Commit

1 files changed, 0 insertions, 77 deletions

diff --git a/oauth/index.php b/oauth/index.php
deleted file mode 100644
index b78759a..0000000
--- a/oauth/index.php
+++ /dev/null
@@ -1,77 +0,0 @@
-<?php

-/*

- * MIT License

- *

- * Copyright (c) 2022- Minteck

- *

- * Permission is hereby granted, free of charge, to any person obtaining a copy

- * of this software and associated documentation files (the "Software"), to deal

- * in the Software without restriction, including without limitation the rights

- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell

- * copies of the Software, and to permit persons to whom the Software is

- * furnished to do so, subject to the following conditions:

- *

- * The above copyright notice and this permission notice shall be included in all

- * copies or substantial portions of the Software.

- *

- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,

- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE

- * SOFTWARE.

- *

- */

-

-header("Content-Type: text/plain");

-// TODO: handle errors

-$_CONFIG = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/private/FamilineConfig.json"), true);

-

-if (!isset($_GET['code'])) {

-    die();

-}

-

-$appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true);

-

-$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/token');

-curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);

-curl_setopt($crl, CURLINFO_HEADER_OUT, true);

-curl_setopt($crl, CURLOPT_POST, true);

-curl_setopt($crl, CURLOPT_HTTPHEADER, [

-    "Authorization: Basic " . base64_encode($appdata["id"] . ":" . $appdata["secret"]),

-    "Content-Type: application/x-www-form-urlencoded",

-    "Accept: application/json"

-]);

-curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth/?r=" . $_GET['r']) . "&code=" . $_GET['code']);

-

-var_dump("grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth/?r=" . $_GET['r']) . "&code=" . $_GET['code']);

-$result = curl_exec($crl);

-var_dump($result);

-$result = json_decode($result, true);

-

-curl_close($crl);

-

-if (isset($result["access_token"])) {

-    $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/userinfo');

-    curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);

-    curl_setopt($crl, CURLINFO_HEADER_OUT, true);

-    curl_setopt($crl, CURLOPT_HTTPHEADER, [

-        "Authorization: Bearer " . $result["access_token"],

-        "Accept: application/json"

-    ]);

-

-    $result = curl_exec($crl);

-    var_dump($result);

-    $result = json_decode($result, true);

-

-    $token = bin2hex(random_bytes(32));

-    $result["login"] = $result["preferred_username"];

-    $result["name_internal"] = $result["name"];

-    $result["name"] = $result["family_name"] . " " . $result["given_name"];

-    $result["id"] = $result["sub"];

-    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/private/tokens/" . $token, json_encode($result));

-    setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["domain"], true, true);

-

-    header("Location: https://auth.familine.minteck.org/auth/realms/Familine/X-Familine-PersistentSession/?r=" . urlencode($_GET['r']));

-}
\ No newline at end of file