Use new SharpChat authentication format.

This commit is contained in:
flash 2023-02-25 21:01:13 +00:00
parent 44447d74ad
commit cddfe1b904

View file

@ -7,17 +7,12 @@ use Index\Data\IDbConnection;
final class ChatAuth {
public static function attempt(IDbConnection $db, string $endPoint, string $secret, string $cookie): object {
if(!empty($cookie)) {
$decoded = str_pad(base64_decode(str_pad(strtr($cookie, '-_', '+/'), strlen($cookie) % 4, '=', STR_PAD_RIGHT)), 37, "\0");
$unpacked = unpack('Cversion/Nuser/H*token', $decoded);
if(isset($unpacked['version']) && $unpacked['version'] === 1
&& isset($unpacked['user']) && $unpacked['user'] > 0) {
$loginRequest = [
'user_id' => $unpacked['user'],
'token' => 'SESS:' . $cookie,
'ip' => $_SERVER['REMOTE_ADDR'],
$params = [
'method' => 'Misuzu',
'token' => $cookie,
'ipaddr' => $_SERVER['REMOTE_ADDR'],
];
$loginSignature = hash_hmac('sha256', implode('#', $loginRequest), $secret);
$loginSignature = hash_hmac('sha256', "verify#{$params['method']}#{$params['token']}#{$params['ipaddr']}", $secret);
$login = curl_init($endPoint);
curl_setopt_array($login, [
@ -26,7 +21,7 @@ final class ChatAuth {
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HEADER => false,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode($loginRequest),
CURLOPT_POSTFIELDS => $params,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TCP_FASTOPEN => true,
CURLOPT_CONNECTTIMEOUT => 2,
@ -35,14 +30,12 @@ final class ChatAuth {
CURLOPT_TIMEOUT => 5,
CURLOPT_USERAGENT => 'mc.flashii.net',
CURLOPT_HTTPHEADER => [
'Content-Type: application/json',
'X-SharpChat-Signature: ' . $loginSignature,
],
]);
$userInfo = json_decode(curl_exec($login));
curl_close($login);
}
}
if(empty($userInfo->success)) {
$userInfo = new stdClass;