1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
<?php
if (!isset($_GET['code'])) {
throw new ErrorException("GitHub OAuth Flow interrupted", 214, E_ERROR);
}
$data = array(
'client_id' => json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/credentials.json"), true)["id"],
'client_secret' => json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/credentials.json"), true)["secret"],
'code' => $_GET['code']
);
$post_data = json_encode($data);
$crl = curl_init('https://github.com/login/oauth/access_token');
curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($crl, CURLINFO_HEADER_OUT, true);
curl_setopt($crl, CURLOPT_POST, true);
curl_setopt($crl, CURLOPT_POSTFIELDS, $post_data);
curl_setopt($crl, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
"Accept: application/json"
));
$result = curl_exec($crl);
if ($result === false) {
throw new ErrorException("GitHub OAuth Flow interrupted", 214, E_ERROR);
}
curl_close($crl);
$data = json_decode($result, true);
$crl = curl_init('https://api.github.com/user');
curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($crl, CURLINFO_HEADER_OUT, true);
curl_setopt($crl, CURLOPT_POST, false);
curl_setopt($crl, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
"Accept: application/json",
"Authorization: token " . $data["access_token"],
"User-Agent: UnchainedTech-Admin/0.0.0 (nekostarfan@gmail.com)"
));
$result = curl_exec($crl);
$ndata = json_decode($result, true);
if (!in_array($ndata["login"], json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/authorized.json"), true))) {
header("Location: /admin/denied");
die();
}
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/tokens/" . $data["access_token"], $ndata["login"]);
setcookie("ADMIN_TOKEN", $data["access_token"], 0, "/", ".minteck.ro.lt", true, true);
header("Location: /admin");
die();
|
