Use public API library instead of private auth API.

This commit is contained in:
Pachira 2024-11-16 16:32:38 +00:00
parent 9f5336c76e
commit 7a64db0540
9 changed files with 75 additions and 84 deletions

View file

@ -1,6 +1,7 @@
{
"require": {
"flashwave/index": "^0.2410",
"flashii/apii": "^0.2",
"ramsey/uuid": "^4.7",
"sentry/sdk": "^4.0",
"nesbot/carbon": "^3.7"

39
composer.lock generated
View file

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "c55991a4602fd82deb63b990f03b7455",
"content-hash": "714c9c35773e63de5f25ad797a2fe84e",
"packages": [
{
"name": "brick/math",
@ -135,6 +135,43 @@
],
"time": "2024-02-09T16:56:22+00:00"
},
{
"name": "flashii/apii",
"version": "v0.2.1",
"source": {
"type": "git",
"url": "https://patchii.net/flashii/apii-php.git",
"reference": "6a93d31375dd7e75ff9264f3024f2208ce602f49"
},
"require": {
"php": ">=8.1"
},
"require-dev": {
"phpstan/phpstan": "^1.12",
"phpunit/phpunit": "^10.5"
},
"type": "library",
"autoload": {
"psr-4": {
"Flashii\\": "src"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"bsd-3-clause-clear"
],
"authors": [
{
"name": "flashwave",
"email": "packagist@flash.moe",
"homepage": "https://flash.moe",
"role": "mom"
}
],
"description": "Client library for the Flashii.net API.",
"homepage": "https://api.flashii.net",
"time": "2024-11-16T16:03:42+00:00"
},
{
"name": "flashwave/index",
"version": "v0.2410.191603",

View file

@ -2,7 +2,7 @@
namespace Mince;
use Index\Config\Fs\FsConfig;
use Index\Db\DbTools;
use Index\Db\DbBackends;
define('MCR_STARTUP', microtime(true));
define('MCR_ROOT', __DIR__);
@ -34,5 +34,5 @@ if($cfg->hasValues('sentry:dsn'))
});
})($cfg->scopeTo('sentry'));
$db = DbTools::create($cfg->getString('database:dsn', 'null:'));
$db = DbBackends::create($cfg->getString('database:dsn', 'null:'));
$db->execute('SET SESSION time_zone = \'+00:00\', sql_mode = \'STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION\';');

View file

@ -1,6 +1,8 @@
<?php
namespace Mince;
use Flashii\{FlashiiClient,FlashiiUrls};
use Flashii\Credentials\MisuzuCredentials;
use Index\CsrfToken;
use Index\Http\Routing\HttpRouter;
use Index\Templating\TplEnvironment;
@ -10,17 +12,22 @@ require_once __DIR__ . '/../mince.php';
// replace this with id.flashii.net shit
$authToken = (string)filter_input(INPUT_COOKIE, 'msz_auth');
$authInfo = ChatAuth::attempt($cfg->scopeTo('cauth'), $authToken);
$flashii = new FlashiiClient('Mince', new MisuzuCredentials($authToken), new FlashiiUrls(
$cfg->getString('apii:api', FlashiiUrls::PROD_API_URL),
$cfg->getString('apii:id', FlashiiUrls::PROD_ID_URL)
));
$authInfo = $flashii->v1()->me();
$users = new Users($db);
if($authInfo->success) {
$users->syncChatUser($authInfo);
$userInfo = $users->getUser($authInfo->user_id);
if($authInfo !== null) {
$users->syncApiUser($authInfo);
$userInfo = $users->getUser($authInfo->getId());
} else $userInfo = null;
$csrfp = new CsrfToken(
$cfg->getString('csrfp:secret', 'wowof'),
$authInfo->success ? $authToken : $_SERVER['REMOTE_ADDR']
$authInfo === null ? $_SERVER['REMOTE_ADDR'] : $authToken
);
$templating = new TplEnvironment(MCR_DIR_TPL, ['Mince'], debug: MCR_DEBUG);

