Adjusted authentication code.

This commit is contained in:
flash 2023-05-21 16:50:15 +00:00
parent f513d229fe
commit 1cd3a50415

View file

@ -7,12 +7,9 @@ use Index\Data\IDbConnection;
final class ChatAuth {
public static function attempt(IDbConnection $db, string $endPoint, string $secret, string $cookie): object {
if(!empty($cookie)) {
$params = [
'method' => 'Misuzu',
'token' => $cookie,
'ipaddr' => $_SERVER['REMOTE_ADDR'],
];
$loginSignature = hash_hmac('sha256', "verify#{$params['method']}#{$params['token']}#{$params['ipaddr']}", $secret);
$method = 'Misuzu';
$signature = sprintf('verify#%s#%s#%s', $method, $cookie, $_SERVER['REMOTE_ADDR']);
$signature = hash_hmac('sha256', $signature, $secret);
$login = curl_init($endPoint);
curl_setopt_array($login, [
@ -21,16 +18,21 @@ final class ChatAuth {
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HEADER => false,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $params,
CURLOPT_POSTFIELDS => http_build_query([
'method' => $method,
'token' => $cookie,
'ipaddr' => $_SERVER['REMOTE_ADDR'],
], '', '&', PHP_QUERY_RFC3986),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TCP_FASTOPEN => true,
CURLOPT_CONNECTTIMEOUT => 2,
CURLOPT_MAXREDIRS => 2,
CURLOPT_PROTOCOLS => CURLPROTO_HTTPS,
CURLOPT_TIMEOUT => 5,
CURLOPT_USERAGENT => 'mc.flashii.net',
CURLOPT_USERAGENT => 'Mince',
CURLOPT_HTTPHEADER => [
'X-SharpChat-Signature: ' . $loginSignature,
'Content-Type: application/x-www-form-urlencoded',
'X-SharpChat-Signature: ' . $signature,
],
]);
$userInfo = json_decode(curl_exec($login));