veryroundbird.house / smallbird-social
friendship ended with social-app. php is my new best friend
fork atom

Compare changes

Choose any two refs to compare.

options
unified split
Changed files
+61 -55
index.php
templates
layout.latte
+57 -55
index.php 
···

       
182

       
182

       
 

       
});


     

       
183

       
183

       
 

       



     

       
184

       
184

       
 

       
Flight::route('/login', function(): void {


     

       

       
185

       
+

       
  if (isset($_GET['username'])) {


     

       
185

       
186

       
 

       
  $username = $_GET['username'];


     

       
186

       

       
-

       
  $bskyToucher = new BskyToucher();


     

       
187

       

       
-

       
  $userInfo = $bskyToucher->getUserInfo($username);


     

       
188

       

       
-

       
  if (!$userInfo) die(1);


     

       
189

       

       
-

       
  $pds = $userInfo->pds;


     

       
190

       

       
-

       
  $options = new OAuthOptions([


     

       
191

       

       
-

       
  	'key'          => 'https://'.SITE_DOMAIN.CLIENT_ID,


     

       
192

       

       
-

       
  	'secret'       => CLIENT_SECRET,


     

       
193

       

       
-

       
  	'callbackURL'  => 'https://'.SITE_DOMAIN.'/login',


     

       
194

       

       
-

       
  	'sessionStart' => true,


     

       
195

       

       
-

       
    'sessionStorageVar' => 'sbs_'.SITE_DOMAIN


     

       
196

       

       
-

       
  ]);


     

       
197

       

       
-

       
  $storage = new SessionStorage($options);


     

       
198

       

       
-

       
  $connector = new React\Socket\Connector([


     

       
199

       

       
-

       
    'dns' => '1.1.1.1'


     

       
200

       

       
-

       
  ]);


     

       
201

       

       
-

       
  $http = new React\Http\Browser($connector);


     

       
202

       

       
-

       
  $httpFactory = new HttpFactory();


     

       
203

       

       
-

       
  $token_builder = Builder::new(new JoseEncoder(), ChainedFormatter::default());


     

       
204

       

       
-

       
  $algorithm    = new Sha256();


     

       
205

       

       
-

       
  $signing_key   = InMemory::file(CERT_PATH);


     

       
206

       

       
-

       
  $now   = new DateTimeImmutable();


     

       
207

       

       
-

       
  $token = $token_builder


     

       
208

       

       
-

       
    ->withHeader('alg', 'ES256')


     

       
209

       

       
-

       
    ->withHeader('typ', 'JWT')


     

       
210

       

       
-

       
    ->withHeader('kid', 'ocwgKj_O7H9at1sL6yWf9ZZ82NOM7D0xlN8HGIyWH6M')


     

       
211

       

       
-

       
    ->issuedBy('https://'.SITE_DOMAIN.CLIENT_ID)


     

       
212

       

       
-

       
    ->identifiedBy(uniqid())


     

       
213

       

       
-

       
    ->relatedTo('https://'.SITE_DOMAIN.CLIENT_ID)


     

       
214

       

       
-

       
    ->permittedFor($pds)


     

       
215

       

       
-

       
    ->issuedAt($now->modify('-5 seconds'))


     

       
216

       

       
-

       
    ->getToken($algorithm, $signing_key);


     

       
217

       

       
-

       
  $client = new GuzzleHttp\Client([


     

       
218

       

       
-

       
    'verify' => true,


     

       
219

       

       
-

       
    'headers' => [


     

       
220

       

       
-

       
      'User-Agent' => USER_AGENT_STR,


     

       
221

       

       
-

       
      'Authorization' => 'Bearer: '.$token->toString()


     

       
222

       

       
-

       
    ]


     

       
223

       

       
-

       
  ]);


     

       
224

       

       
-

       
  $provider = new BskyProvider($options, $client, $httpFactory, $httpFactory, $httpFactory);


     

       
225

       

       
-

       
  $provider->setPds($pds);


     

       
226

       

       
-

       
  $name = $provider->getName();


     

       
227

       

       
-

       
  if (isset($_GET['login']) && $_GET['login'] === $name) {


     

       
228

       

       
-

       
    $auth_url = $provider->getAuthorizationUrl([


     

       
229

       

       
-

       
      'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',


     

       
230

       

       
-

       
      'client_assertion' => $token->toString()


     

       

       
187

       
+

       
    $bskyToucher = new BskyToucher();


     

       

       
188

       
+

       
    $userInfo = $bskyToucher->getUserInfo($username);


     

       

       
189

       
+

       
    if (!$userInfo) die(1);


     

       

       
190

       
+

       
    $pds = $userInfo->pds;


     

       

       
191

       
+

       
    $options = new OAuthOptions([


     

       

       
192

       
+

       
      'key'          => 'https://'.SITE_DOMAIN.CLIENT_ID,


     

       

       
193

       
+

       
      'secret'       => CLIENT_SECRET,


     

       

       
194

       
+

       
      'callbackURL'  => 'https://'.SITE_DOMAIN.'/login',


     

       

       
195

       
+

       
      'sessionStart' => true,


     

       

       
196

       
+

       
      'sessionStorageVar' => 'sbs_'.SITE_DOMAIN


     

       
231

       
197

       
 

       
    ]);


     

       
232

       

       
-

       
    Flight::redirect($auth_url);


     

       
233

       

       
-

       
    die(1);


     

       
234

       

       
-

       
  } else if (isset($_GET['code'], $_GET['iss'])) {


     

