diff options
| author | Minteck <contact@minteck.org> | 2021-12-23 19:40:44 +0100 |
|---|---|---|
| committer | Minteck <contact@minteck.org> | 2021-12-23 19:40:44 +0100 |
| commit | 133be8d6e235b83edf562520c550a2cda734ffd1 (patch) | |
| tree | bc2f0fde44cb19e0ff84c060a5234dabf6c00545 | |
| parent | 408bee6540c861b65ebb9f6ca805060b35b31720 (diff) | |
| download | core-133be8d6e235b83edf562520c550a2cda734ffd1.tar.gz core-133be8d6e235b83edf562520c550a2cda734ffd1.tar.bz2 core-133be8d6e235b83edf562520c550a2cda734ffd1.zip | |
Commit
| -rw-r--r-- | .gitignore | 3 | ||||
| -rw-r--r-- | .idea/deployment.xml | 3 | ||||
| -rw-r--r-- | .idea/sshConfigs.xml | 2 | ||||
| -rw-r--r-- | .idea/webServers.xml | 2 | ||||
| -rw-r--r-- | index.php | 6 | ||||
| -rw-r--r-- | known/index.php | 152 | ||||
| -rw-r--r-- | login.old/embed/index.php | 6 | ||||
| -rw-r--r-- | login.old/index.php | 6 | ||||
| -rw-r--r-- | login/embed/index.php | 2 | ||||
| -rw-r--r-- | login/index.php | 2 | ||||
| -rw-r--r-- | me/index.php | 9 | ||||
| -rw-r--r-- | oauth.old/embed/index.php | 45 | ||||
| -rw-r--r-- | oauth.old/index.php | 45 | ||||
| -rw-r--r-- | oauth/embed/index.php | 11 | ||||
| -rw-r--r-- | oauth/index.php | 11 | ||||
| -rw-r--r-- | private/FamilineConfig.demo.json | 2 | ||||
| -rw-r--r-- | private/app.old.json | 4 | ||||
| -rw-r--r-- | statusbar.php | 4 | ||||
| -rw-r--r-- | test/cookie/index.php | 6 | ||||
| -rw-r--r-- | test/index.html | 12 | ||||
| -rw-r--r-- | test/value/index.php | 7 | ||||
| -rw-r--r-- | test/value/no/index.html | 12 | ||||
| -rw-r--r-- | test/value/yes/index.html | 12 |
23 files changed, 347 insertions, 17 deletions
@@ -2,4 +2,5 @@ private/app.json app/console
app/help
app/money
-private/FamilineConfig.json
\ No newline at end of file +private/FamilineConfig.json
+private/userpics
\ No newline at end of file diff --git a/.idea/deployment.xml b/.idea/deployment.xml index 1183b3a..af565fd 100644 --- a/.idea/deployment.xml +++ b/.idea/deployment.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?>
<project version="4">
- <component name="PublishConfigData" autoUpload="Always" serverName="Familine (project level)" createEmptyFolders="true" autoUploadExternalChanges="true">
+ <component name="PublishConfigData" serverName="Familine (project level)" createEmptyFolders="true" autoUploadExternalChanges="true">
<serverData>
<paths name="Familine (project level)">
<serverdata>
@@ -10,6 +10,5 @@ </serverdata>
</paths>
</serverData>
- <option name="myAutoUpload" value="ALWAYS" />
</component>
</project>
\ No newline at end of file diff --git a/.idea/sshConfigs.xml b/.idea/sshConfigs.xml index f4cd94d..6b5120d 100644 --- a/.idea/sshConfigs.xml +++ b/.idea/sshConfigs.xml @@ -2,7 +2,7 @@ <project version="4"> <component name="SshConfigs"> <configs> - <sshConfig host="familine.ddns.net" id="d74d45ad-c752-4bdf-82c1-85cbd6c8e458" keyPath="$USER_HOME$/.ssh/id_rsa" port="22465" nameFormat="DESCRIPTIVE" username="root" /> + <sshConfig authType="OPEN_SSH" host="ols2" id="d74d45ad-c752-4bdf-82c1-85cbd6c8e458" port="22465" nameFormat="DESCRIPTIVE" username="root" useOpenSSHConfig="true" /> </configs> </component> </project>
\ No newline at end of file diff --git a/.idea/webServers.xml b/.idea/webServers.xml index f1db676..4fe5d8a 100644 --- a/.idea/webServers.xml +++ b/.idea/webServers.xml @@ -3,7 +3,7 @@ <component name="WebServers">
<option name="servers">
<webServer id="dd27d6eb-cb58-4445-81e2-75460b980d8f" name="Familine (project level)" url="https://familine.mooo.com">
- <fileTransfer accessType="SFTP" host="familine.ddns.net" port="22465" sshConfigId="d74d45ad-c752-4bdf-82c1-85cbd6c8e458" sshConfig="root@familine.ddns.net:22465 key" keyPair="true">
+ <fileTransfer accessType="SFTP" host="ols2" port="22465" sshConfigId="d74d45ad-c752-4bdf-82c1-85cbd6c8e458" sshConfig="root@ols2:22465 agent" authAgent="true">
