2022-05-01 20:20:59 +00:00
< ? php
2023-10-02 00:29:59 +00:00
$config = json_decode ( file_get_contents ( " /var/www/usergen/secret/config.json " , true ));
2023-10-01 22:54:30 +00:00
ini_set ( 'display_errors' , 1 );
ini_set ( 'display_startup_errors' , 1 );
error_reporting ( E_ALL );
2023-10-02 03:54:32 +00:00
require ( " /var/www/usergen/secret/oauth.php " );
2023-10-01 22:54:30 +00:00
function flog ( $log_msg ) {
$log_filename = " /var/www/html " ;
$log_file_data = $log_filename . '/log_' . date ( 'd-M-Y' ) . '.log' ;
// if you don't add `FILE_APPEND`, the file will be erased each time you add a log
file_put_contents ( $log_file_data , $log_msg . " \n " , FILE_APPEND );
}
2022-05-01 20:20:59 +00:00
if ( isset ( $_REQUEST [ " act " ])){
// internal functions such as id request
2023-10-01 22:54:30 +00:00
flog ( " Ret ACT:16 ✨ " . $_REQUEST [ " act " ] . " FROM " . $_SERVER [ " REMOTE_ADDR " ]);
2022-05-01 20:20:59 +00:00
switch ( $_REQUEST [ " act " ]){
case " id " :
// return OAUTH app ID
header ( 'Content-type: application/json' );
echo json_encode ( array ( " id " => $config -> oauth -> key ));
exit ();
break ;
default :
break ;
}
} else if ( isset ( $_REQUEST [ " code " ])){
2023-10-01 22:54:30 +00:00
// Mastodon callback (Authorization Code from /oauth/authorize)
2022-05-01 20:20:59 +00:00
$MastCode = $_REQUEST [ " code " ];
2023-10-01 22:54:30 +00:00
// var_dump($_REQUEST);
}
2022-05-01 20:20:59 +00:00
?>
2023-09-29 06:15:06 +00:00
<! DOCTYPE html >
2022-05-01 20:20:59 +00:00
< HTML lang = " en " >
< Head >
< Title > HackersTown Server Access </ Title >
< meta charset = " utf-8 " >
< base href = " /auth " />
< meta name = " viewport " content = " width=device-width, initial-scale=1 " >
<!-- Javascript -->
< script src = " https://code.jquery.com/jquery-3.6.0.min.js " integrity = " sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4= " crossorigin = " anonymous " ></ script >
< script src = " https://code.jquery.com/color/jquery.color.plus-names-2.1.2.min.js " ></ script >
< script src = " https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js " integrity = " sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p " crossorigin = " anonymous " ></ script >
< script src = " https://cdn.jsdelivr.net/npm/jszip@3.9.1/dist/jszip.min.js " integrity = " sha256-aSPPIlJfSHQ5T7wunbPcp7tM0rlq5dHoUGeN8O5odMg= " crossorigin = " anonymous " ></ script >
2023-09-29 06:15:06 +00:00
< script src = " https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.all.min.js " crossorigin = " anonymous " ></ script >
2022-05-01 20:20:59 +00:00
< script src = " /base64url.js " ></ script >
< script src = " /ssh-util.js " ></ script >
< script src = " /keygen.js " ></ script >
< script src = " /fittext.js " ></ script >
< script src = " /index.js " ></ script >
2022-05-07 08:02:58 +00:00
<!-- Stylesheets -->
< link href = " https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css " rel = " stylesheet " integrity = " sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3 " crossorigin = " anonymous " >
< link href = " /style.css " rel = " stylesheet " />
2022-05-01 20:20:59 +00:00
</ Head >
< Body >
< div class = " row " >
< div class = " desktopOnly col-4 " ></ div >
< div id = " content " class = " col-4 center " >
< div class = " row " >
2023-09-29 06:15:06 +00:00
< ? php if ( file_exists ( " /var/www/usergen/DOMAIN_OVERRIDE " )){
echo " <a href= \" " . file_get_contents ( " /var/www/usergen/DOMAIN_OVERRIDE " ) . " \" > " ;
} else {
echo " <a href= \" https://tty.hackers.town \" > " ;
} ?>
2022-05-01 20:20:59 +00:00
< img src = " /Assets/HTown.png " class = " logo self-align-center mx-auto d-block " alt = " Hacker Town logo in ASCII art. Rendered as image to force correct visualization. " />
</ a >
</ div >
2023-09-29 06:15:06 +00:00
< ? php
2022-05-01 20:20:59 +00:00
// Query /oauth/token
2023-10-02 03:54:32 +00:00
$Auth = oauthToken ( $MastCode , $config );
2022-05-01 20:20:59 +00:00
if ( isset ( $Auth -> token_type )){
// Valid Auth?