       
235

       

       
-

       
    $storage->storeAccessToken($_GET['code'], $name);


     

       
236

       

       
-

       
    $_SESSION['sbs_'.SITE_DOMAIN.'_pds'] = $_GET['iss'];


     

       
237

       

       
-

       
    $_SESSION['sbs_'.SITE_DOMAIN.'_userinfo'] = $bskyToucher->getUserInfo()


     

       
238

       

       
-

       
    Flight::redirect('/');


     

       
239

       

       
-

       
    die(1);


     

       
240

       

       
-

       
  } else if (isset($_GET['error'])) {


     

       
241

       

       
-

       
    die(1);


     

       

       
198

       
+

       
    $storage = new SessionStorage($options);


     

       

       
199

       
+

       
    $connector = new React\Socket\Connector([


     

       

       
200

       
+

       
      'dns' => '1.1.1.1'


     

       

       
201

       
+

       
    ]);


     

       

       
202

       
+

       
    $http = new React\Http\Browser($connector);


     

       

       
203

       
+

       
    $httpFactory = new HttpFactory();


     

       

       
204

       
+

       
    $token_builder = Builder::new(new JoseEncoder(), ChainedFormatter::default());


     

       

       
205

       
+

       
    $algorithm    = new Sha256();


     

       

       
206

       
+

       
    $signing_key   = InMemory::file(CERT_PATH);


     

       

       
207

       
+

       
    $now   = new DateTimeImmutable();


     

       

       
208

       
+

       
    $token = $token_builder


     

       

       
209

       
+

       
      ->withHeader('alg', 'ES256')


     

       

       
210

       
+

       
      ->withHeader('typ', 'JWT')


     

       

       
211

       
+

       
      ->withHeader('kid', 'ocwgKj_O7H9at1sL6yWf9ZZ82NOM7D0xlN8HGIyWH6M')


     

       

       
212

       
+

       
      ->issuedBy('https://'.SITE_DOMAIN.CLIENT_ID)


     

       

       
213

       
+

       
      ->identifiedBy(uniqid())


     

       

       
214

       
+

       
      ->relatedTo('https://'.SITE_DOMAIN.CLIENT_ID)


     

       

       
215

       
+

       
      ->permittedFor($pds)


     

       

       
216

       
+

       
      ->issuedAt($now->modify('-5 seconds'))


     

       

       
217

       
+

       
      ->getToken($algorithm, $signing_key);


     

       

       
218

       
+

       
    $client = new GuzzleHttp\Client([


     

       

       
219

       
+

       
      'verify' => true,


     

       

       
220

       
+

       
      'headers' => [


     

       

       
221

       
+

       
        'User-Agent' => USER_AGENT_STR,


     

       

       
222

       
+

       
        'Authorization' => 'Bearer: '.$token->toString()


     

       

       
223

       
+

       
      ]


     

       

       
224

       
+

       
    ]);


     

       

       
225

       
+

       
    $provider = new BskyProvider($options, $client, $httpFactory, $httpFactory, $httpFactory);


     

       

       
226

       
+

       
    $provider->setPds($pds);


     

       

       
227

       
+

       
    $name = $provider->getName();


     

       

       
228

       
+

       
    if (isset($_GET['login']) && $_GET['login'] === $name) {


     

       

       
229

       
+

       
      $auth_url = $provider->getAuthorizationUrl([


     

       

       
230

       
+

       
        'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',


     

       

       
231

       
+

       
        'client_assertion' => $token->toString()


     

       

       
232

       
+

       
      ]);


     

       

       
233

       
+

       
      Flight::redirect($auth_url);


     

       

       
234

       
+

       
      die(1);


     

       

       
235

       
+

       
    } else if (isset($_GET['code'], $_GET['iss'])) {


     

       

       
236

       
+

       
      $storage->storeAccessToken($_GET['code'], $name);


     

       

       
237

       
+

       
      $_SESSION['sbs_'.SITE_DOMAIN.'_pds'] = $_GET['iss'];


     

       

       
238

       
+

       
      $_SESSION['sbs_'.SITE_DOMAIN.'_userinfo'] = $bskyToucher->getUserInfo();


     

       

       
239

       
+

       
      Flight::redirect('/');


     

       

       
240

       
+

       
      die(1);


     

       

       
241

       
+

       
    } else if (isset($_GET['error'])) {


     

       

       
242

       
+

       
      die(1);


     

       

       
243

       
+

       
    }


     

       
242

       
244

       
 

       
  } else {


     

       
243

       
245

       
 

       
    $latte = new Latte\Engine;


     

       
244

       
246

       
 

       
    $latte->render('./templates/login.latte', array_merge(Flight::get('standardParams'), [
+4
templates/layout.latte 
···

       
24

       
24

       
 

       
    data-theme="{$setTheme}"


     

       
25

       
25

       
 

       
    data-font="{$setFont}"


     

       
26

       
26

       
 

       
  >


     

       

       
27

       
+

       
    <!--


     

       

       
28

       
+

       
      {print_r($_SESSION)}


     

       

       
29

       
+

       
      {print_r(PHP_SESSION_DISABLED)}


     

       

       
30

       
+

       
    -->


     

       
27

       
31

       
 

       
    <div id="page">


     

       
28

       
32

       
 

       
      <header>


     

       
29

       
33

       
 

       
        <h1><a href="/">{include '_partials/logo.latte'}{$siteTitle}</a></h1>