<advancedOptions>
<advancedOptions dataProtectionLevel="Private" keepAliveTimeout="0" passiveMode="true" shareSSLContext="true" />
</advancedOptions>
@@ -97,7 +97,7 @@ require_once $_SERVER['DOCUMENT_ROOT'] . "/private/session.php"; </a>
</div>
<div style="color: white;text-align: center;margin-top: 10px;opacity: .5;font-size: 14px;">
- <?php if ($_ADMIN): ?><a style="color:white;display:inline-block;" href="https://console.familine.minteck.org">Familine Camera</a><?php endif; ?> · <a target="_blank" style="color:white;display:inline-block;" href="https://gitlab.minteck.org/explore/projects/topics/Familine">Code source</a> · version <?= file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/version.txt") ?>
+ <?php if ($_ADMIN): ?><a style="color:white;display:inline-block;" href="https://console.familine.minteck.org">Familine Camera</a> · <?php endif; ?><a style="color:white;display:inline-block;" href="https://familine.minteck.org/known">Problèmes connus</a> · <a target="_blank" style="color:white;display:inline-block;" href="https://gitlab.minteck.org/explore/projects/topics/Familine">Code source</a> · version <?= file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/version.txt") ?>
</div>
</div>
</div>
@@ -304,7 +304,7 @@ require_once $_SERVER['DOCUMENT_ROOT'] . "/private/session.php"; echo("0 Mo/200 Mo");
}
- ?> utilisés, <a href="https://share.familine.minteck.org/share">partager un fichier</a>
+ ?> utilisés, <a href="https://share.familine.minteck.org/share/">partager un fichier</a>
<br><br>
@@ -318,4 +318,4 @@ require_once $_SERVER['DOCUMENT_ROOT'] . "/private/session.php"; <script src="/js/navigation.js"></script>
<script src="/js/statusbar.js"></script>
</body>
-</html>
\ No newline at end of file +</html>
diff --git a/known/index.php b/known/index.php new file mode 100644 index 0000000..0b89eb5 --- /dev/null +++ b/known/index.php @@ -0,0 +1,152 @@ +<?php
+
+require_once $_SERVER['DOCUMENT_ROOT'] . "/private/session.php";
+
+/** @var string $_FULLNAME
+ * @var string $_USER
+ * @var string $_SUID
+ * @var array $_PROFILE
+ */
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+ <title>Problèmes connus - Familine</title>
+ <link rel="icon" href="https://familine.minteck.org/icns/familine.svg">
+ <link rel="stylesheet" href="https://familine.minteck.org/styles.css">
+ <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
+ <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
+ <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
+ <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
+ <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
+</head>
+<body>
+ <div class="container" style="margin-top:30px;">
+ <h1>Problèmes connus avec Familine</h1>
+ <p>Familine est une suite de logiciels intégrés les uns avec les autres de façon à former un uniforme parfait. Malheureusement, aucun logiciel n'est complet et fiable à 100%. Cette page liste les principaux problèmes connus avec les différentes applications de Familine.</p>
+ <ul class="list-group">
+ <li class="list-group-item list-group-item-action">
+ <details>
+ <summary>
+ <span class="badge badge-pill badge-secondary">Docs</span>
+ Page d'accueil incomplète
+ </summary>
+ <br>
+ <p>La page d'accueil de Familine Docs est incomplète et ne fournit aucune information utile pour un utilisateur lambda de Familine.</p>
+ <p class="text-muted">Numéro de problème : FD-01</p>
+ </details>
+ </li>
+ <li class="list-group-item list-group-item-action">
+ <details>
+ <summary>
+ <span class="badge badge-pill badge-secondary">Help</span>
+ Pages d'aide incomplète
+ </summary>
+ <br>
+ <p>Plus précisément :</p>
+ <ul>
+ <li>"Services en ligne multimédia" est incomplet ;</li>
