commit 30725078411bfa1f0a1bd2c0c7689f18b9a9f102 · veryroundbird.house/smallbird-social

+53 -11

index.php

···

       6
       6
        
       require_once('vendor/autoload.php');

     

       7
       7
        
       require_once('config.php');

     

       8
       8
        
       require_once('lib/bskyToucher.php');

     

       9
       9
       +
       require_once('lib/bskyProvider.php');

     

       9
       10
        
       

     

       10
       11
        
       use flight\Engine;

     

       11
       12
        
       use League\CommonMark\CommonMarkConverter;

     

       12
       13
        
       use React\Promise\Deferred;

     

       13
       14
        
       use React\EventLoop\Loop;

     

       14
       15
        
       use React\Promise\Promise;

     

       16
       16
       +
       use GuzzleHttp\Client;

     

       15
       17
        
       use Tracy\Debugger;

     

       16
       18
        
       use Tracy\OutputDebugger;

     

       17
       19
        
       use Matrix\Async;

     

       20
       20
       +
       use GuzzleHttp\Psr7\HttpFactory;

     

       21
       21
       +
       use chillerlan\OAuth\OAuthOptions;

     

       22
       22
       +
       use Smallnest\Bsky\BskyProvider;

     

       18
       23
        
       

     

       19
       24
        
       $bskyToucher = new BskyToucher();

     

       20
       25
        
       

     
···

       69
       74
        
         'favFeeds' => $favoriteFeeds,

     

       70
       75
        
         'pages' => PAGES,

     

       71
       76
        
         'links' => LINKS,

     

       72
       72
       -
         'ogdomain' => SITE_DOMAIN

     

       77
       77
       +
         'ogdomain' => 'https://'.SITE_DOMAIN

     

       73
       78
        
       ]);

     

       74
       79
        
       

     

       75
       80
        
       Flight::route('/', function () {

     
···

       86
       91
        
           'ogtitle' => SITE_TITLE,

     

       87
       92
        
           'ogdesc' => SITE_DESC,

     

       88
       93
        
           'ogimage' => '',

     

       89
       89
       -
           'ogurl' => SITE_DOMAIN.'/'

     

       94
       94
       +
           'ogurl' => 'https://'.SITE_DOMAIN.'/'

     

       90
       95
        
         ]));

     

       91
       96
        
       });

     

       92
       97
        
       

     
···

       104
       109
        
           'ogtitle' => SITE_TITLE." | ".$userInfo->displayName." (@".$handle.")",

     

       105
       110
        
           'ogdesc' => '', //$post->content,

     

       106
       111
        
           'ogimage' => '', //getPostOgImage($post),

     

       107
       107
       -
           'ogurl' => SITE_DOMAIN.'/u/'.$handle.'/'.$rkey

     

       112
       112
       +
           'ogurl' => 'https://'.SITE_DOMAIN.'/u/'.$handle.'/'.$rkey

     

       108
       113
        
         ]));

     

       109
       114
        
       });

     

       110
       115
        
       

     
···

       122
       127
        
           'ogtitle' => SITE_TITLE." | ".$user->displayName." (@".$user->handle.")",

     

       123
       128
        
           'ogdesc' => $user->description,

     

       124
       129
        
           'ogimage' => $user->avatar,

     

       125
       125
       -
           'ogurl' => SITE_DOMAIN.'/u/'.$user->handle.'/'

     

       130
       130
       +
           'ogurl' => 'https://'.SITE_DOMAIN.'/u/'.$user->handle.'/'

     

       126
       131
        
         ]));

     

       127
       132
        
       });

     

       128
       133
        
       

     
···

       148
       153
        
           'ogtitle' => SITE_TITLE." | ".$feedInfo->title,

     

       149
       154
        
           'ogdesc' => $feedInfo->description,

     

       150
       155
        
           'ogimage' => $feedInfo->avatar,

     

       151
       151
       -
           'ogurl' => SITE_DOMAIN.'/f/'.$did.'/'.$name

     

       156
       156
       +
           'ogurl' => 'https://'.SITE_DOMAIN.'/f/'.$did.'/'.$name

     

       152
       157
        
         ]));

     

       153
       158
        
       });

     

       154
       159
        
       

     
···

       160
       165
        
           'ogtitle' => SITE_TITLE." | search".(array_key_exists('s', $_GET) ? ': '.$_GET['s'] : ''),

     

       161
       166
        
           'ogdesc' => SITE_DESC,

     

       162
       167
        
           'ogimage' => '',

     

       163
       163
       -
           'ogurl' => SITE_DOMAIN.'/u/'.$handle.'/'.$rkey

     

       168
       168
       +
           'ogurl' => 'https://'.SITE_DOMAIN.'/u/'.$handle.'/'.$rkey

     

       164
       169
        
         ]));

     

       165
       170
        
       });

     

       166
       171
        
       