2023-10-02 03:54:32 +00:00
$User = verifyCredentials ( $Auth -> access_token );
if ( gettype ( $User ) == " object " && isset ( $User -> id )) {
2022-05-01 20:20:59 +00:00
// Congrats!
$AuthToken = $Auth -> access_token ;
$UserName = $User -> display_name ;
2022-05-07 08:02:58 +00:00
$UserId = $User -> id ;
2022-05-01 20:20:59 +00:00
} else {
// invalid auth
$AuthToken = " BadUser " ;
$ErrorDesc = " User Not Found " ;
}
2023-10-02 03:54:32 +00:00
2022-05-01 20:20:59 +00:00
} else {
// invalid auth
2022-05-07 08:02:58 +00:00
if ( isset ( $_COOKIE [ " oa_retries " ])){
$retries = $_COOKIE [ " oa_retries " ];
if ( $retries >= 3 ){
$AuthToken = " BadUser " ;
$ErrorDesc = " Invalid OAuth " ;
setcookie ( " oa_retries " , 0 , time () + 3600 );
} else {
$retries ++ ;
setcookie ( " oa_retries " , $retries , time () + 3600 );
$AuthToken = " BadOauthRetry " ;
$ErrorDesc = " Invalid OAuth Retry " ;
}
} else {
$AuthToken = " BadOauth " ;
$ErrorDesc = " Invalid OAuth Retry " ;
setcookie ( " oa_retries " , 1 , time () + 3600 );
}
2022-05-01 20:20:59 +00:00
}
// revoke token after usage
?>
2023-10-01 22:54:30 +00:00
< div id = " usertoken " >< ? php echo $AuthToken ; ?> </div>
2022-05-01 20:20:59 +00:00
< div class = " row " < ? php if ( strpos ( $AuthToken , " Bad " ) === false ){
echo " hidden " ;
} ?> >
< span >
Invalid
</ span >
< span >
try again
</ span >
2022-05-07 08:02:58 +00:00
< div id = " ErrorResult " class = " message " >
2022-05-01 20:20:59 +00:00
< ? php echo $ErrorDesc ; ?>
</ div >
</ div >< div class = " row button " < ? php if ( strpos ( $AuthToken , " Bad " ) === false ){
echo " hidden " ;
} ?> >
< button class = " col keyButton " onclick = " beginOauth() " > Retry </ button >
</ div >
< div class = " row " < ? php if ( strpos ( $AuthToken , " Bad " ) !== false ){
echo " hidden " ;
} ?> >
< span >
2023-09-29 06:15:06 +00:00
< ? php
2022-05-01 20:20:59 +00:00
$Welcomes = array ( " Welcome " , " Dobrodošli " , " Vitejte " , " Welkom " , " Tervetuloa " , " Willkommen " , " Fáilte " , " Benvenuto " , " Bienvenidos " , " Välkommen " , " ようこそ " );
echo $Welcomes [ array_rand ( $Welcomes )];
?>
</ span >
< span id = " resizer " >
< ? php echo $UserName ; ?>
</ span >
< div class = " message " >
Setup an account SSH key
</ div >
</ div >
< div class = " row button " < ? php if ( strpos ( $AuthToken , " Bad " ) !== false ){
echo " hidden " ;
} ?> >
2022-05-07 08:02:58 +00:00
< button class = " col keyButton " onclick = " generateSSH('<?php echo $UserName ; ?>', '<?php echo $UserId ; ?>', '<?php echo $AuthToken ; ?>') " > Generate </ button >
2022-05-07 23:45:13 +00:00
< button class = " col keyButton " onclick = " uploadSSH('<?php echo $UserId ; ?>', '<?php echo $AuthToken ; ?>' ) " > Upload </ button >
< button class = " col keyButton debug " onclick = " testSwal() " > Test Popup </ button >
< form id = " uploadForm " enctype = " multipart/form-data " >
< input id = " keyfile " type = " file " style = " display: none; " />
</ form >
2022-05-01 20:20:59 +00:00
</ div >
2023-10-02 03:56:26 +00:00
< ? php require ( " /var/www/usergen/footer.php " ); ?>
2022-05-01 20:20:59 +00:00
</ div >
< div class = " desktopOnly col-4 " ></ div >
</ div >
</ Body >
2023-09-29 06:15:06 +00:00
</ HTML >