+ <li>"Abonnement en ligne Familine Galaxy" doit être retiré ;</li>
+ <li>"Stockage en réseau" doit être retiré ;</li>
+ <li>"Partage de fichiers avec Familine Share" est vide ;</li>
+ <li>"Accéder à la nouvelle version de Famiwiki" est vide ;</li>
+ <li>"Consulter la généalogie" renvoie une erreur (404) ;</li>
+ <li>"Discuter en ligne" renvoie une erreur (404) ;</li>
+ <li>"Mentions légales" renvoie une erreur (404) ;</li>
+ </ul>
+ <p class="text-muted">Numéro de problème : FH-01</p>
+ </details>
+ </li>
+ <li class="list-group-item list-group-item-action">
+ <details>
+ <summary>
+ <span class="badge badge-pill badge-secondary">Money</span>
+ Utilité du service remise en cause
+ </summary>
+ <br>
+ <p>Les administrateurs de Familine remettent en cause l'utilité du service Familine Money. Il se pourrait que ce dernier soit retiré de Familine dans le futur et que les données soient supprimées.</p>
+ <p>Note : dans ce cas, vous ne pourrez pas récupérer l'argent investi dans Familine Money. Tout l'argent récolté permettra d'améliorer la qualité de service de Familine</p>
+ <p class="text-muted">Numéro de problème : FM-01</p>
+ </details>
+ </li>
+ <li class="list-group-item list-group-item-action">
+ <details>
+ <summary>
+ <span class="badge badge-pill badge-secondary">Movies</span>
+ Interface bloquée après fermeture d'une boite de dialogue
+ </summary>
+ <br>
+ <p>Lors de la fermeture d'une boîte de dialogue (par exemple l'avertissement sur les droits d'auteurs), l'interface restera bloquée jusqu'au rechargement de la page.</p>
+ <p class="text-muted">Numéro de problème : FC-01</p>
+ </details>
+ </li>
+ <li class="list-group-item list-group-item-action">
+ <details>
+ <summary>
+ <span class="badge badge-pill badge-secondary">Photos</span>
+ Bouton de connexion accessible
+ </summary>
+ <br>
+ <p>Pour éviter qu'un utilisateur cherche à s'authentifier auprès du portail administratif de Familine Photos, il faudrait masquer le menu utilisateur (avec le bouton de connexion) lorsque l'utilisateur n'est pas connecté.</p>
+ <p class="text-muted">Numéro de problème : FP-01</p>
+ </details>
+ </li>
+ <li class="list-group-item list-group-item-action">
+ <details>
+ <summary>
+ <span class="badge badge-pill badge-secondary">Recall</span>
+ Le bouton "Importer une généalogie" renvoie vers une page d'erreur (404)
+ </summary>
+ <br>
+ <p>Retirer le bouton semble être une solution plausible et laisser les administrateurs importer manuellement une nouvelle version de la généalogie sur le serveur au besoin.</p>
+ <p class="text-muted">Numéro de problème : FR-01</p>
+ </details>
+ </li>
+ <li class="list-group-item list-group-item-action">
+ <details>
+ <summary>
+ <span class="badge badge-pill badge-secondary">Share</span>
+ Icônes de fichiers incorrectes
+ </summary>
+ <br>
+ <p>Lors de la visualisation d'un fichier sur Familine Share, l'icône affichée sera une icône inconnue (fichier blanc) ou une icône de remplacement (fichier gris avec point d'interrogation).</p>
+ <p class="text-muted">Numéro de problème : FS-01</p>
+ </details>
+ </li>
+ <li class="list-group-item list-group-item-action">
+ <details>
+ <summary>
+ <span class="badge badge-pill badge-secondary">Yikes</span>
+ Appels vocaux et vidéos non fonctionnels
+ </summary>
+ <br>
+ <p>Familine Yikes dépend du logiciel Conduit. Conduit ne supporte actuellement pas la fonctionnalité Appels, qui sera probablement ajoutée dans le futur par le biais d'une mise à jour du logiciel Conduit.</p>
+ <p class="text-muted">Numéro de problème : FY-01</p>
+ </details>
+ </li>
+ <li class="list-group-item list-group-item-action">
+ <details>
+ <summary>
+ <span class="badge badge-pill badge-secondary">Yikes</span>
+ Widgets non fonctionnels
+ </summary>
+ <br>
