Split REST API usage out

2023-10-01 23:54:32 -04:00 · 2023-10-01 23:54:32 -04:00 · 52c66eea16
commit 52c66eea16
parent 7b90d0f927
2 changed files with 50 additions and 42 deletions
--- a/auth/index.php
+++ b/auth/index.php
@ -3,6 +3,8 @@ $config = json_decode(file_get_contents("/var/www/usergen/secret/config.json", t
    ini_set('display_errors', 1);
    ini_set('display_startup_errors', 1);
    error_reporting(E_ALL);
+
+require("/var/www/usergen/secret/oauth.php");
 function flog($log_msg) {
    $log_filename = "/var/www/html";
    $log_file_data = $log_filename.'/log_' . date('d-M-Y') . '.log';
@ -28,16 +30,6 @@ if (isset($_REQUEST["act"])){
    $MastCode = $_REQUEST["code"];
    // var_dump($_REQUEST);
 }
-if (isset($_REQUEST["token"])){
-    // Token passed, use for repeated OAUTH
-    /* TODO: Long-Term Auth
-        * Check if HT Token valid
-        * Generate Browser Token
-        * Encrypt Browser Token with Client Data (User Agent + IP)
-          * $_SERVER["HTTP_USER_AGENT"] + $_SERVER["REMOTE_ADDR"]
-    */
-    flog("token:35 ✨ ".$_REQUEST["token"]);
-}
 ?>
 <!DOCTYPE html>
 <HTML lang="en">
@ -76,40 +68,11 @@ if (isset($_REQUEST["token"])){
                </div>
                <?php
                    // Query /oauth/token
-                    $AuthToken = "";
-                    $UserName = "";
-                    $ErrorDesc = "";
-                    $UserId = "";
-                    $request = curl_init();
-                    curl_setopt($request, CURLOPT_POST, 1);
-                    curl_setopt($request, CURLOPT_URL, "https://hackers.town/oauth/token");
-                    curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
-                    $origin = "https://tty.hackers.town";
-                    if(file_exists("/var/www/usergen/DOMAIN_OVERRIDE")){
-                        $origin = str_replace("\n", "", file_get_contents("/var/www/usergen/DOMAIN_OVERRIDE"));
-                    }
-                    $redirectUri = $origin."/auth";
-                    $options = "grant_type=authorization_code&code=".$MastCode."&client_id=".$config->oauth->key."&client_secret=".$config->oauth->secret."&scope=read:accounts&redirect_uri=".$redirectUri;
-                    curl_setopt($request, CURLOPT_POSTFIELDS, $options);
-                    $response = curl_exec($request);
-                    curl_close($request);
-                    flog("oauth_token:91 ✨ ".$response);
-                    $Auth = json_decode($response);
+                    $Auth = oauthToken($MastCode, $config);
                    if(isset($Auth->token_type)){
                        // Valid Auth?
-                        $request = curl_init();
-                        curl_setopt($request, CURLOPT_URL, "https://hackers.town/api/v1/accounts/verify_credentials");
-                        curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
-                        curl_setopt($request, CURLOPT_HTTPHEADER, array(
-                            "Authorization: ".$Auth->token_type." ".$Auth->access_token
-                        ));
-                        $response = curl_exec($request);
-                        curl_close($request);
-                        $User = json_decode($response);
-
-                        flog("cred_verify:104 ✨ ".$response);
-
-                        if (isset($User->id)){
+                        $User = verifyCredentials($Auth->access_token);
+                        if (gettype($User) == "object" && isset($User->id)) {
                            // Congrats!
                            $AuthToken = $Auth->access_token;
                            $UserName = $User->display_name;
@ -119,6 +82,7 @@ if (isset($_REQUEST["token"])){
                            $AuthToken = "BadUser";
                            $ErrorDesc = "User Not Found";
                        }
+
                    }else{
                        // invalid auth
                        if(isset($_COOKIE["oa_retries"])){
--- a/secret/oauth.php
+++ b/secret/oauth.php
@ -0,0 +1,44 @@
+<?php
+
+function verifyCredentials($Auth) {
+    $request = curl_init();
+    curl_setopt($request, CURLOPT_URL, "https://hackers.town/api/v1/accounts/verify_credentials");
+    curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
+    curl_setopt($request, CURLOPT_HTTPHEADER, array(
+        "Authorization: Bearer ".$Auth
+    ));
+    $response = curl_exec($request);
+    curl_close($request);
+    $User = json_decode($response);
+
+    // if (isset($User->id)){
+    //     // Congrats!
+    //     $UserName = $User->display_name;
+    //     $UserId = $User->id;
+    // }else{
+    // }
+    return (isset($User->error) ? $User->error : $User);
+}
+
+function oauthToken($AuthCode, $config){
+    $AuthToken = "";
+    $UserName = "";
+    $ErrorDesc = "";
+    $UserId = "";
+    $request = curl_init();
+    curl_setopt($request, CURLOPT_POST, 1);
+    curl_setopt($request, CURLOPT_URL, "https://hackers.town/oauth/token");
+    curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
+    $origin = "https://tty.hackers.town";
+    if(file_exists("/var/www/usergen/DOMAIN_OVERRIDE")){
+        $origin = str_replace("\n", "", file_get_contents("/var/www/usergen/DOMAIN_OVERRIDE"));
+    }
+    $redirectUri = $origin."/auth";
+    $options = "grant_type=authorization_code&code=".$AuthCode."&client_id=".$config->oauth->key."&client_secret=".$config->oauth->secret."&scope=read:accounts&redirect_uri=".$redirectUri;
+    curl_setopt($request, CURLOPT_POSTFIELDS, $options);
+    $response = curl_exec($request);
+    curl_close($request);
+    $Auth = json_decode($response);
+    return (isset($Auth->error) ? $Auth->error_description : $Auth);
+}
+?>