aboutsummaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/session/login/embed/index.php6
-rw-r--r--app/session/login/index.php7
-rw-r--r--app/session/oauth/embed/index.php49
-rw-r--r--app/session/oauth/index.php55
4 files changed, 0 insertions, 117 deletions
diff --git a/app/session/login/embed/index.php b/app/session/login/embed/index.php
deleted file mode 100644
index 8ea9020..0000000
--- a/app/session/login/embed/index.php
+++ /dev/null
@@ -1,6 +0,0 @@
-<?php
-
-$_CONFIG = json_decode(file_get_contents("/mnt/familine/private/FamilineConfig.json"), true);
-
-header("Location: https://" . $_CONFIG["Global"]["federation"] . "/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents("/mnt/familine/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://session." . $_CONFIG["Global"]["domain"] . "/oauth/embed&scope=Hub&request_credentials=default&access_type=offline");
-die();
diff --git a/app/session/login/index.php b/app/session/login/index.php
deleted file mode 100644
index 0e607d1..0000000
--- a/app/session/login/index.php
+++ /dev/null
@@ -1,7 +0,0 @@
-<?php
-
-$_CONFIG = json_decode(file_get_contents("/mnt/familine/private/FamilineConfig.json"), true);
-setcookie("_auth_callback", $_GET['r'], 0, "/");
-
-header("Location: https://" . $_CONFIG["Global"]["federation"] . "/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents("/mnt/familine/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://session." . $_CONFIG["Global"]["domain"] . "/oauth&scope=Hub&request_credentials=default&access_type=offline");
-die();
diff --git a/app/session/oauth/embed/index.php b/app/session/oauth/embed/index.php
deleted file mode 100644
index a4f77e6..0000000
--- a/app/session/oauth/embed/index.php
+++ /dev/null
@@ -1,49 +0,0 @@
-<?php
-
-header("Content-Type: text/plain");
-// TODO: handle errors
-$_CONFIG = json_decode(file_get_contents("/mnt/familine/private/FamilineConfig.json"), true);
-
-if (!isset($_GET['code'])) {
- die();
-}
-
-$appdata = json_decode(file_get_contents("/mnt/familine/private/app.json"), true);
-
-$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/oauth2/token');
-curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
-curl_setopt($crl, CURLINFO_HEADER_OUT, true);
-curl_setopt($crl, CURLOPT_POST, true);
-curl_setopt($crl, CURLOPT_HTTPHEADER, [
- "Authorization: Basic " . base64_encode($appdata["id"] . ":" . $appdata["secret"]),
- "Content-Type: application/x-www-form-urlencoded",
- "Accept: application/json"
-]);
-curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://session." . $_CONFIG["Global"]["domain"] . "/oauth/embed") . "&code=" . $_GET['code']);
-
-var_dump("grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth/embed") . "&code=" . $_GET['code']);
-$result = curl_exec($crl);
-var_dump($result);
-$result = json_decode($result, true);
-
-curl_close($crl);
-
-if (isset($result["access_token"])) {
- $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/users/me');
- curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($crl, CURLINFO_HEADER_OUT, true);
- curl_setopt($crl, CURLOPT_HTTPHEADER, [
- "Authorization: Bearer " . $result["access_token"],
- "Accept: application/json"
- ]);
-
- $result = curl_exec($crl);
- var_dump($result);
- $result = json_decode($result, true);
-
- $token = bin2hex(random_bytes(32));
- file_put_contents("/mnt/familine/private/tokens/" . $token, json_encode($result));
- setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["cdn"], true, true);
-
- header("Location: /statusbar.php");
-} \ No newline at end of file
diff --git a/app/session/oauth/index.php b/app/session/oauth/index.php
deleted file mode 100644
index 4a36e39..0000000
--- a/app/session/oauth/index.php
+++ /dev/null
@@ -1,55 +0,0 @@
-<?php
-
-header("Content-Type: text/plain");
-// TODO: handle errors
-$_CONFIG = json_decode(file_get_contents("/mnt/familine/private/FamilineConfig.json"), true);
-
-if (!isset($_GET['code'])) {
- die();
-}
-
-$appdata = json_decode(file_get_contents("/mnt/familine/private/app.json"), true);
-
-$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/oauth2/token');
-curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
-curl_setopt($crl, CURLINFO_HEADER_OUT, true);
-curl_setopt($crl, CURLOPT_POST, true);
-curl_setopt($crl, CURLOPT_HTTPHEADER, [
- "Authorization: Basic " . base64_encode($appdata["id"] . ":" . $appdata["secret"]),
- "Content-Type: application/x-www-form-urlencoded",
- "Accept: application/json"
-]);
-curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://session." . $_CONFIG["Global"]["domain"] . "/oauth") . "&code=" . $_GET['code']);
-
-var_dump("grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth") . "&code=" . $_GET['code']);
-$result = curl_exec($crl);
-var_dump($result);
-$result = json_decode($result, true);
-
-curl_close($crl);
-
-if (isset($result["access_token"])) {
- $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/users/me');
- curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($crl, CURLINFO_HEADER_OUT, true);
- curl_setopt($crl, CURLOPT_HTTPHEADER, [
- "Authorization: Bearer " . $result["access_token"],
- "Accept: application/json"
- ]);
-
- $result = curl_exec($crl);
- var_dump($result);
- $result = json_decode($result, true);
-
- $token = bin2hex(random_bytes(32));
- file_put_contents("/mnt/familine/private/tokens/" . $token, json_encode($result));
- setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["domain"], true, true);
-
- if (isset($_COOKIE["_auth_callback"])) {
- header("Location: " . $_COOKIE['_auth_callback']);
- die();
- } else {
- header("Location: https://app." . $_CONFIG["Global"]["domain"]);
- die();
- }
-} \ No newline at end of file
© Floofi Systems, Some rights reserved. Powered by cgit.