments

kerem commented 2026-02-26 05:33:23 +03:00

Owner

Copy link

Originally created by @ogamingSCV on GitHub (Dec 14, 2023).
Original GitHub issue: https://github.com/nextcloud/twofactor_gateway/issues/601

Hello,

I am currently exploring the use of the SMS 2FA plugin for Nextcloud and was wondering if there is a method to programmatically set the phone number for SMS 2FA through an API. I am particularly interested in automating this process for user management.

Any insights or help on this matter would be greatly appreciated.

Best regards,

Originally created by @ogamingSCV on GitHub (Dec 14, 2023). Original GitHub issue: https://github.com/nextcloud/twofactor_gateway/issues/601 Hello, I am currently exploring the use of the SMS 2FA plugin for Nextcloud and was wondering if there is a method to programmatically set the phone number for SMS 2FA through an API. I am particularly interested in automating this process for user management. Any insights or help on this matter would be greatly appreciated. Best regards,

kerem commented 2026-02-26 05:33:23 +03:00

Author

Owner

Copy link

@oleua commented on GitHub (Dec 29, 2023):

Well, I use Signal as a 2FA and have patched lib/Service/Gateway/Signal/Gateway.php in order to pass the phone number as the account id, so the variable SIGNAL_CLI_DBUS_REST_API_ACCOUNT=>+XXXYYYYYYYYY is set in config.php

        /**
         * @param IUser $user
         * @param string $identifier
         * @param string $message
         *
         * @throws SmsTransmissionException
         * 2023-06-18 patched by OS: added the system variable of the registered number/account SIGNAL_CLI_DBUS_REST_API_ACCOUNT, modified send function
         */

        public function send(IUser $user, string $identifier, string $message) {
                $client = $this->clientService->newClient();
                // determine type of gateway
                $response = $client->get($this->config->getUrl() . '/v1/about');
                if ($response->getStatusCode() === 200) {
                // new v2 style gateway https://github.com/bbernhard/signal-cli-rest-api
                        $recipient_acct = [$identifier];
                        $registered_acct = $this->config2->getSystemValue('SIGNAL_CLI_DBUS_REST_API_ACCOUNT','');
                        $response = $client->post(
                                $this->config->getUrl() . '/v2/send',
                                [
                                        'json' => [
                                                'text_mode' => 'styled',
                                                'message' => $message,
                                                'number' => $registered_acct,
                                                'recipients' => $recipient_acct
                                                 ],

                                ]
                        );
                        $body = $response->getBody();
                        $json = json_decode($body, true);
                        if ($response->getStatusCode() !== 201 || is_null($json) || !is_array($json) || !isset($json['timestamp'])) {
                                $status = $response->getStatusCode();
                                throw new SmsTransmissionException("error reported by Signal gateway, status=$status, body=$body}");
                        }
                }
                else {
                        // Try old deprecated gateway https://gitlab.com/morph027/signal-web-gateway
                        $response = $client->post(
                                $this->config->getUrl() . '/v1/send/' . $identifier,
                                [
                                        'body' => [
                                                'to' => $identifier,
                                                'message' => $message,
                                        ],
                                        'json' => [ 'message' => $message ],
                                ]
                        );
                        $body = $response->getBody();
                        $json = json_decode($body, true);

                        if ($response->getStatusCode() !== 200 || is_null($json) || !is_array($json) || !isset($json['success']) || $json['success'] !== true) {
                                $status = $response->getStatusCode();
                                throw new SmsTransmissionException("error reported by Signal gateway, status=$status, body=$body}");
                        }
                }

        }

You may reuse it somehow. Ideally, it might be great to add this configuration to webUI.