     

       167
       167
       -
       Flight::route('GET /login', function(): void {

     

       172
       172
       +
       Flight::route('/login', function(): void {

     

       173
       173
       +
         $options = new OAuthOptions([

     

       174
       174
       +
         	'key'          => 'http://'.SITE_DOMAIN.CLIENT_ID,

     

       175
       175
       +
         	'secret'       => CLIENT_SECRET,

     

       176
       176
       +
         	'callbackURL'  => 'http://'.SITE_DOMAIN.'/login',

     

       177
       177
       +
         	'sessionStart' => true,

     

       178
       178
       +
         ]);

     

       179
       179
       +
         $http = new React\Http\Browser();

     

       180
       180
       +
         $client = new GuzzleHttp\Client([

     

       181
       181
       +
           'headers' => [

     

       182
       182
       +
             'User-Agent' => USER_AGENT_STR

     

       183
       183
       +
           ]

     

       184
       184
       +
         ]);

     

       185
       185
       +
         $httpFactory = new HttpFactory();

     

       186
       186
       +
         $provider = new BskyProvider($options, $client, $httpFactory, $httpFactory, $httpFactory);

     

       187
       187
       +
         $name = $provider->getName();

     

       188
       188
       +
         if (isset($_GET['login']) && $_GET['login'] === $name) {

     

       189
       189
       +
           $username = $_GET['username'];

     

       190
       190
       +
           $bskyToucher = new BskyToucher();

     

       191
       191
       +
           $userInfo = $bskyToucher->getUserInfo($username);

     

       192
       192
       +
           if (!$userInfo) die(1);

     

       193
       193
       +
           $pds = $userInfo->pds;

     

       194
       194
       +
           $provider->setPds($pds);

     

       195
       195
       +
           $authUrl = $provider->getAuthorizationUrl();

     

       196
       196
       +
           header('Location: '.$authUrl);

     

       197
       197
       +
           die(1);

     

       198
       198
       +
         } else if (isset($_GET['code'], $_GET['state'])) {

     

       199
       199
       +
           $token = $provider->getAccessToken($_GET['code'], $_GET['state']);

     

       200
       200
       +
       

     

       201
       201
       +
         	// save the token in a permanent storage

     

       202
       202
       +
         	// [...]

     

       203
       203
       +
       

     

       204
       204
       +
         	// access granted, redirect

     

       205
       205
       +
         	header('Location: ?granted='.$name);

     

       206
       206
       +
           die(1);

     

       207
       207
       +
         } else if (isset($_GET['granted']) && $_GET['granted'] === $name) {

     

       208
       208
       +
           die(1);

     

       209
       209
       +
         } else if (isset($_GET['error'])) {

     

       210
       210
       +
           die(1);

     

       211
       211
       +
         }

     

       168
       212
        
         $latte = new Latte\Engine;

     

       169
       213
        
         $latte->render('./templates/login.latte', array_merge(Flight::get('standardParams'), [

     

       170
       214
        
           'mainClass' => 'form',

     

       171
       215
        
           'ogtitle' => SITE_TITLE." | login",

     

       172
       216
        
           'ogdesc' => SITE_DESC,

     

       173
       217
        
           'ogimage' => '',

     

       174
       174
       -
           'ogurl' => SITE_DOMAIN.'/login'

     

       218
       218
       +
           'ogurl' => 'https://'.SITE_DOMAIN.'/login'

     

       175
       219
        
         ]));

     

       176
       220
        
       });

     

       177
       221
        
       

     

       178
       178
       -
       Flight::route('POST /login', function(): void {

     

       179
       179
       -
         // whatever stupid token exchange dance needs to happen to direct them to oauth

     

       180
       180
       -
       });

     

       222
       222
       +
       // https://shimaenaga.veryroundbird.house/oauth/authorize?client_id=https%3A%2F%2Ftangled.org%2Foauth%2Fclient-metadata.json&request_uri=urn%3Aietf%3Aparams%3Aoauth%3Arequest_uri%3Areq-2399ff42af66498132ebf8de809254b7

     

       181
       223
        
       

     

       182
       224
        
       Flight::route('/createaccount', function(): void {

     

       183
       225
        
         $latte = new Latte\Engine;

+7 -5

lib/bskyProvider.php

···

       22
       22
        
         public const SCOPE_TRANSITION_GENERIC = 'transition:generic';

     

       23
       23
        
         public const AUTH_METHOD              = self::AUTH_METHOD_HEADER;

     

       24
       24
        
       

     

       25
       25
       -
       	protected string $authorizationURL = 'https://bsky.app/oauth2/authorize';

     

       26
       26
       -
       	protected string $accessTokenURL   = 'https://bsky.app/oauth2/token';

     

       27
       27
       -
       	protected string $apiURL           = 'https://bsky.app/api';

     

       25
       25
       +
       	protected string $authorizationURL = 'https://bsky.app/oauth/authorize';

