liz/tilde-oauth
1
0
Fork 0
Code Issues 6 Pull Requests Projects Releases Wiki Activity

OAuth2 Saved Login Session Mechanism

Browse Source
This commit is contained in:
Elizabeth Cray
2023-10-04 01:26:33 -04:00
parent 101bfd0d30
commit ca5bccce93
15 changed files with 582 additions and 457 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
secret/helpers.php
View File

@@ -19,4 +19,22 @@ function enableDebug(){
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
}
function returnError($error){
if (gettype($error) == "object") {
$error = json_encode($error);
}
header('Content-type: application/json');
echo json_encode(array("error" => $error));
exit();
}
function returnSuccess($success, $refreshToken = ""){
header('Content-type: application/json');
echo json_encode(array(
"data" => $success,
"refreshToken" => $refreshToken
));
exit();
}
?>

12
secret/oauth.php
View File

@@ -10,13 +10,6 @@ function verifyCredentials($Auth) {
$response = curl_exec($request);
curl_close($request);
$User = json_decode($response);
// if (isset($User->id)){
// // Congrats!
// $UserName = $User->display_name;
// $UserId = $User->id;
// }else{
// }
return (isset($User->error) ? $User->error : $User);
}
@@ -41,4 +34,9 @@ function oauthToken($AuthCode, $config){
$Auth = json_decode($response);
return (isset($Auth->error) ? $Auth->error_description : $Auth);
}
function getHello() {
$Welcomes = array("Welcome", "Dobrodošli", "Vitejte", "Welkom", "Tervetuloa", "Willkommen", "Fáilte", "Benvenuto", "Bienvenidos", "Välkommen", "ようこそ");
return $Welcomes[array_rand($Welcomes)];
}
?>

72
secret/rsa.php
View File

@@ -38,6 +38,26 @@ function getFingerprint() {
return $fingerprint;
}
// Object -> JSON -> Base84 -> Split -> Encrypt -> Combined -> re-base64 -> Sent
function encryptPayload($input){
$holdingArray = str_split(base64_encode($input), 64);
$holdingArray = array_map(function($value){
return encrypt($value);
}, $holdingArray);
$holdingArray = implode("%", $holdingArray);
return $holdingArray;
}
function decryptPayload($input){
$holdingArray = explode("%", $input);
$holdingArray = array_map(function($value){
return decrypt($value);
}, $holdingArray);
$holdingArray = implode("", $holdingArray);
return base64_decode($holdingArray);
}
function encrypt($input){
// Encrypt with public key
ensureKey();
@@ -61,4 +81,56 @@ function decrypt($input){
return $decrypted;
}
function buildEncToken($AuthToken, $UserID, $UserIP, $UserAgent ){
// Token Data:
// - HTown AuthToken
// - UserID
// - UserIP
// - UserAgent
// - Timestamp
$TokenData = array(
"AuthToken" => $AuthToken,
"UserID" => $UserID,
"UserIP" => $UserIP,
"UserAgent" => $UserAgent,
"Timestamp" => time() // Unix Time in Seconds
);
$TokenData = json_encode($TokenData);
$EncTokenData = encryptPayload($TokenData);
return $EncTokenData;
}
function verifyEncToken($EncTokenData){
$TokenData = decryptPayload($EncTokenData);
$TokenData = json_decode($TokenData);
if ($TokenData != null && isset($TokenData->AuthToken) && isset($TokenData->UserID) && isset($TokenData->UserIP) && isset($TokenData->UserAgent) && isset($TokenData->Timestamp)) {
// Valid Token
if (time() - $TokenData->Timestamp > 900) { // 15-minute max login session
// Token Expired
return "Login Expired";
}
if ($TokenData->UserIP != $_SERVER["REMOTE_ADDR"]) {
// IP Mismatch
return "IP Mismatch";
}
if ($TokenData->UserAgent != $_SERVER["HTTP_USER_AGENT"]) {
// User Agent Mismatch
return "UserAgent Mismatch";
}
$credentialResults = verifyCredentials($TokenData->AuthToken);
if (gettype($credentialResults) == "string") {
// Invalid AuthToken
return "Invalid Mastodon Account";
}
return array(
"AuthToken" => $TokenData->AuthToken,
"UserID" => $TokenData->UserID,
"MastodonData" => $credentialResults
);
}else{
// Invalid Token
return "Invalid Token";
}
}
?>