OAuth & SSH Keygen

2022-05-01 20:20:59 +00:00
parent 155afadba9
commit 60f182b99d
15 changed files with 1494 additions and 5 deletions
--- a/send.php
+++ b/send.php
@@ -0,0 +1,56 @@
+<?php
+exit();
+$z=1/0;
+use Lrf141\OAuth2\Client\Provider\Mastodon;
+$config = json_decode(file_get_contents("config.json", true));
+
+session_start();
+
+$provider = new Mastodon([
+    'clientId' => $config.oauth.key,
+    'clientSecret' => $config.oauth.secret,
+    'redirectUri' => 'https://tty.hackers.town/auth',
+    'instance' => 'https://hackers.town',
+    'scope' => 'read:accounts',
+]);
+
+
+if (!isset($_GET['code'])) {
+
+    $authUrl = $provider->getAuthorizationUrl();
+
+    $_SESSION['oauth2state'] = $provider->getState();
+    header('Location: '.$authUrl);
+    exit;
+
+// Check given state against previously stored one to mitigate CSRF attack
+} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
+
+    unset($_SESSION['oauth2state']);
+    exit('Invalid state');
+
+} else {
+
+    // Try to get an access token (using the authorization code grant)
+    $token = $provider->getAccessToken('authorization_code', [
+        'code' => $_GET['code']
+    ]);
+    
+    // Optional: Now you have a token you can look up a users profile data
+    try {
+    
+        $user = $provider->getResourceOwner($token);
+       
+        echo $user->getName();
+        
+    } catch(Exception $e) {
+       
+       
+        exit('Oh dear...');
+    }
+
+
+    echo $token->getToken();
+}
+
+?>