diff options
Diffstat (limited to 'oauth')
| -rw-r--r-- | oauth/.DS_Store | bin | 6148 -> 6148 bytes | |||
| -rw-r--r-- | oauth/callback-native/index.php | 6 | ||||
| -rw-r--r-- | oauth/callback/index.php | 4 |
3 files changed, 4 insertions, 6 deletions
diff --git a/oauth/.DS_Store b/oauth/.DS_Store Binary files differindex d23a8fa..053721e 100644 --- a/oauth/.DS_Store +++ b/oauth/.DS_Store diff --git a/oauth/callback-native/index.php b/oauth/callback-native/index.php index 5095734..c6a1327 100644 --- a/oauth/callback-native/index.php +++ b/oauth/callback-native/index.php @@ -1,5 +1,6 @@ <?php +var_dump("START"); header("X-Frame-Options: DENY"); $app = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/app.json"), true); $server = "account.equestria.dev"; @@ -38,9 +39,7 @@ if (isset($result["access_token"])) { $result = $result_orig = curl_exec($crl); $result = json_decode($result, true); - $isAllowed = in_array("5fe2cdf1-cff8-470e-a54a-ad1c713b0387", array_map(function ($i) { return $i["id"]; }, $result["transitiveGroups"])); - - if (!$isAllowed) { + if (!in_array($result["id"], $app["allowed"])) { header("HTTP/1.1 403 Forbidden"); die("Not allowed to log in to this application. This will be reported."); } @@ -48,6 +47,7 @@ if (isset($result["access_token"])) { if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"); $token = "wv_" . bin2hex(random_bytes(64)); + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, $result_orig); header("Location: http://127.0.0.1:12981/?token=$token"); die(); diff --git a/oauth/callback/index.php b/oauth/callback/index.php index f57e124..bbb3322 100644 --- a/oauth/callback/index.php +++ b/oauth/callback/index.php @@ -38,9 +38,7 @@ if (isset($result["access_token"])) { $result = $result_orig = curl_exec($crl); $result = json_decode($result, true); - $isAllowed = in_array("5fe2cdf1-cff8-470e-a54a-ad1c713b0387", array_map(function ($i) { return $i["id"]; }, $result["transitiveGroups"])); - - if (!$isAllowed) { + if (!in_array($result["id"], $app["allowed"])) { header("HTTP/1.1 403 Forbidden"); die("Not allowed to log in to this application. This will be reported."); } |