Update

4 files changed, 19 insertions, 19 deletions

diff --git a/app/session/login/embed/index.php b/app/session/login/embed/index.php
index a27ed39..8ea9020 100644
--- a/app/session/login/embed/index.php
+++ b/app/session/login/embed/index.php
@@ -2,5 +2,5 @@
 
 $_CONFIG = json_decode(file_get_contents("/mnt/familine/private/FamilineConfig.json"), true);
 
-header("Location: https://" . $_CONFIG["Global"]["federation"] . "/auth/realms/Familine/protocol/openid-connect/auth?client_id=" . json_decode(file_get_contents("/mnt/familine/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://session." . $_CONFIG["Global"]["domain"] . "/oauth/embed&scope=profile&request_credentials=default&access_type=offline");
+header("Location: https://" . $_CONFIG["Global"]["federation"] . "/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents("/mnt/familine/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://session." . $_CONFIG["Global"]["domain"] . "/oauth/embed&scope=Hub&request_credentials=default&access_type=offline");
 die();
diff --git a/app/session/login/index.php b/app/session/login/index.php
index 05c3dc3..0e607d1 100644
--- a/app/session/login/index.php
+++ b/app/session/login/index.php
@@ -1,6 +1,7 @@
 <?php
 
 $_CONFIG = json_decode(file_get_contents("/mnt/familine/private/FamilineConfig.json"), true);
+setcookie("_auth_callback", $_GET['r'], 0, "/");
 
-header("Location: https://" . $_CONFIG["Global"]["federation"] . "/auth/realms/Familine/protocol/openid-connect/auth?client_id=" . json_decode(file_get_contents("/mnt/familine/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://session." . $_CONFIG["Global"]["domain"] . "/oauth/?r=" . urlencode($_GET['r']) . "&scope=profile&request_credentials=default&access_type=offline");
+header("Location: https://" . $_CONFIG["Global"]["federation"] . "/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents("/mnt/familine/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://session." . $_CONFIG["Global"]["domain"] . "/oauth&scope=Hub&request_credentials=default&access_type=offline");
 die();
diff --git a/app/session/oauth/embed/index.php b/app/session/oauth/embed/index.php
index ff47ef0..a4f77e6 100644
--- a/app/session/oauth/embed/index.php
+++ b/app/session/oauth/embed/index.php
@@ -10,7 +10,7 @@ if (!isset($_GET['code'])) {
 

 $appdata = json_decode(file_get_contents("/mnt/familine/private/app.json"), true);

 

-$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/token');

+$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/oauth2/token');

 curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);

 curl_setopt($crl, CURLINFO_HEADER_OUT, true);

 curl_setopt($crl, CURLOPT_POST, true);

@@ -21,6 +21,7 @@ curl_setopt($crl, CURLOPT_HTTPHEADER, [
 ]);

 curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://session." . $_CONFIG["Global"]["domain"] . "/oauth/embed") . "&code=" . $_GET['code']);

 

+var_dump("grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth/embed") . "&code=" . $_GET['code']);

 $result = curl_exec($crl);

 var_dump($result);

 $result = json_decode($result, true);

@@ -28,7 +29,7 @@ $result = json_decode($result, true);
 curl_close($crl);

 

 if (isset($result["access_token"])) {

-    $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/userinfo');

+    $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/users/me');

     curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);

     curl_setopt($crl, CURLINFO_HEADER_OUT, true);

     curl_setopt($crl, CURLOPT_HTTPHEADER, [

@@ -41,10 +42,6 @@ if (isset($result["access_token"])) {
     $result = json_decode($result, true);

 

     $token = bin2hex(random_bytes(32));

-    $result["login"] = $result["preferred_username"];

-    $result["name_internal"] = $result["name"];

-    $result["name"] = $result["family_name"] . " " . $result["given_name"];

-    $result["id"] = $result["sub"];

     file_put_contents("/mnt/familine/private/tokens/" . $token, json_encode($result));

     setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["cdn"], true, true);

 

diff --git a/app/session/oauth/index.php b/app/session/oauth/index.php
index 0a6ce71..4a36e39 100644
--- a/app/session/oauth/index.php
+++ b/app/session/oauth/index.php
@@ -10,7 +10,7 @@ if (!isset($_GET['code'])) {
 

 $appdata = json_decode(file_get_contents("/mnt/familine/private/app.json"), true);

 

-$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/token');

+$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/oauth2/token');

 curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);

 curl_setopt($crl, CURLINFO_HEADER_OUT, true);

 curl_setopt($crl, CURLOPT_POST, true);

@@ -19,9 +19,9 @@ curl_setopt($crl, CURLOPT_HTTPHEADER, [
     "Content-Type: application/x-www-form-urlencoded",

     "Accept: application/json"

 ]);

-curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://session." . $_CONFIG["Global"]["domain"] . "/oauth/?r=" . $_GET['r']) . "&code=" . $_GET['code']);

+curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://session." . $_CONFIG["Global"]["domain"] . "/oauth") . "&code=" . $_GET['code']);

 

-var_dump("grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth/?r=" . $_GET['r']) . "&code=" . $_GET['code']);

+var_dump("grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth") . "&code=" . $_GET['code']);

 $result = curl_exec($crl);

 var_dump($result);

 $result = json_decode($result, true);

@@ -29,7 +29,7 @@ $result = json_decode($result, true);
 curl_close($crl);

 

 if (isset($result["access_token"])) {

-    $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/userinfo');

+    $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/users/me');

     curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);

     curl_setopt($crl, CURLINFO_HEADER_OUT, true);

     curl_setopt($crl, CURLOPT_HTTPHEADER, [

@@ -42,12 +42,14 @@ if (isset($result["access_token"])) {
     $result = json_decode($result, true);

 

     $token = bin2hex(random_bytes(32));

-    $result["login"] = $result["preferred_username"];

-    $result["name_internal"] = $result["name"];

-    $result["name"] = $result["family_name"] . " " . $result["given_name"];

-    $result["id"] = $result["sub"];

     file_put_contents("/mnt/familine/private/tokens/" . $token, json_encode($result));

-    setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["cdn"], true, true);

-

-    header("Location: https://auth.familine.minteck.org/auth/realms/Familine/X-Familine-PersistentSession/?r=" . urlencode($_GET['r']));

+    setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["domain"], true, true);

+

+    if (isset($_COOKIE["_auth_callback"])) {

+        header("Location: " . $_COOKIE['_auth_callback']);

+        die();

+    } else {

+        header("Location: https://app." . $_CONFIG["Global"]["domain"]);

+        die();

+    }

 }
\ No newline at end of file