Added very preliminary support for Bearer tokens to chat authentication.

This commit is contained in:
flash 2024-07-21 01:50:42 +00:00
parent 400253e04b
commit 2439f87df9
2 changed files with 45 additions and 1 deletions

View file

@ -156,6 +156,7 @@ final class HanyuuRoutes extends RouteHandler {
$response = [];
$response['session'] = [
'token' => $sessionInfo->getToken(),
'created_at' => $sessionInfo->getCreatedTime(),
'expires_at' => $sessionInfo->getExpiresTime(),
'lifetime_extends' => $sessionInfo->shouldBumpExpires(),

View file

@ -188,7 +188,50 @@ final class SharpChatRoutes extends RouteHandler {
if(!hash_equals($realHash, $userHash))
return ['success' => false, 'reason' => 'hash'];
if($authMethod === 'SESS' || $authMethod === 'Misuzu') {
if(strcasecmp($authMethod, 'Bearer') === 0) {
$bearerCheck = $this->config->getString('bearerCheck');
if($bearerCheck === '')
return ['success' => false, 'reason' => 'unsupported'];
$req = curl_init($bearerCheck);
try {
curl_setopt_array($req, [
CURLOPT_AUTOREFERER => false,
CURLOPT_FAILONERROR => false,
CURLOPT_FOLLOWLOCATION => false,
CURLOPT_HEADER => false,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TCP_FASTOPEN => true,
CURLOPT_CONNECTTIMEOUT => 2,
CURLOPT_MAXREDIRS => 2,
CURLOPT_PROTOCOLS => CURLPROTO_HTTPS,
CURLOPT_TIMEOUT => 5,
CURLOPT_USERAGENT => 'Misuzu',
CURLOPT_HTTPHEADER => [
sprintf('Authorization: Bearer %s', $authToken),
],
]);
$response = curl_exec($req);
if($response === false)
return ['success' => false, 'reason' => 'request'];
} finally {
curl_close($req);
}
$decoded = json_decode($response);
if($decoded === null)
return ['success' => false, 'reason' => 'decode'];
if(empty($decoded->user_id))
return ['success' => false, 'reason' => 'token'];
try {
$userInfo = $this->usersCtx->getUsers()->getUser($decoded->user_id, 'id');
} catch(RuntimeException $ex) {
return ['success' => false, 'reason' => 'user'];
}
} elseif($authMethod === 'SESS' || strcasecmp($authMethod, 'Misuzu') === 0) {
$tokenPacker = $this->authCtx->createAuthTokenPacker();
$tokenInfo = $tokenPacker->unpack($authToken);
if($tokenInfo->isEmpty()) {