<!-- gh-comment-id:1872339890 --> @oleua commented on GitHub (Dec 29, 2023): Well, I use Signal as a 2FA and have patched `lib/Service/Gateway/Signal/Gateway.php` in order to pass the phone number as the account id, so the variable `SIGNAL_CLI_DBUS_REST_API_ACCOUNT=>+XXXYYYYYYYYY` is set in `config.php` ``` /** * @param IUser $user * @param string $identifier * @param string $message * * @throws SmsTransmissionException * 2023-06-18 patched by OS: added the system variable of the registered number/account SIGNAL_CLI_DBUS_REST_API_ACCOUNT, modified send function */ public function send(IUser $user, string $identifier, string $message) { $client = $this->clientService->newClient(); // determine type of gateway $response = $client->get($this->config->getUrl() . '/v1/about'); if ($response->getStatusCode() === 200) { // new v2 style gateway https://github.com/bbernhard/signal-cli-rest-api $recipient_acct = [$identifier]; $registered_acct = $this->config2->getSystemValue('SIGNAL_CLI_DBUS_REST_API_ACCOUNT',''); $response = $client->post( $this->config->getUrl() . '/v2/send', [ 'json' => [ 'text_mode' => 'styled', 'message' => $message, 'number' => $registered_acct, 'recipients' => $recipient_acct ], ] ); $body = $response->getBody(); $json = json_decode($body, true); if ($response->getStatusCode() !== 201 || is_null($json) || !is_array($json) || !isset($json['timestamp'])) { $status = $response->getStatusCode(); throw new SmsTransmissionException("error reported by Signal gateway, status=$status, body=$body}"); } } else { // Try old deprecated gateway https://gitlab.com/morph027/signal-web-gateway $response = $client->post( $this->config->getUrl() . '/v1/send/' . $identifier, [ 'body' => [ 'to' => $identifier, 'message' => $message, ], 'json' => [ 'message' => $message ], ] ); $body = $response->getBody(); $json = json_decode($body, true); if ($response->getStatusCode() !== 200 || is_null($json) || !is_array($json) || !isset($json['success']) || $json['success'] !== true) { $status = $response->getStatusCode(); throw new SmsTransmissionException("error reported by Signal gateway, status=$status, body=$body}"); } } } ``` You may reuse it somehow. Ideally, it might be great to add this configuration to webUI.

kerem commented 2026-02-26 05:33:24 +03:00

Author

Owner

Copy link

@oleua commented on GitHub (Jan 28, 2026):

In the v32 I do not use anymore the SIGNAL_CLI_DBUS_REST_API_ACCOUNT variable in config.php. I have adapted the configuration to make it compatible with bbernhard/signal-cli-rest-api, which I use:

In /apps/twofactor_gateway/lib/Provider/Channel/Signal/Gateway.php:

<?php

// modified by me

declare(strict_types=1);

/**
 * SPDX-FileCopyrightText: 2024 Christoph Wurst <christoph@winzerhof-wurst.at>
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */

namespace OCA\TwoFactorGateway\Provider\Channel\Signal;

use OCA\TwoFactorGateway\Exception\MessageTransmissionException;
use OCA\TwoFactorGateway\Provider\FieldDefinition;
use OCA\TwoFactorGateway\Provider\Gateway\AGateway;
use OCA\TwoFactorGateway\Provider\Settings;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Http\Client\IClientService;
use OCP\IAppConfig;
use Psr\Log\LoggerInterface;
use Symfony\Component\Console\Helper\QuestionHelper;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Question\Question;

/**
 * An integration of https://github.com/bbernhard/signal-cli-rest-api
 * with backward compatibility.
 * @method string getUrl()
 * @method AGateway setUrl(string $url)
 * @method string getAccount()
 * @method AGateway setAccount(string $account)
 */
class Gateway extends AGateway {
    public const ACCOUNT_UNNECESSARY = 'unnecessary';

    public function __construct(
        public IAppConfig $appConfig,
        private IClientService $clientService,
        private ITimeFactory $timeFactory,
        private LoggerInterface $logger,
    ) {
        parent::__construct($appConfig);
    }

