diff options
Diffstat (limited to 'oauth')
| -rw-r--r-- | oauth/.DS_Store | bin | 0 -> 6148 bytes | |||
| -rw-r--r-- | oauth/callback-native/index.php | 50 | ||||
| -rw-r--r-- | oauth/callback/index.php | 51 | ||||
| -rw-r--r-- | oauth/index.php | 1 | ||||
| -rw-r--r-- | oauth/init/index.php | 7 | ||||
| -rw-r--r-- | oauth/native/index.php | 7 | ||||
| -rw-r--r-- | oauth/needs-native/index.php | 26 |
7 files changed, 142 insertions, 0 deletions
diff --git a/oauth/.DS_Store b/oauth/.DS_Store Binary files differnew file mode 100644 index 0000000..f3ee465 --- /dev/null +++ b/oauth/.DS_Store diff --git a/oauth/callback-native/index.php b/oauth/callback-native/index.php new file mode 100644 index 0000000..ea9993b --- /dev/null +++ b/oauth/callback-native/index.php @@ -0,0 +1,50 @@ +<?php + +$app = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/app.json"), true); +$server = "account.equestria.dev"; + +header("Content-Type: text/plain"); + +if (!isset($_GET['code'])) { + die(); +} + +$crl = curl_init('https://' . $server . '/hub/api/rest/oauth2/token'); +curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); +curl_setopt($crl, CURLINFO_HEADER_OUT, true); +curl_setopt($crl, CURLOPT_POST, true); +curl_setopt($crl, CURLOPT_HTTPHEADER, [ + "Authorization: Basic " . base64_encode($app["id"] . ":" . $app["secret"]), + "Content-Type: application/x-www-form-urlencoded", + "Accept: application/json" +]); +curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode(($_SERVER['SERVER_PORT'] === "8043" ? "http://localhost:8043" : "https://wavy.equestria.horse") . "/oauth/callback-native") . "&code=" . $_GET['code']); + +$result = curl_exec($crl); +$result = json_decode($result, true); + +curl_close($crl); + +if (isset($result["access_token"])) { + $crl = curl_init('https://' . $server . '/hub/api/rest/users/me'); + curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); + curl_setopt($crl, CURLINFO_HEADER_OUT, true); + curl_setopt($crl, CURLOPT_HTTPHEADER, [ + "Authorization: Bearer " . $result["access_token"], + "Accept: application/json" + ]); + + $result = $result_orig = curl_exec($crl); + $result = json_decode($result, true); + + if (!in_array($result["id"], $app["allowed"])) { + die(); + } + + if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"); + + $token = "wv_" . bin2hex(random_bytes(64)); + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, $result_orig); + header("Location: http://127.0.0.1:12981/?token=$token"); + die(); +} diff --git a/oauth/callback/index.php b/oauth/callback/index.php new file mode 100644 index 0000000..e879990 --- /dev/null +++ b/oauth/callback/index.php @@ -0,0 +1,51 @@ +<?php + +$app = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/app.json"), true); +$server = "account.equestria.dev"; + +header("Content-Type: text/plain"); + +if (!isset($_GET['code'])) { + die(); +} + +$crl = curl_init('https://' . $server . '/hub/api/rest/oauth2/token'); +curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); +curl_setopt($crl, CURLINFO_HEADER_OUT, true); +curl_setopt($crl, CURLOPT_POST, true); +curl_setopt($crl, CURLOPT_HTTPHEADER, [ + "Authorization: Basic " . base64_encode($app["id"] . ":" . $app["secret"]), + "Content-Type: application/x-www-form-urlencoded", + "Accept: application/json" +]); +curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode(($_SERVER['SERVER_PORT'] === "8043" ? "http://localhost:8043" : "https://wavy.equestria.horse") . "/oauth/callback") . "&code=" . $_GET['code']); + +$result = curl_exec($crl); +$result = json_decode($result, true); + +curl_close($crl); + +if (isset($result["access_token"])) { + $crl = curl_init('https://' . $server . '/hub/api/rest/users/me'); + curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); + curl_setopt($crl, CURLINFO_HEADER_OUT, true); + curl_setopt($crl, CURLOPT_HTTPHEADER, [ + "Authorization: Bearer " . $result["access_token"], + "Accept: application/json" + ]); + + $result = $result_orig = curl_exec($crl); + $result = json_decode($result, true); + + if (!in_array($result["id"], $app["allowed"])) { + die(); + } + + if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"); + + $token = "wv_" . bin2hex(random_bytes(64)); + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, $result_orig); + header("Set-Cookie: WAVY_SESSION_TOKEN=" . $token . "; SameSite=None; Path=/; Secure; HttpOnly; Expires=" . date("r", time() + (86400 * 730))); + header("Location: /"); + die(); +} diff --git a/oauth/index.php b/oauth/index.php new file mode 100644 index 0000000..e381cbd --- /dev/null +++ b/oauth/index.php @@ -0,0 +1 @@ +<?php header("Location: /oauth/init/") and die();
\ No newline at end of file diff --git a/oauth/init/index.php b/oauth/init/index.php new file mode 100644 index 0000000..9a3ab52 --- /dev/null +++ b/oauth/init/index.php @@ -0,0 +1,7 @@ +<?php + +$app = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/app.json"), true); +$server = "account.equestria.dev"; + +header("Location: https://$server/hub/api/rest/oauth2/auth?client_id=" . $app["id"] . "&response_type=code&redirect_uri=" . ($_SERVER['SERVER_PORT'] === "8043" ? "http://localhost:8043" : "https://wavy.equestria.horse") . "/oauth/callback&scope=Hub&request_credentials=default&access_type=offline"); +die(); diff --git a/oauth/native/index.php b/oauth/native/index.php new file mode 100644 index 0000000..bec74e2 --- /dev/null +++ b/oauth/native/index.php @@ -0,0 +1,7 @@ +<?php + +$app = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/app.json"), true); +$server = "account.equestria.dev"; + +header("Location: https://$server/hub/api/rest/oauth2/auth?client_id=" . $app["id"] . "&response_type=code&redirect_uri=" . ($_SERVER['SERVER_PORT'] === "8043" ? "http://localhost:8043" : "https://wavy.equestria.horse") . "/oauth/callback-native&scope=Hub&request_credentials=required&access_type=offline"); +die(); diff --git a/oauth/needs-native/index.php b/oauth/needs-native/index.php new file mode 100644 index 0000000..0de2bce --- /dev/null +++ b/oauth/needs-native/index.php @@ -0,0 +1,26 @@ +<!doctype html> +<html lang="en"> +<head> + <meta charset="UTF-8"> + <meta name="viewport" + content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> + <meta http-equiv="X-UA-Compatible" content="ie=edge"> + <title>Mist</title> + <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet"> + <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script> +</head> +<body> + <div class="container"> + <br> + <h2>Log in required</h2> + <p>Please use the tab opened in your default browser to log into Mist. This page will refresh automatically after you log in.</p> + <a onclick="MistNative.auth();" href="#">Having trouble?</a> + </div> + + <script> + window.onload = () => { + MistNative.auth(); + } + </script> +</body> +</html>
\ No newline at end of file |