     

       26
       26
       +
       	protected string $accessTokenURL   = 'https://bsky.app/oauth/token';

     

       27
       27
       +
       	protected string $apiURL           = 'https://bsky.app/xrpc';

     

       28
       28
       +
         protected string $parAuthorizationURL = 'https://bsky.app/oauth/par';

     

       28
       29
        
         

     

       29
       30
        
         public const DEFAULT_SCOPES = [

     

       30
       31
        
         		self::SCOPE_ATPROTO,

     
···

       47
       48
        
       		// set the provider URLs

     

       48
       49
        
       		$this->authorizationURL = (string)$pds->withPath('/oauth/authorize');

     

       49
       50
        
       		$this->accessTokenURL   = (string)$pds->withPath('/oauth/token');

     

       50
       50
       -
       		$this->apiURL           = (string)$pds->withPath('/api');

     

       51
       51
       -
       

     

       51
       51
       +
       		$this->apiURL           = (string)$pds->withPath('/xrpc');

     

       52
       52
       +
           $this->parAuthorizationURL = (string)$pds->withPath('/oauth/par');

     

       53
       53
       +
           

     

       52
       54
        
       		return $this;

     

       53
       55
        
       	}

     

       54
       56
        
       }

-1

lib/bskyToucher.php

···

       6
       6
        
       

     

       7
       7
        
       require_once('config.php');

     

       8
       8
        
       require_once('vendor/autoload.php');

     

       9
       9
       -
       require_once('bskyProvider.php');

     

       10
       9
        
       //if (DB_TYPE === 'sqlite') require_once('db.php');

     

       11
       10
        
       if (DB_TYPE === 'mysql') require_once('maria-db.php');

     

       12
       11

+1 -1

public/client-metadata.json

···

       5
       5
        
         "client_uri": "https://localhost:5173",

     

       6
       6
        
         "dpop_bound_access_tokens": true,

     

       7
       7
        
         "grant_types": ["authorization_code", "refresh_token"],

     

       8
       8
       -
         "redirect_uris": ["http://localhost:5173/oauth/callback.php"],

     

       8
       8
       +
         "redirect_uris": ["http://localhost:5173/login"],

     

       9
       9
        
         "response_types": ["code"],

     

       10
       10
        
         "scope": "atproto transition:generic",

     

       11
       11
        
         "dpop_bound_access_tokens": true,

templates/login.latte

···

       10
       10
        
             <input type="text" name="username" id="username" />

     

       11
       11
        
           </div>

     

       12
       12
        
           <div class="form-input btn-row">

     

       13
       13
       +
             <input type="hidden" name="login" value="BskyProvider" />

     

       13
       14
        
             <button type="submit" class="btn btn-primary">Log In</button>

     

       14
       15
        
           </div>

     

       15
       16
        
         </form>

+2 -2

vendor/chillerlan/php-oauth/src/Core/OAuth2Provider.php

···

       61
       61
        
       	 */

     

       62
       62
        
       	public function getAuthorizationURL(array|null $params = null, array|null $scopes = null):UriInterface{

     

       63
       63
        
       		$queryParams = $this->getAuthorizationURLRequestParams(($params ?? []), ($scopes ?? $this::DEFAULT_SCOPES));

     

       64
       64
       -
       

     

       64
       64
       +
           

     

       65
       65
        
       		if($this instanceof PAR){

     

       66
       66
        
       			return $this->getParRequestUri($queryParams);

     

       67
       67
        
       		}

     
···

       259
       259
        
       		if($this::USES_BASIC_AUTH_IN_ACCESS_TOKEN_REQUEST){

     

       260
       260
        
       			$request = $this->addBasicAuthHeader($request);

     

       261
       261
        
       		}

     

       262
       262
       -
       

     

       262
       262
       +
           

     

       263
       263
        
       		return $this->http->sendRequest($request);

     

       264
       264
        
       	}

     

       265
       265

vendor/chillerlan/php-oauth/src/Core/PARTrait.php

···

       35
       35
        
       	public function getParRequestUri(array $body):UriInterface{

     

       36
       36
        
       		// send the request with the same method and parameters as the token requests

     

       37
       37
        
       		// @link https://datatracker.ietf.org/doc/html/rfc9126#name-request

     

       38
       38
       +
           print_r($this->parAuthorizationURL);

     

       38
       39
        
       		$response = $this->sendAccessTokenRequest($this->parAuthorizationURL, $body);

     

       39
       40
        
       		$status   = $response->getStatusCode();

     

       40
       41
        
       		$json     = MessageUtil::decodeJSON($response, true);

     

       42
       42
       +
           print_r($body);

     

       43
       43
       +
           print_r($json);

     

       41
       44
        
       

     

       42
       45
        
       		// something went horribly wrong

     

       43
       46
        
       		if($status !== 200){