discord auth

src/main/java/app/controllers/auth/AuthDiscordController.java

@@ -0,0 +1,107 @@
+package app.controllers.auth;
+
+import app.utils.CryptedCookie;
+import app.utils.CryptoMethods;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.*;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.client.RestTemplate;
+
+import java.net.URI;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+@RestController
+@RequestMapping("/api/auth/discord")
+public class AuthDiscordController {
+    private CryptedCookie cryptedCookie;
+
+    private RestTemplate restTemplate = new RestTemplate();
+
+    private final String processing = "https://discord.com/api/oauth2/authorize?client_id=684685147144060948&redirect_uri=https%3A%2F%2Ftf2.pblr-nyk.pro%2Fapi%2Fauth%2Fdiscord%2Fprocesslogin&response_type=token&scope=identify";
+
+    private final Logger logger = LoggerFactory.getLogger(this.getClass());
+
+    @Autowired
+    public AuthDiscordController(CryptedCookie cryptedCookie) {
+        this.cryptedCookie = cryptedCookie;
+    }
+
+    @GetMapping("login")
+    public ResponseEntity Login() {
+        return ResponseEntity.status(HttpStatus.SEE_OTHER).
+                header("Content-Type", "application/x-www-form-urlencoded").
+                location(URI.create(processing))
+                .build();
+    }
+
+    @GetMapping("logout")
+    public ResponseEntity Logout(HttpServletResponse response) {
+        Cookie cookie_discord = new Cookie("discord", "");
+        cookie_discord.setMaxAge(0);
+        cookie_discord.setDomain("tf2.pblr-nyk.pro");
+        cookie_discord.setPath("/");
+        response.addCookie(cookie_discord);
+        return ResponseEntity.status(HttpStatus.FOUND).
+                header("Location", "/discord_auth")
+                .build();
+    }
+
+    @GetMapping("processlogin")
+    public ResponseEntity ProcessLogin(HttpServletResponse response, @RequestParam Map<String, String> auth_result){
+        if (auth_result.isEmpty()) {
+            String html = """
+<!DOCTYPE HTML>
+<html>
+<head><title>Discord Auth Continue...</title></head>
+<body>
+    <script type="text/javascript">
+        if(window.location.hash) {
+            alert(window.location.hash);
+            let url = window.location.origin +  window.location.pathname + "?" + window.location.hash.substring(1);
+            window.location.replace(url);
+        } else {
+            alert("discord auth failed");
+        }
+    </script>
+</body>
+</html>
+                """;
+            return new ResponseEntity(html, HttpStatus.OK);
+        }
+
+        String uid = (String) getDiscordData(auth_result.get("access_token")).get("id");
+        if (uid == null) return ResponseEntity.status(401).build();
+        logger.info(uid);
+        Cookie cookie_discord = new Cookie("discord", cryptedCookie.Hashed(auth_result.get("access_token")));
+        cookie_discord.setPath("/");
+        cookie_discord.setDomain("tf2.pblr-nyk.pro");
+        cookie_discord.setMaxAge(Integer.parseInt(auth_result.get("expires_in")));
+        response.addCookie(cookie_discord);
+
+        return ResponseEntity.status(HttpStatus.FOUND).
+                header("Location", "/discord_auth")
+                .build();
+    }
+
+    @GetMapping
+    public ResponseEntity<HashMap<String, String>> aboutMe(@CookieValue(value = "discord", defaultValue = "") String discord_token) {
+        if (discord_token.isEmpty()) return ResponseEntity.status(401).build();
+        if (!cryptedCookie.Validate(discord_token)) return ResponseEntity.status(401).build();
+        String access_token = cryptedCookie.ReadCh(discord_token);
+        return new ResponseEntity<>(getDiscordData(access_token), HttpStatus.OK);
+    }
+
+    public HashMap<String, String> getDiscordData(String access_token) {
+        HttpHeaders headers = new HttpHeaders();
+        headers.add("authorization", String.format("Bearer %s", access_token));
+        HttpEntity entity = new HttpEntity<>("<body>", headers);
+        return restTemplate.exchange("https://discord.com/api/users/@me", HttpMethod.GET, entity, HashMap.class).getBody();
+    }
+}

src/main/java/app/controllers/AuthController.java → src/main/java/app/controllers/auth/AuthSteamController.java

@@ -1,4 +1,4 @@
-package app.controllers;
+package app.controllers.auth;
 
 import app.services.steam.SteamSignIn;
 import app.utils.SaltedCookie;
@@ -12,17 +12,16 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
-import java.net.URI;
 import java.util.Map;
 
 @RestController
 @RequestMapping("/api/auth")
-public class AuthController {
+public class AuthSteamController {
     private SteamSignIn steamSignIn;
     private SaltedCookie saltedCookie;
 
     @Autowired
-    public AuthController(SteamSignIn steamSignIn, SaltedCookie saltedCookie){
+    public AuthSteamController(SteamSignIn steamSignIn, SaltedCookie saltedCookie){
         this.steamSignIn = steamSignIn;
         this.saltedCookie = saltedCookie;
     }
@@ -42,7 +41,7 @@ public class AuthController {
         Cookie cookie_steam64_secured = new Cookie("steam64_secured", "");
         cookie_steam64_secured.setMaxAge(0);
         cookie_steam64_secured.setDomain("tf2.pblr-nyk.pro");
-        cookie_steam64.setPath("/");
+        cookie_steam64_secured.setPath("/");
         response.addCookie(cookie_steam64_secured);
         return ResponseEntity.status(HttpStatus.FOUND).
                 header("Location", "/")

src/main/resources/application.yaml

@@ -37,6 +37,9 @@ backend:
     salt: ${AUTH_SALT}
     steam_api_key: ${STEAM_WEBAPI_KEY}
     response_redirect: ${AUTH_REDIRECT}
+    crypto:
+      key: nc9TD1OkGaZ/9gMKO25lPD29uwvDfcDucUX67HiMGvw=
+      iv: ErWw6Ynxr7eoEWqBE+4cmQ==
   social:
     discord: ${DISCORD_INVITE_URL}
     vk: ${VK_URL}