    #[\Override]
    public function createSettings(): Settings {
        return new Settings(
            name: 'Signal',
            instructions: 'The gateway can send authentication codes to your Signal app.',
            fields: [
                new FieldDefinition(
                    field: 'url',
                    prompt: 'Please enter the URL of the Signal gateway:',
                    default: 'http://localhost:9922',
                ),
                new FieldDefinition(
                    field: 'account',
                    prompt: 'Please enter the registered Signal number (e.g. +380...):',
                ),
            ]
        );
    }

    #[\Override]
    public function send(string $identifier, string $message, array $extra = []): void {
        $client = $this->clientService->newClient();
        $url = rtrim($this->getUrl(), '/');
        $account = $this->getAccount();

        // 1. Identifying the gateway vial /v1/about
        try {
            $aboutResponse = $client->get($url . '/v1/about');
            if ($aboutResponse->getStatusCode() === 200) {
                $body = $aboutResponse->getBody();
                $jsonAbout = json_decode($body, true);
                $versions = $jsonAbout['versions'] ?? [];

                // Якщо це bbernhard/signal-cli-rest-api (підтримує v2)
                if (is_array($versions) && in_array('v2', $versions)) {
                    $payload = [
                        'text_mode' => 'styled',
                        'message' => $message,
                        'recipients' => [$identifier],
                    ];
                    
                    if ($account !== self::ACCOUNT_UNNECESSARY && !empty($account)) {
                        $payload['number'] = $account;
                    }

                    $response = $client->post($url . '/v2/send', ['json' => $payload]);
                    $this->validateV2Response($response);
                    return;
                }
            }
        } catch (\Exception $e) {
            $this->logger->error("Signal Gateway check failed: " . $e->getMessage());
        }

        // 2. If v2 hasn't worked use JSON RPC (new standard since NC32)
        $rpcResponse = $client->post($url . '/api/v1/rpc', [
            'http_errors' => false,
            'json' => [
                'jsonrpc' => '2.0',
                'method' => 'version',
                'id' => 'v_' . $this->timeFactory->getTime(),
            ],
        ]);

        if (in_array($rpcResponse->getStatusCode(), [200, 201])) {
            $params = [
                'message' => $message,
                'recipient' => $identifier,
                'account' => $account,
            ];
            $response = $client->post($url . '/api/v1/rpc', [
                'json' => [
                    'jsonrpc' => '2.0',
                    'method' => 'send',
                    'id' => 'msg_' . $this->timeFactory->getTime(),
                    'params' => $params,
                ],
            ]);
            $this->validateRpcResponse($response);
            return;
        }

        // 3. Fallback to the old v1 version
        $response = $client->post($url . '/v1/send/' . $identifier, [
            'json' => ['message' => $message]
        ]);
        
        if ($response->getStatusCode() !== 200 && $response->getStatusCode() !== 201) {
            throw new MessageTransmissionException("Signal gateway v1 failed with status " . $response->getStatusCode());
        }
    }

    private function validateV2Response($response): void {
        $status = $response->getStatusCode();
        $body = $response->getBody();
        $json = json_decode($body, true);
        if ($status !== 201 || !isset($json['timestamp'])) {
            throw new MessageTransmissionException("Error in Signal v2: status=$status, body=$body");
        }
    }

    private function validateRpcResponse($response): void {
        $body = $response->getBody();
        $json = json_decode($body, true);
        if (($json['jsonrpc'] ?? null) !== '2.0' || isset($json['error'])) {
            throw new MessageTransmissionException("Error in Signal RPC: " . $body);
        }
    }

    #[\Override]
    public function cliConfigure(InputInterface $input, OutputInterface $output): int {
        $helper = new QuestionHelper();
        $settings = $this->createSettings();

        $url = $helper->ask($input, $output, new Question($settings->fields[0]->prompt, $settings->fields[0]->default));
        $this->setUrl($url);

