From f70cf5893bb775625e79ed959721ede03e34a108 Mon Sep 17 00:00:00 2001
From: Minteck <contact@minteck.org>
Date: Mon, 11 Jul 2022 18:54:47 +0200
Subject: Update

---
 Authentication/Callback/index.php        |  4 +-
 Authentication/Mobile/index.php          |  4 --
 Authentication/Mobile2/index.php         |  4 ++
 Authentication/Mobile2Callback/index.php | 63 ++++++++++++++++++++++++++++++++
 Authentication/MobileCallback/index.php  | 63 --------------------------------
 Authentication/Start/index.php           |  2 +-
 Authentication/Username/index.php        |  3 +-
 7 files changed, 72 insertions(+), 71 deletions(-)
 delete mode 100644 Authentication/Mobile/index.php
 create mode 100644 Authentication/Mobile2/index.php
 create mode 100644 Authentication/Mobile2Callback/index.php
 delete mode 100644 Authentication/MobileCallback/index.php

(limited to 'Authentication')

diff --git a/Authentication/Callback/index.php b/Authentication/Callback/index.php
index 0dad35d..9fa8ad4 100644
--- a/Authentication/Callback/index.php
+++ b/Authentication/Callback/index.php
@@ -9,7 +9,7 @@ if (!isset($_GET['code'])) {
 
 $appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true);
 
-$crl = curl_init('https://account.minteck.org/hub/api/rest/oauth2/token');
+$crl = curl_init('https://privateauth.equestria.dev/hub/api/rest/oauth2/token');
 curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
 curl_setopt($crl, CURLINFO_HEADER_OUT, true);
 curl_setopt($crl, CURLOPT_POST, true);
@@ -26,7 +26,7 @@ $result = json_decode($result, true);
 curl_close($crl);
 
