-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathOAuthController.cs
More file actions
149 lines (119 loc) · 6.5 KB
/
OAuthController.cs
File metadata and controls
149 lines (119 loc) · 6.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
using System;
using System.Collections.Generic;
using System.Collections.Specialized;
using System.Linq;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http.Extensions;
using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using PixelNetwork.Properties;
namespace PixelNetwork.Controllers
{
/// <summary>
/// OAuthController should be deployed as a part of your ASP.NET website.
/// It may contain insignificant dependencies to other parts of the original Authorization Middleware, just comment or replace them.
/// Alternatively, you can use it as a reference and implement the same logic with other programming languages and platforms.
/// </summary>
[Route("api/[controller]")]
public class OAuthController : ControllerBase
{
private static readonly OrderedDictionary Redirects = new OrderedDictionary();
private static readonly OrderedDictionary Codes = new OrderedDictionary();
[HttpPost("init")]
public void Init(string state, string redirectUri, string clientName)
{
if (state == null || (state.Length != 32 && state.Length != 36)) throw new Exception("Invalid state.");
lock (Redirects)
{
if (Redirects.Count >= 1000) for (var i = 0; i < 100; i++) Redirects.RemoveAt(0);
if (Redirects.Contains(state)) Redirects.Remove(state);
Redirects.Add(state, redirectUri);
}
}
[HttpGet("redirect")]
public IActionResult Redirect(string code, string state)
{
if (code == null || state == null) throw new Exception("Invalid parameters.");
lock (Redirects)
lock (Codes)
{
if (!Redirects.Contains(state)) throw new Exception("Unexpected state.");
if (Codes.Count >= 1000) for (var i = 0; i < 100; i++) Codes.RemoveAt(0);
if (Codes.Contains(state)) Codes.Remove(state);
var redirectUri = (string) Redirects[state];
Redirects.Remove(state);
if (string.IsNullOrEmpty(redirectUri))
{
Codes.Add(state, code);
}
else
{
Response.Redirect($"{redirectUri}?code={code}&state={state}", permanent: true);
}
}
var template = Request.Headers.TryGetValue("Referer", out var referer) && (referer.Contains("https://id.vk.com/") || referer.Contains("https://twitter.com/") || referer.Contains("/telegramwidget") || referer.Contains("https://appleid.apple.com/") || referer.Contains("https://discord.com/"))
? Resources.OAuthTemplate
: Resources.OAuthTemplateAutoClosed;
if (Request.GetDisplayUrl().Contains("platform=telegram"))
{
template = Resources.OAuthTemplate;
}
return Content(template, "text/html", Encoding.UTF8);
}
[HttpPost("get_code"), HttpPost("getcode")]
public IActionResult GetCode(string state)
{
if (state == null) throw new Exception("Invalid parameters.");
lock (Codes)
{
if (!Codes.Contains(state)) return StatusCode(704);
var code = (string) Codes[state];
Codes.Remove(state);
return Content(code);
}
}
[HttpPost("download")]
public async Task<string> Download(string url, string form)
{
var allowed = new List<string>
{
"https://appleid.apple.com/auth/token", "https://appleid.apple.com/auth/revoke",
"https://api.twitter.com/2/oauth2/token", "https://api.twitter.com/2/oauth2/revoke", "https://api.twitter.com/2/users/me",
"https://open.tiktokapis.com/v2/oauth/token/", "https://open.tiktokapis.com/v2/oauth/revoke/",
"https://oauth.vk.com/access_token", "https://api.vk.com/method/users.get"
};
if (!allowed.Any(url.StartsWith)) throw new Exception("Unsupported url.");
using var client = new HttpClient();
if (Request.Headers.TryGetValue("Authorization", out var authorization) && authorization.Count == 1)
{
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(authorization[0].Split(' ')[0], authorization[0].Split(' ')[1]);
}
if (form == null) return await client.GetStringAsync(url);
var dict = JsonConvert.DeserializeObject<Dictionary<string, string>>(form);
var content = new FormUrlEncodedContent(dict);
var response = await client.PostAsync(url, content).Result.Content.ReadAsStringAsync();
return response;
}
[HttpPost("apple_redirect")]
public IActionResult AppleRedirect(string code, string id_token, string state, string user)
{
if (code == null || state == null) throw new Exception("Invalid parameters.");
code = Convert.ToBase64String(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(new { code, user = user == null ? null : JObject.Parse(user) })));
return Redirect(code, state);
}
[HttpGet("telegram_auth")]
public IActionResult TelegramAuth(string id, string state, int widget)
{
var html = widget == 1
? "<html><body><div style='display: flex; justify-content: center; align-items: center; height: 200px;'><script async src='https://telegram.org/js/telegram-widget.js?22' data-telegram-login='{id}' data-size='large' data-onauth='onTelegramAuth(user)' data-request-access='write'></script><script type='text/javascript'>function onTelegramAuth(user) { location.href='https://hippogames.dev/api/oauth/redirect?platform=telegram&state={state}&code=' + btoa(JSON.stringify(user)); }</script></div></body></html>"
: "<html><body><script src='https://telegram.org/js/telegram-widget.js'></script><script>window.Telegram.Login.auth({ bot_id: '{id}', request_access: true }, (data) => { window.location.href = 'https://hippogames.dev/api/oauth/redirect?platform=telegram&state={state}&code=' + btoa(JSON.stringify(data)); });</script></body></html>";
html = html.Replace("{id}", id);
html = html.Replace("{state}", state);
return Content(html, "text/html", Encoding.UTF8);
}
}
}