From 01b61e12f8fa21a9a7c9fd78f363eaaba0d1639f Mon Sep 17 00:00:00 2001
From: gsd <mamu@ebal.net>
Date: Fri, 20 Oct 2023 13:46:56 +0300
Subject: [PATCH] new front update 5
---
.../controllers/auth/AuthSteamController.java | 25 ++++++----
.../controllers/other/CryptoController.java | 46 +++++++++++++++++++
src/main/java/app/services/StatsService.java | 8 +++-
.../java/app/services/steam/SteamSignIn.java | 6 +--
4 files changed, 71 insertions(+), 14 deletions(-)
create mode 100644 src/main/java/app/controllers/other/CryptoController.java
diff --git a/src/main/java/app/controllers/auth/AuthSteamController.java b/src/main/java/app/controllers/auth/AuthSteamController.java
index 34802dd..2e7a527 100644
--- a/src/main/java/app/controllers/auth/AuthSteamController.java
+++ b/src/main/java/app/controllers/auth/AuthSteamController.java
@@ -18,12 +18,15 @@ import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
+import java.util.ArrayList;
+import java.util.List;
import java.util.Map;
import java.util.Objects;
@RestController
@RequestMapping("/api/auth")
public class AuthSteamController {
+ private List<String> subDomains = new ArrayList<>(){{add("tf2"); add("tf3");}};
private SteamSignIn steamSignIn;
private SaltedCookie saltedCookie;
private SteamWebApi steamWebApi;
@@ -38,20 +41,22 @@ public class AuthSteamController {
}
@GetMapping("login")
- public ResponseEntity<Void> Login(@RequestParam(value = "authentication_discord", required = false, defaultValue = "false") boolean authentication_discord){
- return steamSignIn.ConstructURLAndRedirect(authentication_discord);
+ public ResponseEntity<Void> Login(@RequestParam(value = "authentication_discord", required = false, defaultValue = "false") boolean authentication_discord,
+ @RequestParam(required = false, defaultValue = "tf2") String subdomain){
+ return steamSignIn.ConstructURLAndRedirect(authentication_discord, this.subDomains.contains(subdomain)?subdomain:"tf2");
}
@GetMapping("logout")
- public ResponseEntity<?> Logout(HttpServletResponse response){
+ public ResponseEntity<?> Logout(HttpServletResponse response, @RequestParam(required = false, defaultValue = "tf2") String subdomain){
+ String domain = this.subDomains.contains(subdomain)?subdomain+".pblr-nyk.pro":"tf2.pblr-nyk.pro";
Cookie cookie_steam64 = new Cookie("steam64","");
cookie_steam64.setMaxAge(0);
cookie_steam64.setPath("/");
- cookie_steam64.setDomain("tf2.pblr-nyk.pro");
+ cookie_steam64.setDomain(domain);
response.addCookie(cookie_steam64);
Cookie cookie_steam64_secured = new Cookie("steam64_secured", "");
cookie_steam64_secured.setMaxAge(0);
- cookie_steam64_secured.setDomain("tf2.pblr-nyk.pro");
+ cookie_steam64_secured.setDomain(domain);
cookie_steam64_secured.setPath("/");
response.addCookie(cookie_steam64_secured);
return ResponseEntity.status(HttpStatus.FOUND).
@@ -59,21 +64,23 @@ public class AuthSteamController {
.build();
}
- @GetMapping("processlogin/{after}")
- public ResponseEntity<?> ProcessLogin(@RequestParam Map<String, String> auth_result, HttpServletResponse response, @PathVariable String after){
+ @GetMapping("processlogin/{after}/{subdomain}")
+ public ResponseEntity<?> ProcessLogin(@RequestParam Map<String, String> auth_result, HttpServletResponse response, @PathVariable String after, @PathVariable(required = false) String subdomain){
System.out.println(auth_result);
Long steam64 = steamSignIn.ValidateResults(auth_result);
if(steam64 == null){
return new ResponseEntity<>("returned steam is not valid",HttpStatus.FORBIDDEN);
}
+ String domain = this.subDomains.contains(subdomain)?subdomain+".pblr-nyk.pro":"tf2.pblr-nyk.pro";
+
Cookie cookie_steam64 = new Cookie("steam64", steam64.toString());
cookie_steam64.setPath("/");
- cookie_steam64.setDomain("tf2.pblr-nyk.pro");
+ cookie_steam64.setDomain(domain);
response.addCookie(cookie_steam64);
Cookie cookie_steam64_secured = new Cookie("steam64_secured", saltedCookie.Hashed(steam64.toString()));
cookie_steam64_secured.setPath("/");
- cookie_steam64_secured.setDomain("tf2.pblr-nyk.pro");
+ cookie_steam64_secured.setDomain(domain);
response.addCookie(cookie_steam64_secured);