+ <p>Familine Yikes dépend du logiciel Conduit. Conduit ne supporte actuellement pas la fonctionnalité Widgets, qui sera probablement ajoutée dans le futur par le biais d'une mise à jour du logiciel Conduit.</p>
+ <p class="text-muted">Numéro de problème : FY-02</p>
+ </details>
+ </li>
+ </ul>
+ </div>
+ <script>
+ console.log("Injecting Familine header")
+ document.body.innerHTML = document.body.innerHTML + "<iframe style=\"position:fixed;left:0;right:0;top:0;border: none;width: 100%;height:32px;\" src=\"https://<?= /** @var array $_CONFIG */
+ $_CONFIG["Global"]["domain"] ?>/statusbar.php\"></iframe>";
+ document.getElementsByTagName("html")[0].style.marginTop = "32px";
+ document.getElementsByTagName("html")[0].style.height = "calc(100vh - 32px)";
+ </script>
+</body>
+</html>
\ No newline at end of file diff --git a/login.old/embed/index.php b/login.old/embed/index.php new file mode 100644 index 0000000..9fc6274 --- /dev/null +++ b/login.old/embed/index.php @@ -0,0 +1,6 @@ +<?php + +$_CONFIG = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/private/FamilineConfig.json"), true); + +header("Location: https://" . $_CONFIG["Global"]["federation"] . "/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://" . $_CONFIG["Global"]["domain"] . "/oauth/embed&scope=hub&request_credentials=default&access_type=offline"); +die(); diff --git a/login.old/index.php b/login.old/index.php new file mode 100644 index 0000000..67c01cf --- /dev/null +++ b/login.old/index.php @@ -0,0 +1,6 @@ +<?php + +$_CONFIG = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/private/FamilineConfig.json"), true); + +header("Location: https://" . $_CONFIG["Global"]["federation"] . "/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://" . $_CONFIG["Global"]["domain"] . "/oauth&scope=hub&request_credentials=default&access_type=offline"); +die(); diff --git a/login/embed/index.php b/login/embed/index.php index 9fc6274..2cad6ea 100644 --- a/login/embed/index.php +++ b/login/embed/index.php @@ -2,5 +2,5 @@ $_CONFIG = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/private/FamilineConfig.json"), true); -header("Location: https://" . $_CONFIG["Global"]["federation"] . "/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://" . $_CONFIG["Global"]["domain"] . "/oauth/embed&scope=hub&request_credentials=default&access_type=offline"); +header("Location: https://" . $_CONFIG["Global"]["federation"] . "/auth/realms/Familine/protocol/openid-connect/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://" . $_CONFIG["Global"]["domain"] . "/oauth/embed&scope=profile&request_credentials=default&access_type=offline"); die(); diff --git a/login/index.php b/login/index.php index 67c01cf..5cda156 100644 --- a/login/index.php +++ b/login/index.php @@ -2,5 +2,5 @@ $_CONFIG = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/private/FamilineConfig.json"), true); -header("Location: https://" . $_CONFIG["Global"]["federation"] . "/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://" . $_CONFIG["Global"]["domain"] . "/oauth&scope=hub&request_credentials=default&access_type=offline"); +header("Location: https://" . $_CONFIG["Global"]["federation"] . "/auth/realms/Familine/protocol/openid-connect/auth?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://" . $_CONFIG["Global"]["domain"] . "/oauth&scope=profile&request_credentials=default&access_type=offline"); die(); diff --git a/me/index.php b/me/index.php new file mode 100644 index 0000000..a24fe20 --- /dev/null +++ b/me/index.php @@ -0,0 +1,9 @@ +<?php + +require_once $_SERVER['DOCUMENT_ROOT'] . "/private/session.php"; + +if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/private/userpics/" . $_USER . ".png")) { + die(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/userpics/" . $_USER . ".png")); +} else { + die(file_get_contents("https://www.gravatar.com/avatar/0?f=y&s=64&d=mp")); +}