View file

@ -1,55 +0,0 @@
<?php
namespace Mince;
use stdClass;
use Index\Config\Config;
final class ChatAuth {
public static function attempt(Config $config, string $cookie): object {
if(!empty($cookie)) {
$method = 'Misuzu';
$signature = sprintf('verify#%s#%s#%s', $method, $cookie, $_SERVER['REMOTE_ADDR']);
$signature = hash_hmac('sha256', $signature, $config->getString('secret'));
$login = curl_init($config->getString('endpoint'));
curl_setopt_array($login, [
CURLOPT_AUTOREFERER => false,
CURLOPT_FAILONERROR => false,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HEADER => false,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => http_build_query([
'method' => $method,
'token' => $cookie,
'ipaddr' => $_SERVER['REMOTE_ADDR'],
], '', '&', PHP_QUERY_RFC3986),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TCP_FASTOPEN => true,
CURLOPT_CONNECTTIMEOUT => 2,
CURLOPT_MAXREDIRS => 2,
CURLOPT_PROTOCOLS => CURLPROTO_HTTPS,
CURLOPT_TIMEOUT => 5,
CURLOPT_USERAGENT => 'Mince',
CURLOPT_HTTPHEADER => [
'Content-Type: application/x-www-form-urlencoded',
'X-SharpChat-Signature: ' . $signature,
],
]);
$userInfo = json_decode(curl_exec($login));
curl_close($login);
}
if(empty($userInfo->success)) {
$userInfo = new stdClass;
$userInfo->success = false;
$userInfo->user_id = 0;
$userInfo->username = 'Anonymous';
$userInfo->colour_raw = 0x40000000;
$userInfo->rank = 0;
$userInfo->hierarchy = 0;
$userInfo->perms = 0;
}
return $userInfo;
}
}

View file

@ -3,6 +3,7 @@ namespace Mince;
use InvalidArgumentException;
use RuntimeException;
use Flashii\V1\Users\V1User;
use Index\CsrfToken;
use Index\Http\Routing\{HttpGet,HttpMiddleware,HttpPost,RouteHandler,RouteHandlerTrait};
use Index\Templating\TplEnvironment;
@ -19,12 +20,12 @@ class ClientsRoutes implements RouteHandler, UrlSource {
private Authorisations $authorisations,
private Verifications $verifications,
private CsrfToken $csrfp,
private object $authInfo
private ?V1User $authInfo
) {}
#[HttpMiddleware('/clients')]
public function verifyRequest($response, $request) {
if(!$this->authInfo->success)
if($this->authInfo === null)
return 403;
if($request->getMethod() === 'POST') {
@ -66,7 +67,7 @@ class ClientsRoutes implements RouteHandler, UrlSource {
}
try {
$linkInfo = $this->accountLinks->getLink(userInfo: $this->authInfo->user_id);
$linkInfo = $this->accountLinks->getLink(userInfo: $this->authInfo->getId());
$clients = iterator_to_array($this->authorisations->getAuthorisations($linkInfo));
$template->setVars([
@ -81,7 +82,7 @@ class ClientsRoutes implements RouteHandler, UrlSource {
#[HttpPost('/clients/link')]
#[UrlFormat('clients:link', '/clients/link')]
public function postLink($response, $request) {
if($this->accountLinks->checkHasLink($this->authInfo->user_id)) {
if($this->accountLinks->checkHasLink($this->authInfo->getId())) {
$response->redirect($this->urls->format('clients:index', ['error' => 'link:already']));
return;
}
@ -103,7 +104,7 @@ class ClientsRoutes implements RouteHandler, UrlSource {
}
$this->verifications->deleteVerification($verifyInfo);
$this->accountLinks->createLink($this->authInfo->user_id, $verifyInfo);
$this->accountLinks->createLink($this->authInfo->getId(), $verifyInfo);
$this->authorisations->createAuthorisation($verifyInfo, grant: true);
$response->redirect($this->urls->format('clients:index'));
@ -112,7 +113,7 @@ class ClientsRoutes implements RouteHandler, UrlSource {
#[HttpPost('/clients/unlink')]
#[UrlFormat('clients:unlink', '/clients/unlink')]
public function postUnlink($response) {
$this->accountLinks->deleteLink(userInfo: $this->authInfo->user_id);
$this->accountLinks->deleteLink(userInfo: $this->authInfo->getId());
$response->redirect($this->urls->format('clients:index'));
}
@ -125,7 +126,7 @@ class ClientsRoutes implements RouteHandler, UrlSource {
return 404;
try {
$linkInfo = $this->accountLinks->getLink(userInfo: $this->authInfo->user_id);
$linkInfo = $this->accountLinks->getLink(userInfo: $this->authInfo->getId());
} catch(RuntimeException $ex) {
return 403;
}
@ -155,7 +156,7 @@ class ClientsRoutes implements RouteHandler, UrlSource {
return 404;
try {
$linkInfo = $this->accountLinks->getLink(userInfo: $this->authInfo->user_id);
$linkInfo = $this->accountLinks->getLink(userInfo: $this->authInfo->getId());
} catch(RuntimeException $ex) {
return 403;
}

