diff options
| author | RaindropsSys <raindrops@equestria.dev> | 2023-11-12 22:15:51 +0100 |
|---|---|---|
| committer | RaindropsSys <raindrops@equestria.dev> | 2023-11-12 22:15:51 +0100 |
| commit | ca4588f1b8200ef93e1614f2274a960bbb9fd53e (patch) | |
| tree | 9a363db45504157f0e5a54fe5b894cd2781f5d62 /oauth | |
| parent | e3aa7eafa663ab94c77695c3e0f2fe88874480ad (diff) | |
| download | mist-ca4588f1b8200ef93e1614f2274a960bbb9fd53e.tar.gz mist-ca4588f1b8200ef93e1614f2274a960bbb9fd53e.tar.bz2 mist-ca4588f1b8200ef93e1614f2274a960bbb9fd53e.zip | |
Updated 7 files (automated)
Diffstat (limited to 'oauth')
| -rw-r--r-- | oauth/.DS_Store | bin | 6148 -> 6148 bytes | |||
| -rw-r--r-- | oauth/callback-native/index.php | 6 | ||||
| -rw-r--r-- | oauth/callback/index.php | 4 |
3 files changed, 4 insertions, 6 deletions
diff --git a/oauth/.DS_Store b/oauth/.DS_Store Binary files differindex d23a8fa..053721e 100644 --- a/oauth/.DS_Store +++ b/oauth/.DS_Store diff --git a/oauth/callback-native/index.php b/oauth/callback-native/index.php index 5095734..c6a1327 100644 --- a/oauth/callback-native/index.php +++ b/oauth/callback-native/index.php @@ -1,5 +1,6 @@ <?php +var_dump("START"); header("X-Frame-Options: DENY"); $app = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/app.json"), true); $server = "account.equestria.dev"; @@ -38,9 +39,7 @@ if (isset($result["access_token"])) { $result = $result_orig = curl_exec($crl); $result = json_decode($result, true); - $isAllowed = in_array("5fe2cdf1-cff8-470e-a54a-ad1c713b0387", array_map(function ($i) { return $i["id"]; }, $result["transitiveGroups"])); - - if (!$isAllowed) { + if (!in_array($result["id"], $app["allowed"])) { header("HTTP/1.1 403 Forbidden"); die("Not allowed to log in to this application. This will be reported."); } @@ -48,6 +47,7 @@ if (isset($result["access_token"])) { if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"); $token = "wv_" . bin2hex(random_bytes(64)); + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, $result_orig); header("Location: http://127.0.0.1:12981/?token=$token"); die(); diff --git a/oauth/callback/index.php b/oauth/callback/index.php index f57e124..bbb3322 100644 --- a/oauth/callback/index.php +++ b/oauth/callback/index.php @@ -38,9 +38,7 @@ if (isset($result["access_token"])) { $result = $result_orig = curl_exec($crl); $result = json_decode($result, true); - $isAllowed = in_array("5fe2cdf1-cff8-470e-a54a-ad1c713b0387", array_map(function ($i) { return $i["id"]; }, $result["transitiveGroups"])); - - if (!$isAllowed) { + if (!in_array($result["id"], $app["allowed"])) { header("HTTP/1.1 403 Forbidden"); die("Not allowed to log in to this application. This will be reported."); } |