        $account = $helper->ask($input, $output, new Question($settings->fields[1]->prompt, ''));
        if (empty($account)) {
            $account = self::ACCOUNT_UNNECESSARY;
            $output->writeln('Account not set, using gateway defaults.');
        }
        $this->setAccount($account);

        return 0;
    }
}

<!-- gh-comment-id:3813715164 --> @oleua commented on GitHub (Jan 28, 2026): In the v32 I do not use anymore the `SIGNAL_CLI_DBUS_REST_API_ACCOUNT` variable in `config.php`. I have adapted the configuration to make it compatible with `bbernhard/signal-cli-rest-api`, which I use: In `/apps/twofactor_gateway/lib/Provider/Channel/Signal/Gateway.php`: ``` <?php // modified by me declare(strict_types=1); /** * SPDX-FileCopyrightText: 2024 Christoph Wurst <christoph@winzerhof-wurst.at> * SPDX-License-Identifier: AGPL-3.0-or-later */ namespace OCA\TwoFactorGateway\Provider\Channel\Signal; use OCA\TwoFactorGateway\Exception\MessageTransmissionException; use OCA\TwoFactorGateway\Provider\FieldDefinition; use OCA\TwoFactorGateway\Provider\Gateway\AGateway; use OCA\TwoFactorGateway\Provider\Settings; use OCP\AppFramework\Utility\ITimeFactory; use OCP\Http\Client\IClientService; use OCP\IAppConfig; use Psr\Log\LoggerInterface; use Symfony\Component\Console\Helper\QuestionHelper; use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; use Symfony\Component\Console\Question\Question; /** * An integration of https://github.com/bbernhard/signal-cli-rest-api * with backward compatibility. * @method string getUrl() * @method AGateway setUrl(string $url) * @method string getAccount() * @method AGateway setAccount(string $account) */ class Gateway extends AGateway { public const ACCOUNT_UNNECESSARY = 'unnecessary'; public function __construct( public IAppConfig $appConfig, private IClientService $clientService, private ITimeFactory $timeFactory, private LoggerInterface $logger, ) { parent::__construct($appConfig); } #[\Override] public function createSettings(): Settings { return new Settings( name: 'Signal', instructions: 'The gateway can send authentication codes to your Signal app.', fields: [ new FieldDefinition( field: 'url', prompt: 'Please enter the URL of the Signal gateway:', default: 'http://localhost:9922', ), new FieldDefinition( field: 'account', prompt: 'Please enter the registered Signal number (e.g. +380...):', ), ] ); } #[\Override] public function send(string $identifier, string $message, array $extra = []): void { $client = $this->clientService->newClient(); $url = rtrim($this->getUrl(), '/'); $account = $this->getAccount(); // 1. Identifying the gateway vial /v1/about try { $aboutResponse = $client->get($url . '/v1/about'); if ($aboutResponse->getStatusCode() === 200) { $body = $aboutResponse->getBody(); $jsonAbout = json_decode($body, true); $versions = $jsonAbout['versions'] ?? []; // Якщо це bbernhard/signal-cli-rest-api (підтримує v2) if (is_array($versions) && in_array('v2', $versions)) { $payload = [ 'text_mode' => 'styled', 'message' => $message, 'recipients' => [$identifier], ]; if ($account !== self::ACCOUNT_UNNECESSARY && !empty($account)) { $payload['number'] = $account; } $response = $client->post($url . '/v2/send', ['json' => $payload]); $this->validateV2Response($response); return; } } } catch (\Exception $e) { $this->logger->error("Signal Gateway check failed: " . $e->getMessage()); } // 2. If v2 hasn't worked use JSON RPC (new standard since NC32) $rpcResponse = $client->post($url . '/api/v1/rpc', [ 'http_errors' => false, 'json' => [ 'jsonrpc' => '2.0', 'method' => 'version', 'id' => 'v_' . $this->timeFactory->getTime(), ], ]); if (in_array($rpcResponse->getStatusCode(), [200, 201])) { $params = [ 'message' => $message, 'recipient' => $identifier, 'account' => $account, ]; $response = $client->post($url . '/api/v1/rpc', [ 'json' => [ 'jsonrpc' => '2.0', 'method' => 'send', 'id' => 'msg_' . $this->timeFactory->getTime(), 'params' => $params, ], ]); $this->validateRpcResponse($response); return; } // 3. Fallback to the old v1 version $response = $client->post($url . '/v1/send/' . $identifier, [ 'json' => ['message' => $message] ]); if ($response->getStatusCode() !== 200 && $response->getStatusCode() !== 201) { throw new MessageTransmissionException("Signal gateway v1 failed with status " . $response->getStatusCode()); } } private function validateV2Response($response): void { $status = $response->getStatusCode(); $body = $response->getBody(); $json = json_decode($body, true); if ($status !== 201 || !isset($json['timestamp'])) { throw new MessageTransmissionException("Error in Signal v2: status=$status, body=$body"); } } private function validateRpcResponse($response): void { $body = $response->getBody(); $json = json_decode($body, true); if (($json['jsonrpc'] ?? null) !== '2.0' || isset($json['error'])) { throw new MessageTransmissionException("Error in Signal RPC: " . $body); } } #[\Override] public function cliConfigure(InputInterface $input, OutputInterface $output): int { $helper = new QuestionHelper(); $settings = $this->createSettings(); $url = $helper->ask($input, $output, new Question($settings->fields[0]->prompt, $settings->fields[0]->default)); $this->setUrl($url); $account = $helper->ask($input, $output, new Question($settings->fields[1]->prompt, '')); if (empty($account)) { $account = self::ACCOUNT_UNNECESSARY; $output->writeln('Account not set, using gateway defaults.'); } $this->setAccount($account); return 0; } } ```