View file

@ -1,6 +1,7 @@
<?php
namespace Mince;
use Flashii\V1\Users\V1User;
use Index\Http\Routing\{HttpGet,RouteHandler,RouteHandlerTrait};
use Index\Urls\{UrlFormat,UrlRegistry,UrlSource,UrlSourceTrait};
use Index\Templating\TplEnvironment;
@ -12,7 +13,7 @@ class HomeRoutes implements RouteHandler, UrlSource {
private TplEnvironment $templating,
private UrlRegistry $urls,
private Servers $servers,
private object $userInfo,
private ?V1User $authInfo,
private string $loginUrl
) {}
@ -27,7 +28,7 @@ class HomeRoutes implements RouteHandler, UrlSource {
#[HttpGet('/login')]
#[UrlFormat('login', '/login')]
public function getLogin($response) {
$response->redirect($this->userInfo->success ? $this->urls->format('index') : $this->loginUrl);
$response->redirect($this->authInfo === null ? $this->loginUrl : $this->urls->format('index'));
}
#[HttpGet('/downloads')]

View file

@ -6,6 +6,7 @@ use ImagickException;
use ImagickPixel;
use InvalidArgumentException;
use RuntimeException;
use Flashii\V1\Users\V1User;
use Index\{CsrfToken,XString};
use Index\Http\Routing\{HttpGet,HttpMiddleware,HttpPost,RouteHandler,RouteHandlerTrait};
use Index\Templating\TplEnvironment;
@ -27,7 +28,7 @@ class SkinsRoutes implements RouteHandler, UrlSource {
private Skins $skins,
private Capes $capes,
private CsrfToken $csrfp,
private object $authInfo,
private ?V1User $authInfo,
private string $baseUrl
) {
if(!is_dir(self::TEXTURES_PATH))
@ -57,11 +58,11 @@ class SkinsRoutes implements RouteHandler, UrlSource {
#[HttpMiddleware('/skins')]
public function verifyRequest($response, $request) {
if(!$this->authInfo->success)
if($this->authInfo === null)
return 403;
try {
$this->linkInfo = $this->accountLinks->getLink(userInfo: $this->authInfo->user_id);
$this->linkInfo = $this->accountLinks->getLink(userInfo: $this->authInfo->getId());
} catch(RuntimeException $ex) {
$response->redirect($this->urls->format('clients:index'));
return true;

View file

@ -2,6 +2,7 @@
namespace Mince;
use RuntimeException;
use Flashii\V1\Users\V1User;
use Index\Db\{DbConnection,DbStatementCache};
class Users {
@ -11,16 +12,13 @@ class Users {
$this->cache = new DbStatementCache($dbConn);
}
public function syncChatUser(object $authInfo): void {
if(!$authInfo->success)
return;
$userColourFixed = ($authInfo->colour_raw & 0x40000000) ? null : $authInfo->colour_raw;
public function syncApiUser(V1User $authInfo): void {
$userColourFixed = $authInfo->hasColourRaw() ? $authInfo->getColourRaw() : null;
$stmt = $this->cache->get('INSERT INTO users (user_id, user_name, user_colour) VALUES (?, ?, ?) ON DUPLICATE KEY UPDATE user_name = ?, user_colour = ?');
$stmt->addParameter(1, $authInfo->user_id);
$stmt->addParameter(2, $authInfo->username);
$stmt->addParameter(1, $authInfo->getId());
$stmt->addParameter(2, $authInfo->getName());
$stmt->addParameter(3, $userColourFixed);
$stmt->addParameter(4, $authInfo->username);
$stmt->addParameter(4, $authInfo->getName());
$stmt->addParameter(5, $userColourFixed);
$stmt->execute();
}