\ No newline at end of file diff --git a/oauth.old/embed/index.php b/oauth.old/embed/index.php new file mode 100644 index 0000000..1a8c513 --- /dev/null +++ b/oauth.old/embed/index.php @@ -0,0 +1,45 @@ +<?php
+
+// TODO: handle errors
+$_CONFIG = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/private/FamilineConfig.json"), true);
+
+if (!isset($_GET['code'])) {
+ die();
+}
+
+$appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true);
+
+$crl = curl_init('https://account.familine.minteck.org/hub/api/rest/oauth2/token');
+curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
+curl_setopt($crl, CURLINFO_HEADER_OUT, true);
+curl_setopt($crl, CURLOPT_POST, true);
+curl_setopt($crl, CURLOPT_HTTPHEADER, [
+ "Authorization: Basic " . base64_encode($appdata["id"] . ":" . $appdata["secret"]),
+ "Content-Type: application/x-www-form-urlencoded",
+ "Accept: application/json"
+]);
+curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth/embed") . "&code=" . $_GET['code']);
+
+$result = curl_exec($crl);
+$result = json_decode($result, true);
+
+curl_close($crl);
+
+if (isset($result["access_token"])) {
+ $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/users/me');
+ curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($crl, CURLINFO_HEADER_OUT, true);
+ curl_setopt($crl, CURLOPT_HTTPHEADER, [
+ "Authorization: Bearer " . $result["access_token"],
+ "Accept: application/json"
+ ]);
+
+ $result = curl_exec($crl);
+ $result = json_decode($result, true);
+
+ $token = bin2hex(random_bytes(32));
+ file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/private/tokens/" . $token, json_encode($result));
+ setcookie("FL_SESSION_TOKEN", $token, strtotime('+365 days'), "/", "." . $_CONFIG["Global"]["domain"], true, true);
+
+ header("Location: /statusbar.php");
+}
\ No newline at end of file diff --git a/oauth.old/index.php b/oauth.old/index.php new file mode 100644 index 0000000..0cee597 --- /dev/null +++ b/oauth.old/index.php @@ -0,0 +1,45 @@ +<?php
+
+// TODO: handle errors
+$_CONFIG = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/private/FamilineConfig.json"), true);
+
+if (!isset($_GET['code'])) {
+ die();
+}
+
+$appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true);
+
+$crl = curl_init('https://account.familine.minteck.org/hub/api/rest/oauth2/token');
+curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
+curl_setopt($crl, CURLINFO_HEADER_OUT, true);
+curl_setopt($crl, CURLOPT_POST, true);
+curl_setopt($crl, CURLOPT_HTTPHEADER, [
+ "Authorization: Basic " . base64_encode($appdata["id"] . ":" . $appdata["secret"]),
+ "Content-Type: application/x-www-form-urlencoded",
+ "Accept: application/json"
+]);
+curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth") . "&code=" . $_GET['code']);
+
+$result = curl_exec($crl);
+$result = json_decode($result, true);
+
+curl_close($crl);
+
+if (isset($result["access_token"])) {
+ $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/users/me');
+ curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($crl, CURLINFO_HEADER_OUT, true);
+ curl_setopt($crl, CURLOPT_HTTPHEADER, [
+ "Authorization: Bearer " . $result["access_token"],
+ "Accept: application/json"
+ ]);
+
+ $result = curl_exec($crl);
+ $result = json_decode($result, true);
+
+ $token = bin2hex(random_bytes(32));
+ file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/private/tokens/" . $token, json_encode($result));
+ setcookie("FL_SESSION_TOKEN", $token, strtotime('+365 days'), "/", "." . $_CONFIG["Global"]["domain"], true, true);
+
+ header("Location: /");
+}
\ No newline at end of file diff --git a/oauth/embed/index.php b/oauth/embed/index.php index 1a8c513..d77be15 100644 --- a/oauth/embed/index.php +++ b/oauth/embed/index.php @@ -1,5 +1,6 @@ <?php