kerem referenced this issue 2026-02-26 05:34:01 +03:00

[PR #121] [MERGED] Fix caching of telegram chat id #221

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

stable32

stable33

dependabot/npm_and_yarn/vue/test-utils-2.4.8

dependabot/npm_and_yarn/vue-3.5.33

dependabot/npm_and_yarn/vitest-4.1.5

dependabot/npm_and_yarn/nextcloud/axios-2.6.0

dependabot/npm_and_yarn/dompurify-3.4.1

feat/whatsapp-business-driver

stable31

v3.2.0

v2.4.0

v3.1.0

v2.3.0

v2.2.2

v3.0.2

v3.0.1

v2.2.1

v1.2.1

v3.0.0

v1.2.0

v2.2.0

v1.0.0

v2.0.0

v0.20.0

v0.19.0

v0.17.0

v0.16.0

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.0

v0.13

v0.12.0

v0.11.0

v0.11.0-beta1

v0.10.1

v0.10.1-beta1

v0.10.0

v0.10.0-beta1

v0.9.0

v0.9.0-beta1

v0.8.0

v0.8.0-beta1

v0.7.0

v0.7.0-beta2

v0.7.0-beta1

v0.6.1

v0.6.0

v0.5.0

v0.2.0

v0.2

Labels

Clear labels   

0. to triage

  

1. to develop

  

3. to review

  

blocked

  

bug

  

discussion

  

duplicate

  

enhancement

  

enhancement

  

gateway:signal

  

gateway:signal

  

gateway:signal

  

gateway:sms

  

gateway:telegram

  

hacktoberfest

  

help wanted

  

invalid

  

needs info

  

php

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

technical debt

No labels

0. to triage

1. to develop

3. to review

blocked

bug

discussion

duplicate

enhancement

enhancement

gateway:signal

gateway:signal

gateway:signal

gateway:sms

gateway:telegram

hacktoberfest

help wanted

invalid

needs info

php

pull-request

question

technical debt

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/twofactor_gateway-nextcloud#121

No description provided.