From bc8f3b7fa9f3a94245fe3bef11e41954817fe075 Mon Sep 17 00:00:00 2001 From: Minteck Date: Sat, 4 Jun 2022 14:51:59 +0200 Subject: Update --- app/session/oauth/embed/index.php | 9 +++------ app/session/oauth/index.php | 24 +++++++++++++----------- 2 files changed, 16 insertions(+), 17 deletions(-) (limited to 'app/session/oauth') diff --git a/app/session/oauth/embed/index.php b/app/session/oauth/embed/index.php index ff47ef0..a4f77e6 100644 --- a/app/session/oauth/embed/index.php +++ b/app/session/oauth/embed/index.php @@ -10,7 +10,7 @@ if (!isset($_GET['code'])) { $appdata = json_decode(file_get_contents("/mnt/familine/private/app.json"), true); -$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/token'); +$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/oauth2/token'); curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); curl_setopt($crl, CURLINFO_HEADER_OUT, true); curl_setopt($crl, CURLOPT_POST, true); @@ -21,6 +21,7 @@ curl_setopt($crl, CURLOPT_HTTPHEADER, [ ]); curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://session." . $_CONFIG["Global"]["domain"] . "/oauth/embed") . "&code=" . $_GET['code']); +var_dump("grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth/embed") . "&code=" . $_GET['code']); $result = curl_exec($crl); var_dump($result); $result = json_decode($result, true); @@ -28,7 +29,7 @@ $result = json_decode($result, true); curl_close($crl); if (isset($result["access_token"])) { - $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/userinfo'); + $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/users/me'); curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); curl_setopt($crl, CURLINFO_HEADER_OUT, true); curl_setopt($crl, CURLOPT_HTTPHEADER, [ @@ -41,10 +42,6 @@ if (isset($result["access_token"])) { $result = json_decode($result, true); $token = bin2hex(random_bytes(32)); - $result["login"] = $result["preferred_username"]; - $result["name_internal"] = $result["name"]; - $result["name"] = $result["family_name"] . " " . $result["given_name"]; - $result["id"] = $result["sub"]; file_put_contents("/mnt/familine/private/tokens/" . $token, json_encode($result)); setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["cdn"], true, true); diff --git a/app/session/oauth/index.php b/app/session/oauth/index.php index 0a6ce71..4a36e39 100644 --- a/app/session/oauth/index.php +++ b/app/session/oauth/index.php @@ -10,7 +10,7 @@ if (!isset($_GET['code'])) { $appdata = json_decode(file_get_contents("/mnt/familine/private/app.json"), true); -$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/token'); +$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/oauth2/token'); curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); curl_setopt($crl, CURLINFO_HEADER_OUT, true); curl_setopt($crl, CURLOPT_POST, true); @@ -19,9 +19,9 @@ curl_setopt($crl, CURLOPT_HTTPHEADER, [ "Content-Type: application/x-www-form-urlencoded", "Accept: application/json" ]); -curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://session." . $_CONFIG["Global"]["domain"] . "/oauth/?r=" . $_GET['r']) . "&code=" . $_GET['code']); +curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://session." . $_CONFIG["Global"]["domain"] . "/oauth") . "&code=" . $_GET['code']); -var_dump("grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth/?r=" . $_GET['r']) . "&code=" . $_GET['code']); +var_dump("grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth") . "&code=" . $_GET['code']); $result = curl_exec($crl); var_dump($result); $result = json_decode($result, true); @@ -29,7 +29,7 @@ $result = json_decode($result, true); curl_close($crl); if (isset($result["access_token"])) { - $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/userinfo'); + $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/hub/api/rest/users/me'); curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); curl_setopt($crl, CURLINFO_HEADER_OUT, true); curl_setopt($crl, CURLOPT_HTTPHEADER, [ @@ -42,12 +42,14 @@ if (isset($result["access_token"])) { $result = json_decode($result, true); $token = bin2hex(random_bytes(32)); - $result["login"] = $result["preferred_username"]; - $result["name_internal"] = $result["name"]; - $result["name"] = $result["family_name"] . " " . $result["given_name"]; - $result["id"] = $result["sub"]; file_put_contents("/mnt/familine/private/tokens/" . $token, json_encode($result)); - setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["cdn"], true, true); - - header("Location: https://auth.familine.minteck.org/auth/realms/Familine/X-Familine-PersistentSession/?r=" . urlencode($_GET['r'])); + setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["domain"], true, true); + + if (isset($_COOKIE["_auth_callback"])) { + header("Location: " . $_COOKIE['_auth_callback']); + die(); + } else { + header("Location: https://app." . $_CONFIG["Global"]["domain"]); + die(); + } } \ No newline at end of file -- cgit