+header("Content-Type: text/plain");
// TODO: handle errors
$_CONFIG = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/private/FamilineConfig.json"), true);
@@ -9,7 +10,7 @@ if (!isset($_GET['code'])) { $appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true);
-$crl = curl_init('https://account.familine.minteck.org/hub/api/rest/oauth2/token');
+$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/token');
curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($crl, CURLINFO_HEADER_OUT, true);
curl_setopt($crl, CURLOPT_POST, true);
@@ -21,12 +22,13 @@ curl_setopt($crl, CURLOPT_HTTPHEADER, [ curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth/embed") . "&code=" . $_GET['code']);
$result = curl_exec($crl);
+var_dump($result);
$result = json_decode($result, true);
curl_close($crl);
if (isset($result["access_token"])) {
- $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/users/me');
+ $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/userinfo');
curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($crl, CURLINFO_HEADER_OUT, true);
curl_setopt($crl, CURLOPT_HTTPHEADER, [
@@ -35,9 +37,14 @@ if (isset($result["access_token"])) { ]);
$result = curl_exec($crl);
+ var_dump($result);
$result = json_decode($result, true);
$token = bin2hex(random_bytes(32));
+ $result["login"] = $result["preferred_username"];
+ $result["name_internal"] = $result["name"];
+ $result["name"] = $result["family_name"] . " " . $result["given_name"];
+ $result["id"] = $result["sub"];
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/private/tokens/" . $token, json_encode($result));
setcookie("FL_SESSION_TOKEN", $token, strtotime('+365 days'), "/", "." . $_CONFIG["Global"]["domain"], true, true);
diff --git a/oauth/index.php b/oauth/index.php index 0cee597..3a98390 100644 --- a/oauth/index.php +++ b/oauth/index.php @@ -1,5 +1,6 @@ <?php
+header("Content-Type: text/plain");
// TODO: handle errors
$_CONFIG = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/private/FamilineConfig.json"), true);
@@ -9,7 +10,7 @@ if (!isset($_GET['code'])) { $appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true);
-$crl = curl_init('https://account.familine.minteck.org/hub/api/rest/oauth2/token');
+$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/token');
curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($crl, CURLINFO_HEADER_OUT, true);
curl_setopt($crl, CURLOPT_POST, true);
@@ -21,12 +22,13 @@ curl_setopt($crl, CURLOPT_HTTPHEADER, [ curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth") . "&code=" . $_GET['code']);
$result = curl_exec($crl);
+var_dump($result);
$result = json_decode($result, true);
curl_close($crl);
if (isset($result["access_token"])) {
- $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/users/me');
+ $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/userinfo');
curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($crl, CURLINFO_HEADER_OUT, true);
curl_setopt($crl, CURLOPT_HTTPHEADER, [
@@ -35,9 +37,14 @@ if (isset($result["access_token"])) { ]);
$result = curl_exec($crl);
+ var_dump($result);
$result = json_decode($result, true);
$token = bin2hex(random_bytes(32));
+ $result["login"] = $result["preferred_username"];
+ $result["name_internal"] = $result["name"];
+ $result["name"] = $result["family_name"] . " " . $result["given_name"];
+ $result["id"] = $result["sub"];
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/private/tokens/" . $token, json_encode($result));
setcookie("FL_SESSION_TOKEN", $token, strtotime('+365 days'), "/", "." . $_CONFIG["Global"]["domain"], true, true);
diff --git a/private/FamilineConfig.demo.json b/private/FamilineConfig.demo.json index 2a4b026..829385e 100644 --- a/private/FamilineConfig.demo.json +++ b/private/FamilineConfig.demo.json @@ -1,7 +1,7 @@ {
