liz/tilde-oauth
1
0
Fork 0
Code Issues 6 Pull Requests Projects Releases Wiki Activity

Popups and Niceties

Browse Source
This commit is contained in:
Elizabeth Cray
2022-05-07 08:02:58 +00:00
parent 60f182b99d
commit e9bf9fd222
6 changed files with 185 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
auth/index.php
View File

@@ -24,19 +24,20 @@ if (isset($_REQUEST["act"])){
<meta charset="utf-8">
<base href="/auth"/>
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- Stylesheets -->
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
<link href="/style.css" rel="stylesheet"/>
<!-- Javascript -->
<script src="https://code.jquery.com/jquery-3.6.0.min.js" integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4=" crossorigin="anonymous"></script>
<script src="https://code.jquery.com/color/jquery.color.plus-names-2.1.2.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/jszip@3.9.1/dist/jszip.min.js" integrity="sha256-aSPPIlJfSHQ5T7wunbPcp7tM0rlq5dHoUGeN8O5odMg=" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11.4.10/dist/sweetalert2.all.min.js" integrity="sha256-YX0M+vWkN+Xjq3t0RBoP6rENNiYm4CN2k33WefMkn+E=" crossorigin="anonymous"></script>
<script src="/base64url.js"></script>
<script src="/ssh-util.js"></script>
<script src="/keygen.js"></script>
<script src="/fittext.js"></script>
<script src="/index.js"></script>
<!-- Stylesheets -->
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
<link href="/style.css" rel="stylesheet"/>
</Head>
<Body>
<div class="row">
@@ -52,6 +53,7 @@ if (isset($_REQUEST["act"])){
$AuthToken = "";
$UserName = "";
$ErrorDesc = "";
$UserId = "";
$request = curl_init();
curl_setopt($request, CURLOPT_POST, 1);
curl_setopt($request, CURLOPT_URL, "https://hackers.town/oauth/token");
@@ -82,6 +84,7 @@ if (isset($_REQUEST["act"])){
// Congrats!
$AuthToken = $Auth->access_token;
$UserName = $User->display_name;
$UserId = $User->id;
}else{
// invalid auth
$AuthToken = "BadUser";
@@ -89,8 +92,23 @@ if (isset($_REQUEST["act"])){
}
}else{
// invalid auth
$AuthToken = "BadOauth";
$ErrorDesc = "Invalid OAuth";
if(isset($_COOKIE["oa_retries"])){
$retries = $_COOKIE["oa_retries"];
if($retries >= 3){
$AuthToken = "BadUser";
$ErrorDesc = "Invalid OAuth";
setcookie("oa_retries", 0, time()+3600);
}else{
$retries++;
setcookie("oa_retries", $retries, time()+3600);
$AuthToken = "BadOauthRetry";
$ErrorDesc = "Invalid OAuth Retry";
}
}else{
$AuthToken = "BadOauth";
$ErrorDesc = "Invalid OAuth Retry";
setcookie("oa_retries", 1, time()+3600);
}
}
// revoke token after usage
@@ -106,7 +124,7 @@ if (isset($_REQUEST["act"])){
<span>
try again
</span>
<div class="message">
<div id="ErrorResult" class="message">
<?php echo $ErrorDesc; ?>
</div>
</div><div class="row button"<?php if(strpos($AuthToken, "Bad") === false){
@@ -135,8 +153,10 @@ if (isset($_REQUEST["act"])){
<div class="row button" <?php if(strpos($AuthToken, "Bad") !== false){
echo "hidden";
}?>>
<button class="col keyButton" onclick="generateSSH('<?php echo $UserName; ?>')">Generate</button>
<button class="col keyButton" onclick="generateSSH('<?php echo $UserName; ?>', '<?php echo $UserId; ?>', '<?php echo $AuthToken; ?>')">Generate</button>
<button class="col keyButton" onclick="uploadSSH()">Upload</button>
<button class="col keyButton" onclick="testSwal()">Test Popup</button>
<input id="keyfile" type="file" style="display: none;"/>
</div>
<div class="row copyright">
<!-- TODO: Make this file PHP and make the canary dependent on /etc/ttyserver/canary -->

70
auth/setKey.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
// Create an account and apply SSH key
$config = json_decode(file_get_contents("/var/www/usergen/config.json", true));
function checkParameters($parameterArray){
$error = false;
foreach($parameterArray as $parameter){
if(!isset($_POST[$parameter])){
$error = true;
}
}
return $error;
}
function apiResult($result){
header('Content-type: application/json');
echo json_encode($result);
exit();
}
function success(){
apiResult(array("status" => true));
}
function error($error){
apiResult(array("status" => false, "error" => $error));
}
function validateUsername($username){
return (preg_match("/^([a-zA-Z0-9_.]+)$/", $username) == 1);
}
if (checkParameters(array("pubkey", "userId", "authToken"))){
error("Missing parameters");
}
$userToken = $_POST["authToken"];
$userId = $_POST["userId"];
$pubkey = $_POST["pubkey"];
$request = curl_init();
curl_setopt($request, CURLOPT_URL, "https://hackers.town/api/v1/accounts/verify_credentials");
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($request, CURLOPT_HTTPHEADER, array(
"Authorization: Bearer ".$userToken
));
$response = curl_exec($request);
curl_close($request);
$User = json_decode($response);
// Check User
if($User->id != $userId){
error("User Mismatch");
}
if(!validateUsername($User->username)){
error("Invalid Username");
}
// Create temporary pubkey holding file
$TempFileName = "/tmp/mkuser/".uniqid("ssh-", true).".pub";
if(!file_put_contents($TempFileName, $pubkey."\n")){
error("Key Addition Failed: Temp");
}
// Run User Generation Tool
// TODO: Replace with custom Rust PHP Extension
$UserGenCode = shell_exec("/etc/ttyserver/bin/mkuser.tmp \"".$User->username."\" \"".$TempFileName."\" 2>&1; echo $?");
if($UserGenCode != "0"){
error("Key Addition Failed: MK-".$UserGenCode);
}
success();
?>