 if (isset($result["access_token"])) {
-    $crl = curl_init('https://account.minteck.org/hub/api/rest/users/me');
+    $crl = curl_init('https://privateauth.equestria.dev/hub/api/rest/users/me');
     curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
     curl_setopt($crl, CURLINFO_HEADER_OUT, true);
     curl_setopt($crl, CURLOPT_HTTPHEADER, [
diff --git a/Authentication/Mobile/index.php b/Authentication/Mobile/index.php
deleted file mode 100644
index 5811228..0000000
--- a/Authentication/Mobile/index.php
+++ /dev/null
@@ -1,4 +0,0 @@
-<?php
-
-header("Location: https://account.minteck.org/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true)["id"] . "&response_type=code&redirect_uri=http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/MobileCallback&scope=Hub&request_credentials=default&access_type=offline");
-die();
diff --git a/Authentication/Mobile2/index.php b/Authentication/Mobile2/index.php
new file mode 100644
index 0000000..910df72
--- /dev/null
+++ b/Authentication/Mobile2/index.php
@@ -0,0 +1,4 @@
+<?php
+
+header("Location: https://privateauth.equestria.dev/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true)["id"] . "&response_type=code&redirect_uri=http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/Mobile2Callback&scope=Hub&request_credentials=default&access_type=offline");
+die();
\ No newline at end of file
diff --git a/Authentication/Mobile2Callback/index.php b/Authentication/Mobile2Callback/index.php
new file mode 100644
index 0000000..a59b926
--- /dev/null
+++ b/Authentication/Mobile2Callback/index.php
@@ -0,0 +1,63 @@
+<?php
+
+header("Content-Type: text/plain");
+// TODO: handle errors
+
+if (!isset($_GET['code'])) {
+    die();
+}
+
+$appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true);
+
+$crl = curl_init('https://privateauth.equestria.dev/hub/api/rest/oauth2/token');
+curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
+curl_setopt($crl, CURLINFO_HEADER_OUT, true);
+curl_setopt($crl, CURLOPT_POST, true);
+curl_setopt($crl, CURLOPT_HTTPHEADER, [
+    "Authorization: Basic " . base64_encode($appdata["id"] . ":" . $appdata["secret"]),
+    "Content-Type: application/x-www-form-urlencoded",
+    "Accept: application/json"
+]);
+curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/Mobile2Callback") . "&code=" . $_GET['code']);
+
+$result = curl_exec($crl);
+$result = json_decode($result, true);
+
+curl_close($crl);
+
+if (isset($result["access_token"])) {
+    $crl = curl_init('https://privateauth.equestria.dev/hub/api/rest/users/me');
+    curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
+    curl_setopt($crl, CURLINFO_HEADER_OUT, true);
+    curl_setopt($crl, CURLOPT_HTTPHEADER, [
+        "Authorization: Bearer " . $result["access_token"],
+        "Accept: application/json"
+    ]);
+
+    $result = curl_exec($crl);
+    $result = json_decode($result, true);
+
+    if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens");
+
+    if (in_array($result["id"], json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/AllowedUsers.json"), true))) {
+        $token = bin2hex(random_bytes(32));
+        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens/" . $token, json_encode($result));
+        session_start();
+        session_set_cookie_params([
+            'lifetime' => 0,
+            'path' => '/',
+            'domain' => "",
+            'secure' => true,
+            'httponly' => true,
+            'samesite' => 'None'
+        ]);
+        setcookie("BITS_SESSION_TOKEN", $token, 0, "/", "", true, true);
+        header("Set-Cookie: BITS_SESSION_TOKEN=" . $token . "; SameSite=None; Path=/; Secure; HttpOnly");
+
+        header("Location: /Mobile2");
+    } else {
+        header("Location: /Authentication/Disallowed");
+    }
+
+    die();
+}
\ No newline at end of file
diff --git a/Authentication/MobileCallback/index.php b/Authentication/MobileCallback/index.php
deleted file mode 100644
index 8c16d67..0000000
--- a/Authentication/MobileCallback/index.php
+++ /dev/null
@@ -1,63 +0,0 @@
-<?php
-
-header("Content-Type: text/plain");
-// TODO: handle errors
-
-if (!isset($_GET['code'])) {
-    die();
-}
-
-$appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true);
-
-$crl = curl_init('https://account.minteck.org/hub/api/rest/oauth2/token');
-curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
-curl_setopt($crl, CURLINFO_HEADER_OUT, true);
-curl_setopt($crl, CURLOPT_POST, true);
-curl_setopt($crl, CURLOPT_HTTPHEADER, [
-    "Authorization: Basic " . base64_encode($appdata["id"] . ":" . $appdata["secret"]),
-    "Content-Type: application/x-www-form-urlencoded",
-    "Accept: application/json"
-]);
-curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/MobileCallback") . "&code=" . $_GET['code']);
-
-$result = curl_exec($crl);
-$result = json_decode($result, true);
-
-curl_close($crl);
-
-if (isset($result["access_token"])) {
-    $crl = curl_init('https://account.minteck.org/hub/api/rest/users/me');
-    curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
-    curl_setopt($crl, CURLINFO_HEADER_OUT, true);
-    curl_setopt($crl, CURLOPT_HTTPHEADER, [
-        "Authorization: Bearer " . $result["access_token"],
-        "Accept: application/json"
-    ]);
-
-    $result = curl_exec($crl);
-    $result = json_decode($result, true);
-
-    if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens");
-
-    if (in_array($result["id"], json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/AllowedUsers.json"), true))) {
-        $token = bin2hex(random_bytes(32));
-        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens/" . $token, json_encode($result));
-        session_start();
-        session_set_cookie_params([
-            'lifetime' => 0,
-            'path' => '/',
-            'domain' => "",
-            'secure' => true,
-            'httponly' => true,
-            'samesite' => 'None'
-        ]);
-        setcookie("BITS_SESSION_TOKEN", $token, 0, "/", "", true, true);
-        header("Set-Cookie: BITS_SESSION_TOKEN=" . $token . "; SameSite=None; Path=/; Secure; HttpOnly");
-
-        header("Location: /Mobile");
-    } else {
-        header("Location: /Authentication/Disallowed");
-    }
-
-    die();
-}
\ No newline at end of file
diff --git a/Authentication/Start/index.php b/Authentication/Start/index.php
index 006752e..c3e7685 100644
--- a/Authentication/Start/index.php
+++ b/Authentication/Start/index.php
@@ -1,4 +1,4 @@
 <?php
 
-header("Location: https://account.minteck.org/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true)["id"] . "&response_type=code&redirect_uri=http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/Callback&scope=Hub&request_credentials=default&access_type=offline");
+header("Location: https://privateauth.equestria.dev/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Application.json"), true)["id"] . "&response_type=code&redirect_uri=http" . ($_SERVER['HTTPS'] ? "s" : "") . "://" . $_SERVER['HTTP_HOST'] . "/Authentication/Callback&scope=Hub&request_credentials=default&access_type=offline");
 die();
diff --git a/Authentication/Username/index.php b/Authentication/Username/index.php
index 63b4aed..9a84870 100644
--- a/Authentication/Username/index.php
+++ b/Authentication/Username/index.php
@@ -5,7 +5,8 @@ header("Content-Type: application/json");
 
 $a = [
     "name" => $_PROFILE["name"],
-    "id" => $_PROFILE['id']
+    "id" => $_PROFILE['id'],
+    "system" => json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Data/Systems.json"), true)[$_PROFILE['id']],
 ];
 
 die(json_encode($a));
\ No newline at end of file
-- 
cgit