From f70cf5893bb775625e79ed959721ede03e34a108 Mon Sep 17 00:00:00 2001
From: Minteck <contact@minteck.org>
Date: Mon, 11 Jul 2022 18:54:47 +0200
Subject: Update

---
 .DS_Store                                | Bin 6148 -> 6148 bytes
 .idea/deployment.xml                     |   3 ++
 Application/AddTransaction/index.php     |   9 ++++-
 Application/SetCurrentIdentity/index.php |  22 +++++++++++
 Application/SetDefaultIdentity/index.php |  13 +++++++
 Application/TransactionsList/index.php   |   4 +-
 Authentication/Callback/index.php        |   4 +-
 Authentication/Mobile/index.php          |   4 --
 Authentication/Mobile2/index.php         |   4 ++
 Authentication/Mobile2Callback/index.php |  63 +++++++++++++++++++++++++++++++
 Authentication/MobileCallback/index.php  |  63 -------------------------------
 Authentication/Start/index.php           |   2 +-
 Authentication/Username/index.php        |   3 +-
 Private/AllowedUsers.json                |   4 +-
 14 files changed, 121 insertions(+), 77 deletions(-)
 create mode 100644 Application/SetCurrentIdentity/index.php
 create mode 100644 Application/SetDefaultIdentity/index.php
 delete mode 100644 Authentication/Mobile/index.php
 create mode 100644 Authentication/Mobile2/index.php
 create mode 100644 Authentication/Mobile2Callback/index.php
 delete mode 100644 Authentication/MobileCallback/index.php

diff --git a/.DS_Store b/.DS_Store
index 7fd6dd1..1d58263 100644
Binary files a/.DS_Store and b/.DS_Store differ
diff --git a/.idea/deployment.xml b/.idea/deployment.xml
index 8cdf222..fb02d60 100644
--- a/.idea/deployment.xml
+++ b/.idea/deployment.xml
@@ -7,6 +7,9 @@
           <mappings>
             <mapping deploy="/mnt/bits" local="$PROJECT_DIR$" web="/" />
           </mappings>
+          <excludedPaths>
+            <excludedPath path="/mnt/bits/Mobile" />
+          </excludedPaths>
         </serverdata>
       </paths>
     </serverData>
diff --git a/Application/AddTransaction/index.php b/Application/AddTransaction/index.php
index ef2f339..2a56696 100644
--- a/Application/AddTransaction/index.php
+++ b/Application/AddTransaction/index.php
@@ -45,6 +45,7 @@ if (!isset($_GET['Currency']) || !isset($_GET['Amount']) || !is_numeric($_GET['A
 
 $transaction = [];
 $exchangeRate = (float)file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/ExchangeRate.txt");
+$identities = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Data/Identities.json"), true);
 
 $eurToGbp = $exchangeRate;
 $gbpToEur = 1 / $eurToGbp;
@@ -59,7 +60,9 @@ if ($_GET['Currency'] === "€") {
             'original' => 'eur'
         ],
         'date' => date("c"),
-        'description' => base64url_decode($_GET['Description'])
+        'description' => base64url_decode($_GET['Description']),
+        'name' => $identities[$_PROFILE["id"]]["name"],
+        'picture' => $identities[$_PROFILE["id"]]["picture"]
     ];
 } else {
     $transaction = [
@@ -71,7 +74,9 @@ if ($_GET['Currency'] === "€") {
             'original' => 'gbp'
         ],
         'date' => date("c"),
-        'description' => base64url_decode($_GET['Description'])
+        'description' => base64url_decode($_GET['Description']),
+        'name' => $identities[$_PROFILE["id"]]["name"],
+        'picture' => $identities[$_PROFILE["id"]]["picture"]
     ];
 }
 
