mince/src/ChatAuth.php

<?php
namespace Mince;

use stdClass;
use Index\Data\IDbConnection;

final class ChatAuth {
    public static function attempt(IDbConnection $db, string $endPoint, string $secret, string $cookie): object {
        if(!empty($cookie)) {
            $method = 'Misuzu';
            $signature = sprintf('verify#%s#%s#%s', $method, $cookie, $_SERVER['REMOTE_ADDR']);
            $signature = hash_hmac('sha256', $signature, $secret);

            $login = curl_init($endPoint);
            curl_setopt_array($login, [
                CURLOPT_AUTOREFERER => false,
                CURLOPT_FAILONERROR => false,
                CURLOPT_FOLLOWLOCATION => true,
                CURLOPT_HEADER => false,
                CURLOPT_POST => true,
                CURLOPT_POSTFIELDS => http_build_query([
                    'method' => $method,
                    'token' => $cookie,
                    'ipaddr' => $_SERVER['REMOTE_ADDR'],
                ], '', '&', PHP_QUERY_RFC3986),
                CURLOPT_RETURNTRANSFER => true,
                CURLOPT_TCP_FASTOPEN => true,
                CURLOPT_CONNECTTIMEOUT => 2,
                CURLOPT_MAXREDIRS => 2,
                CURLOPT_PROTOCOLS => CURLPROTO_HTTPS,
                CURLOPT_TIMEOUT => 5,
                CURLOPT_USERAGENT => 'Mince',
                CURLOPT_HTTPHEADER => [
                    'Content-Type: application/x-www-form-urlencoded',
                    'X-SharpChat-Signature: ' . $signature,
                ],
            ]);
            $userInfo = json_decode(curl_exec($login));
            curl_close($login);
        }

        if(empty($userInfo->success)) {
            $userInfo = new stdClass;
            $userInfo->success = false;
            $userInfo->user_id = 0;
            $userInfo->username = 'Anonymous';
            $userInfo->colour_raw = 0x40000000;
            $userInfo->rank = 0;
            $userInfo->hierarchy = 0;
            $userInfo->is_silenced = '1970-01-01T00:00:00+00:00';
            $userInfo->perms = 0;
            $userInfo->mc_username = null;
            $userInfo->mc_whitelisted = 0;
        } else {
            $getWhitelist = $db->prepare('SELECT `minecraft_username`, UNIX_TIMESTAMP(`whitelist_added`) AS `whitelist_added` FROM `whitelist_2022` WHERE `flashii_id` = ?');
            $getWhitelist->addParameter(1, $userInfo->user_id);
            $getWhitelist->execute();
            $whitelist = $getWhitelist->getResult();

            if($whitelist->next()) {
                $userInfo->mc_username = $whitelist->getString(0);
                $userInfo->mc_whitelisted = $whitelist->getInteger(1);
            } else {
                $userInfo->mc_username = null;
                $userInfo->mc_whitelisted = 0;
            }
        }

        return $userInfo;
    }
}