Use new SharpChat authentication format.

This commit is contained in:
flash 2023-02-25 21:01:13 +00:00
parent 44447d74ad
commit cddfe1b904

View file

@ -7,41 +7,34 @@ use Index\Data\IDbConnection;
final class ChatAuth { final class ChatAuth {
public static function attempt(IDbConnection $db, string $endPoint, string $secret, string $cookie): object { public static function attempt(IDbConnection $db, string $endPoint, string $secret, string $cookie): object {
if(!empty($cookie)) { if(!empty($cookie)) {
$decoded = str_pad(base64_decode(str_pad(strtr($cookie, '-_', '+/'), strlen($cookie) % 4, '=', STR_PAD_RIGHT)), 37, "\0"); $params = [
$unpacked = unpack('Cversion/Nuser/H*token', $decoded); 'method' => 'Misuzu',
'token' => $cookie,
'ipaddr' => $_SERVER['REMOTE_ADDR'],
];
$loginSignature = hash_hmac('sha256', "verify#{$params['method']}#{$params['token']}#{$params['ipaddr']}", $secret);
if(isset($unpacked['version']) && $unpacked['version'] === 1 $login = curl_init($endPoint);
&& isset($unpacked['user']) && $unpacked['user'] > 0) { curl_setopt_array($login, [
$loginRequest = [ CURLOPT_AUTOREFERER => false,
'user_id' => $unpacked['user'], CURLOPT_FAILONERROR => false,
'token' => 'SESS:' . $cookie, CURLOPT_FOLLOWLOCATION => true,
'ip' => $_SERVER['REMOTE_ADDR'], CURLOPT_HEADER => false,
]; CURLOPT_POST => true,
$loginSignature = hash_hmac('sha256', implode('#', $loginRequest), $secret); CURLOPT_POSTFIELDS => $params,
CURLOPT_RETURNTRANSFER => true,
$login = curl_init($endPoint); CURLOPT_TCP_FASTOPEN => true,
curl_setopt_array($login, [ CURLOPT_CONNECTTIMEOUT => 2,
CURLOPT_AUTOREFERER => false, CURLOPT_MAXREDIRS => 2,
CURLOPT_FAILONERROR => false, CURLOPT_PROTOCOLS => CURLPROTO_HTTPS,
CURLOPT_FOLLOWLOCATION => true, CURLOPT_TIMEOUT => 5,
CURLOPT_HEADER => false, CURLOPT_USERAGENT => 'mc.flashii.net',
CURLOPT_POST => true, CURLOPT_HTTPHEADER => [
CURLOPT_POSTFIELDS => json_encode($loginRequest), 'X-SharpChat-Signature: ' . $loginSignature,
CURLOPT_RETURNTRANSFER => true, ],
CURLOPT_TCP_FASTOPEN => true, ]);
CURLOPT_CONNECTTIMEOUT => 2, $userInfo = json_decode(curl_exec($login));
CURLOPT_MAXREDIRS => 2, curl_close($login);
CURLOPT_PROTOCOLS => CURLPROTO_HTTPS,
CURLOPT_TIMEOUT => 5,
CURLOPT_USERAGENT => 'mc.flashii.net',
CURLOPT_HTTPHEADER => [
'Content-Type: application/json',
'X-SharpChat-Signature: ' . $loginSignature,
],
]);
$userInfo = json_decode(curl_exec($login));
curl_close($login);
}
} }
if(empty($userInfo->success)) { if(empty($userInfo->success)) {