diff --git a/Application/SetCurrentIdentity/index.php b/Application/SetCurrentIdentity/index.php
new file mode 100644
index 0000000..d7603dd
--- /dev/null
+++ b/Application/SetCurrentIdentity/index.php
@@ -0,0 +1,22 @@
+<?php
+
+require_once $_SERVER['DOCUMENT_ROOT'] . "/Private/SessionManager.php"; global $_PROFILE;
+header("Content-Type: application/json");
+
+$identities = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Data/Identities.json"), true);
+
+if (!isset($_GET['Name']) || !isset($_GET['Picture'])) {
+    die();
+}
+
+function base64url_decode($data, $strict = false): string {
+    $b64 = strtr($data, '-_', '+/');
+    return base64_decode($b64, $strict);
+}
+
+$identities[$_PROFILE["id"]]["name"] = base64url_decode($_GET['Name']);
+$identities[$_PROFILE["id"]]["picture"] = base64url_decode($_GET['Picture']);
+
+file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Data/Identities.json", json_encode($identities, JSON_PRETTY_PRINT));
+
+die();
\ No newline at end of file
diff --git a/Application/SetDefaultIdentity/index.php b/Application/SetDefaultIdentity/index.php
new file mode 100644
index 0000000..d35eb6a
--- /dev/null
+++ b/Application/SetDefaultIdentity/index.php
@@ -0,0 +1,13 @@
+<?php
+
+require_once $_SERVER['DOCUMENT_ROOT'] . "/Private/SessionManager.php"; global $_PROFILE;
+header("Content-Type: application/json");
+
+$identities = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Data/Identities.json"), true);
+
+$identities[$_PROFILE["id"]]["name"] = $_PROFILE["name"];
+$identities[$_PROFILE["id"]]["picture"] = "https://privateauth.equestria.dev/hub/api/rest/avatar/" . $_PROFILE['id'] . "?dpr=2&size=64";
+
+file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Data/Identities.json", json_encode($identities, JSON_PRETTY_PRINT));
+
+die();
\ No newline at end of file
diff --git a/Application/TransactionsList/index.php b/Application/TransactionsList/index.php
index 64d2d2a..d4c5691 100644
--- a/Application/TransactionsList/index.php
+++ b/Application/TransactionsList/index.php
@@ -44,8 +44,8 @@ foreach ($list as $id) {
 
         $item["author"] = [
             "id" => $item["author"],
-            "name" => $users[$item["author"]] ?? $item["author"],
-            "avatar" => "https://account.minteck.org/hub/api/rest/avatar/" . $item["author"] . "?dpr=2&size=48"
+            "name" => $item["name"] ?? $users[$item["author"]] ?? $item["author"],
+            "avatar" => $item["picture"] ?? "https://privateauth.equestria.dev/hub/api/rest/avatar/" . $item["author"] . "?dpr=2&size=48"
         ];
         $item["date"] = [
             "absolute" => $item["date"],
diff --git a/Authentication/Callback/index.php b/Authentication/Callback/index.php
index 0dad35d..9fa8ad4 100644
--- a/Authentication/Callback/index.php
+++ b/Authentication/Callback/index.php
@@ -9,7 +9,7 @@ if (!isset($_GET['code'])) {
 
 $appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true);
 
-$crl = curl_init('https://account.minteck.org/hub/api/rest/oauth2/token');
+$crl = curl_init('https://privateauth.equestria.dev/hub/api/rest/oauth2/token');
 curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
 curl_setopt($crl, CURLINFO_HEADER_OUT, true);
 curl_setopt($crl, CURLOPT_POST, true);
@@ -26,7 +26,7 @@ $result = json_decode($result, true);
 curl_close($crl);
 