String move = Objects.equals(after, "disco")?"/authentication_discord.html":"/";
diff --git a/src/main/java/app/controllers/other/CryptoController.java b/src/main/java/app/controllers/other/CryptoController.java
new file mode 100644
index 0000000..a5e404c
--- /dev/null
+++ b/src/main/java/app/controllers/other/CryptoController.java
@@ -0,0 +1,46 @@
+package app.controllers.other;
+
+import app.annotations.interfaces.CheckPermitionFlag;
+import app.annotations.interfaces.CheckWebAccess;
+import app.utils.CryptedCookie;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+@RestController
+@RequestMapping("/api/crypto")
+public class CryptoController {
+ private CryptedCookie cryptedCookie;
+
+ @Autowired
+ public CryptoController(CryptedCookie cryptedCookie) {
+ this.cryptedCookie = cryptedCookie;
+ }
+
+ @GetMapping
+ @CheckWebAccess
+ @CheckPermitionFlag
+ public HashMap<String, String> crypt(@RequestBody HashMap<String, String> need_crypt) {
+ return new HashMap<>() {{
+ need_crypt.entrySet().stream()
+ .map((item) -> Map.of("key", item.getKey(), "value", cryptedCookie.Hashed(item.getValue())))
+ .toList()
+ .forEach((m) -> put(m.get("key"), m.get("value")));
+ }};
+ }
+
+ @PostMapping
+ @CheckWebAccess
+ @CheckPermitionFlag
+ public HashMap<String, String> decrypt(@RequestBody HashMap<String, String> need_decrypt) {
+ return new HashMap<>() {{
+ need_decrypt.entrySet().stream()
+ .map((item) -> Map.of("key", item.getKey(), "value", cryptedCookie.ReadCh(item.getValue())))
+ .toList()
+ .forEach((m) -> put(m.get("key"), m.get("value")));
+ }};
+ }
+}
diff --git a/src/main/java/app/services/StatsService.java b/src/main/java/app/services/StatsService.java
index 7b101ad..0ec3b71 100644
--- a/src/main/java/app/services/StatsService.java
+++ b/src/main/java/app/services/StatsService.java
@@ -5,6 +5,7 @@ import app.entities.other.SteamID;
import app.entities.server.PlayOn;
import app.entities.server.Server;
import app.entities.server.players.RCONPlayer;
+import app.utils.CryptedCookie;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Service;
@@ -15,9 +16,12 @@ import java.util.Map;
public class StatsService {
Stats stats;
+ private CryptedCookie cryptedCookie;
+
@Autowired
- public StatsService (Stats stats) {
+ public StatsService (Stats stats, CryptedCookie cryptedCookie) {
this.stats = stats;
+ this.cryptedCookie = cryptedCookie;
}
public PlayOn searchPlayer(SteamID steamID){
@@ -26,7 +30,7 @@ public class StatsService {
if (player != null) return new PlayOn(
stringServerEntry.getKey(),
player.getId(),
- player.getIp(),
+ cryptedCookie.Hashed(player.getIp()),
player.getName());
}
return null;
diff --git a/src/main/java/app/services/steam/SteamSignIn.java b/src/main/java/app/services/steam/SteamSignIn.java
index 7dec77c..9b9110e 100644
--- a/src/main/java/app/services/steam/SteamSignIn.java
+++ b/src/main/java/app/services/steam/SteamSignIn.java
@@ -63,7 +63,7 @@ public class SteamSignIn {
}
}
- public ResponseEntity<Void> ConstructURLAndRedirect(boolean authentication_discord){
+ public ResponseEntity<Void> ConstructURLAndRedirect(boolean authentication_discord, String subdomain){
Matcher result = refinedScripts.matcher(responseURL);
if (!result.find() || result.group(0).isEmpty()){
responseURL = String.format("http://%s", responseURL);
@@ -72,8 +72,8 @@ public class SteamSignIn {
HashMap<String, String> authParameters = new HashMap<>();
authParameters.put("openid.ns", "http://specs.openid.net/auth/2.0");
authParameters.put("openid.mode", "checkid_setup");
- authParameters.put("openid.return_to", responseURL + "/" + (authentication_discord?"disco":"root"));
- authParameters.put("openid.realm", responseURL + "/" + (authentication_discord?"disco":"root"));
+ authParameters.put("openid.return_to", responseURL.replace("tf2", subdomain) + "/" + (authentication_discord?"disco":"root"));
+ authParameters.put("openid.realm", responseURL.replace("tf2", subdomain) + "/" + (authentication_discord?"disco":"root"));
authParameters.put("openid.identity", "http://specs.openid.net/auth/2.0/identifier_select");
authParameters.put("openid.claimed_id", "http://specs.openid.net/auth/2.0/identifier_select");