"Global": {
"domain": "familine.minteck.org",
- "federation": "account.familine.minteck.org",
+ "federation": "auth.familine.minteck.org",
"support": "support@familine.minteck.org"
},
diff --git a/private/app.old.json b/private/app.old.json new file mode 100644 index 0000000..87a9b11 --- /dev/null +++ b/private/app.old.json @@ -0,0 +1,4 @@ +{
+ "id": "402a2f1c-62d0-450c-bc73-bdfb7a786ac5",
+ "secret": "ETpKfGdxxCNK"
+}
\ No newline at end of file diff --git a/statusbar.php b/statusbar.php index 7ef5a5c..40cec35 100644 --- a/statusbar.php +++ b/statusbar.php @@ -123,9 +123,9 @@ if (isset($_PROFILE["projectRoles"]) && is_array($_PROFILE["projectRoles"]) && i <span class="logo" style="display: inline-block;top: -2px;position: relative;padding: 6px 2px 7px 2px;margin: -11px 0;"><img src="https://familine.minteck.org/icns/familine-you.svg" style="width: 20px;vertical-align: middle;"></span></a>
</span>
<div id="user">
- <a title="Mon compte" href="https://account.familine.minteck.org/hub/users/me" target="_parent"><span class="account" style="display: inline-block;top: 0;position: relative;padding: 8px 7px 7px 7px;margin: -11px 0;">
+ <a title="Mon compte" href="https://auth.familine.minteck.org/auth/realms/Familine/account" target="_parent"><span class="account" style="display: inline-block;top: 0;position: relative;padding: 8px 7px 7px 7px;margin: -11px 0;">
<span id="user-name" style="position: relative;margin-left:5px;top: 2.5px;right: 5px;"><?= $_FULLNAME ?></span>
- <img src="https://account.familine.minteck.org/hub/api/rest/avatar/<?= $_PROFILE['id'] ?>" alt="" style="width:24px;border-radius:999px;vertical-align: middle;position:relative;top: 2px;">
+ <img src="https://familine.minteck.org/me" alt="" style="width:24px;border-radius:999px;vertical-align: middle;position:relative;top: 2px;">
</span></a>
</div>
</div>
diff --git a/test/cookie/index.php b/test/cookie/index.php new file mode 100644 index 0000000..7a11bf1 --- /dev/null +++ b/test/cookie/index.php @@ -0,0 +1,6 @@ +<?php + +setcookie("_flmobile_test", "This is a test value", 0, "/", ".familine.minteck.org", true, true); + +?> +Cookie set, click the Button button now. diff --git a/test/index.html b/test/index.html new file mode 100644 index 0000000..36c09f1 --- /dev/null +++ b/test/index.html @@ -0,0 +1,12 @@ +<!DOCTYPE html> +<html lang="en"> +<head> + <meta charset="UTF-8"> + <title>Title</title> +</head> +<body> + <form action="/test/cookie"> + <input type="submit" value="Click to test"> + </form> +</body> +</html>
\ No newline at end of file diff --git a/test/value/index.php b/test/value/index.php new file mode 100644 index 0000000..3e9ef74 --- /dev/null +++ b/test/value/index.php @@ -0,0 +1,7 @@ +<?php + +if (isset($_COOKIE["_flmobile_test"])) { + header("Location: /test/value/yes"); +} else { + header("Location: /test/value/no"); +}
\ No newline at end of file diff --git a/test/value/no/index.html b/test/value/no/index.html new file mode 100644 index 0000000..36c09f1 --- /dev/null +++ b/test/value/no/index.html @@ -0,0 +1,12 @@ +<!DOCTYPE html> +<html lang="en"> +<head> + <meta charset="UTF-8"> + <title>Title</title> +</head> +<body> + <form action="/test/cookie"> + <input type="submit" value="Click to test"> + </form> +</body> +</html>
\ No newline at end of file diff --git a/test/value/yes/index.html b/test/value/yes/index.html new file mode 100644 index 0000000..36c09f1 --- /dev/null +++ b/test/value/yes/index.html @@ -0,0 +1,12 @@ +<!DOCTYPE html> +<html lang="en"> +<head> + <meta charset="UTF-8"> + <title>Title</title> +</head> +<body> + <form action="/test/cookie"> + <input type="submit" value="Click to test"> + </form> +</body> +</html>
\ No newline at end of file |