 if (isset($result["access_token"])) {
-    $crl = curl_init('https://account.minteck.org/hub/api/rest/users/me');
+    $crl = curl_init('https://privateauth.equestria.dev/hub/api/rest/users/me');
     curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
     curl_setopt($crl, CURLINFO_HEADER_OUT, true);
     curl_setopt($crl, CURLOPT_HTTPHEADER, [
diff --git a/Authentication/Mobile/index.php b/Authentication/Mobile/index.php
deleted file mode 100644
index 5811228..0000000
--- a/Authentication/Mobile/index.php
+++ /dev/null
@@ -1,4 +0,0 @@
-<?php
-
-header("Location: https://account.minteck.org/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true)["id"] . "&response_type=code&redirect_uri=http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/MobileCallback&scope=Hub&request_credentials=default&access_type=offline");
-die();
diff --git a/Authentication/Mobile2/index.php b/Authentication/Mobile2/index.php
new file mode 100644
index 0000000..910df72
--- /dev/null
+++ b/Authentication/Mobile2/index.php
@@ -0,0 +1,4 @@
+<?php
+
+header("Location: https://privateauth.equestria.dev/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true)["id"] . "&response_type=code&redirect_uri=http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/Mobile2Callback&scope=Hub&request_credentials=default&access_type=offline");
+die();
\ No newline at end of file
diff --git a/Authentication/Mobile2Callback/index.php b/Authentication/Mobile2Callback/index.php
new file mode 100644
index 0000000..a59b926
--- /dev/null
+++ b/Authentication/Mobile2Callback/index.php
@@ -0,0 +1,63 @@
+<?php
+
+header("Content-Type: text/plain");
+// TODO: handle errors
+
+if (!isset($_GET['code'])) {
+    die();
+}
+
+$appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true);
+
+$crl = curl_init('https://privateauth.equestria.dev/hub/api/rest/oauth2/token');
+curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
+curl_setopt($crl, CURLINFO_HEADER_OUT, true);
+curl_setopt($crl, CURLOPT_POST, true);
+curl_setopt($crl, CURLOPT_HTTPHEADER, [
+    "Authorization: Basic " . base64_encode($appdata["id"] . ":" . $appdata["secret"]),
+    "Content-Type: application/x-www-form-urlencoded",
+    "Accept: application/json"
+]);
+curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/Mobile2Callback") . "&code=" . $_GET['code']);
+
+$result = curl_exec($crl);
+$result = json_decode($result, true);
+
+curl_close($crl);
+
+if (isset($result["access_token"])) {
+    $crl = curl_init('https://privateauth.equestria.dev/hub/api/rest/users/me');
+    curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
+    curl_setopt($crl, CURLINFO_HEADER_OUT, true);
+    curl_setopt($crl, CURLOPT_HTTPHEADER, [
+        "Authorization: Bearer " . $result["access_token"],
+        "Accept: application/json"
+    ]);
+
+    $result = curl_exec($crl);
+    $result = json_decode($result, true);
+
+    if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens");
+
+    if (in_array($result["id"], json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/AllowedUsers.json"), true))) {
+        $token = bin2hex(random_bytes(32));
+        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens/" . $token, json_encode($result));
+        session_start();
+        session_set_cookie_params([
+            'lifetime' => 0,
+            'path' => '/',
+            'domain' => "",
+            'secure' => true,
+            'httponly' => true,
+            'samesite' => 'None'
+        ]);
+        setcookie("BITS_SESSION_TOKEN", $token, 0, "/", "", true, true);
+        header("Set-Cookie: BITS_SESSION_TOKEN=" . $token . "; SameSite=None; Path=/; Secure; HttpOnly");
+
+        header("Location: /Mobile2");
+    } else {
+        header("Location: /Authentication/Disallowed");
+    }
+
+    die();
+}
\ No newline at end of file
diff --git a/Authentication/MobileCallback/index.php b/Authentication/MobileCallback/index.php
deleted file mode 100644
index 8c16d67..0000000
--- a/Authentication/MobileCallback/index.php
+++ /dev/null
@@ -1,63 +0,0 @@
-<?php
-
-header("Content-Type: text/plain");
-// TODO: handle errors
-
-if (!isset($_GET['code'])) {
-    die();
-}
-
-$appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true);
-
-$crl = curl_init('https://account.minteck.org/hub/api/rest/oauth2/token');
-curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
-curl_setopt($crl, CURLINFO_HEADER_OUT, true);
-curl_setopt($crl, CURLOPT_POST, true);
-curl_setopt($crl, CURLOPT_HTTPHEADER, [
-    "Authorization: Basic " . base64_encode($appdata["id"] . ":" . $appdata["secret"]),
-    "Content-Type: application/x-www-form-urlencoded",
-    "Accept: application/json"
-]);
-curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/MobileCallback") . "&code=" . $_GET['code']);
-
-$result = curl_exec($crl);
-$result = json_decode($result, true);
-
-curl_close($crl);
-
-if (isset($result["access_token"])) {
-    $crl = curl_init('https://account.minteck.org/hub/api/rest/users/me');
-    curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
-    curl_setopt($crl, CURLINFO_HEADER_OUT, true);
-    curl_setopt($crl, CURLOPT_HTTPHEADER, [
-        "Authorization: Bearer " . $result["access_token"],
-        "Accept: application/json"
-    ]);
-
-    $result = curl_exec($crl);
-    $result = json_decode($result, true);
-
-    if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens");
-
-    if (in_array($result["id"], json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/AllowedUsers.json"), true))) {
-        $token = bin2hex(random_bytes(32));
-        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens/" . $token, json_encode($result));
-        session_start();
-        session_set_cookie_params([
-            'lifetime' => 0,
-            'path' => '/',
-            'domain' => "",
-            'secure' => true,
-            'httponly' => true,
-            'samesite' => 'None'
-        ]);
-        setcookie("BITS_SESSION_TOKEN", $token, 0, "/", "", true, true);
-        header("Set-Cookie: BITS_SESSION_TOKEN=" . $token . "; SameSite=None; Path=/; Secure; HttpOnly");
-
-        header("Location: /Mobile");
-    } else {
-        header("Location: /Authentication/Disallowed");
-    }
-
-    die();
-}
\ No newline at end of file
diff --git a/Authentication/Start/index.php b/Authentication/Start/index.php
index 006752e..c3e7685 100644
--- a/Authentication/Start/index.php
+++ b/Authentication/Start/index.php
@@ -1,4 +1,4 @@
 <?php
 
