From 088531a620e8dac2d68e51ea75a8962c4261e897 Mon Sep 17 00:00:00 2001 From: flashwave Date: Wed, 6 Jul 2022 17:11:49 +0000 Subject: [PATCH] Switched to SharpChat authentication instead of hooking into the Misuzu database. --- config.example.ini | 8 +--- src/Auth/MisuzuAuth.php | 86 +++++++++++++++++++---------------------- src/DB.php | 20 ---------- 3 files changed, 41 insertions(+), 73 deletions(-) delete mode 100644 src/DB.php diff --git a/config.example.ini b/config.example.ini index fc1fa88..b83e080 100644 --- a/config.example.ini +++ b/config.example.ini @@ -1,8 +1,3 @@ -[PDO] -dsn = https://www.php.net/manual/en/ref.pdo-mysql.connection.php -username = mariadb username -password = mariadb password - [Database] dsn = "mariadb://user:password@:unix:/eeprom?socket=/var/run/mysqld/mysqld.sock&charset=utf8mb4&init=SET SESSION time_zone = '+00:00', sql_mode = 'STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'" @@ -12,7 +7,8 @@ clients[] = \EEPROM\Auth\MisuzuAuth clients[] = \EEPROM\Auth\SockChatAuth [Misuzu] -config = /path/to/misuzu/config.ini +secret = woomy +endpoint = https://flashii.net/_sockchat/verify [Nabucco] secret = secret key diff --git a/src/Auth/MisuzuAuth.php b/src/Auth/MisuzuAuth.php index 2658a7f..619bef0 100644 --- a/src/Auth/MisuzuAuth.php +++ b/src/Auth/MisuzuAuth.php @@ -2,65 +2,57 @@ namespace EEPROM\Auth; use EEPROM\Config; -use EEPROM\DB; -use PDO; -use PDOException; use Index\Serialisation\Serialiser; class MisuzuAuth implements AuthInterface { - private static $database = null; + private $endPoint = ''; + private $secretKey = ''; - public function getDatabase(): PDO { - if(self::$database !== null) - return self::$database; - - $configPath = Config::get('Misuzu', 'config', ''); - - if(!is_file($configPath)) - throw new \Exception('Cannot find Misuzu configuration.'); - - $config = parse_ini_file($configPath, true)['Database']; - $dsn = ($config['driver'] ?? 'mysql') . ':'; - - foreach($config as $key => $value) { - if($key === 'driver' || $key === 'username' || $key === 'password') - continue; - if($key === 'database') - $key = 'dbname'; - - $dsn .= $key . '=' . $value . ';'; - } - - try { - self::$database = new PDO($dsn, $config['username'], $config['password'], DB::FLAGS); - } catch(PDOException $ex) { - throw new \Exception('Unable to connect to Misuzu database.'); - } - - return self::$database; + public function __construct() { + $this->endPoint = Config::get('Misuzu', 'endpoint', ''); + $this->secretKey = Config::get('Misuzu', 'secret', ''); } public function getName(): string { return 'Misuzu'; } public function verifyToken(string $token): int { - $packed = Serialiser::uriBase64()->deserialise($token, true); - $packed = str_pad($packed, 37, "\x00"); + $packed = str_pad(Serialiser::uriBase64()->deserialise($token, true), 37, "\x00"); $unpacked = unpack('Cversion/Nuser/H64token', $packed); - if($unpacked['version'] !== 1) - return -1; + if(isset($unpacked['version']) && $unpacked['version'] === 1 + && isset($unpacked['user']) && $unpacked['user'] > 0) { + $loginRequest = [ + 'user_id' => $unpacked['user'], + 'token' => 'SESS:' . $token, + 'ip' => $_SERVER['REMOTE_ADDR'], + ]; + $loginSignature = hash_hmac('sha256', implode('#', $loginRequest), $this->secretKey); + $login = curl_init($this->endPoint); + curl_setopt_array($login, [ + CURLOPT_AUTOREFERER => false, + CURLOPT_FAILONERROR => false, + CURLOPT_FOLLOWLOCATION => true, + CURLOPT_HEADER => false, + CURLOPT_POST => true, + CURLOPT_POSTFIELDS => json_encode($loginRequest), + CURLOPT_RETURNTRANSFER => true, + CURLOPT_TCP_FASTOPEN => true, + CURLOPT_CONNECTTIMEOUT => 2, + CURLOPT_MAXREDIRS => 2, + CURLOPT_PROTOCOLS => CURLPROTO_HTTPS, + CURLOPT_TIMEOUT => 5, + CURLOPT_USERAGENT => 'mc.flashii.net', + CURLOPT_HTTPHEADER => [ + 'Content-Type: application/json', + 'X-SharpChat-Signature: ' . $loginSignature, + ], + ]); + $userInfo = json_decode(curl_exec($login)); + curl_close($login); - $getUserId = $this->getDatabase()->prepare(' - SELECT `user_id` - FROM `msz_sessions` - WHERE `user_id` = :user - AND `session_key` = :token - AND `session_expires` > NOW() - '); - $getUserId->bindValue('user', $unpacked['user']); - $getUserId->bindValue('token', $unpacked['token']); - $getUserId->execute(); + return $userInfo->user_id; + } - return (int)$getUserId->fetchColumn(); + return 0; } } diff --git a/src/DB.php b/src/DB.php deleted file mode 100644 index 28ba203..0000000 --- a/src/DB.php +++ /dev/null @@ -1,20 +0,0 @@ - PDO::CASE_NATURAL, - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::ATTR_ORACLE_NULLS => PDO::NULL_NATURAL, - PDO::ATTR_STRINGIFY_FETCHES => false, - PDO::ATTR_EMULATE_PREPARES => false, - PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, - PDO::MYSQL_ATTR_INIT_COMMAND => " - SET SESSION - sql_mode = 'STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION', - time_zone = '+00:00'; - ", - ]; -}