-header("Location: https://account.minteck.org/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true)["id"] . "&response_type=code&redirect_uri=http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/Callback&scope=Hub&request_credentials=default&access_type=offline");
+header("Location: https://privateauth.equestria.dev/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true)["id"] . "&response_type=code&redirect_uri=http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/Callback&scope=Hub&request_credentials=default&access_type=offline");
 die();
diff --git a/Authentication/Username/index.php b/Authentication/Username/index.php
index 63b4aed..9a84870 100644
--- a/Authentication/Username/index.php
+++ b/Authentication/Username/index.php
@@ -5,7 +5,8 @@ header("Content-Type: application/json");
 
 $a = [
     "name" => $_PROFILE["name"],
-    "id" => $_PROFILE['id']
+    "id" => $_PROFILE['id'],
+    "system" => json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Data/Systems.json"), true)[$_PROFILE['id']],
 ];
 
 die(json_encode($a));
\ No newline at end of file
diff --git a/Private/AllowedUsers.json b/Private/AllowedUsers.json
index b94bf28..0c50775 100644
--- a/Private/AllowedUsers.json
+++ b/Private/AllowedUsers.json
@@ -1,4 +1,4 @@
 [
-  "e2d08242-9107-40fc-834e-28e6000ef1cd",
-  "0204b8a8-4468-4f59-859d-a82e731b1378"
+  "a694c0d8-6f82-4ee7-abe2-89b68b4e4c96",
+  "0fa25553-2bd0-4e88-820b-218c88efa547"
 ]
\ No newline at end of file
-- 
cgit