From 8814387151d3e72730cda9bd033de8de9dbd8eff Mon Sep 17 00:00:00 2001
From: Tracker-Friendly <jliwin98@danwin1210.de>
Date: Thu, 18 Apr 2024 16:42:13 +0100
Subject: [PATCH] Verify redirects

---
 main       | 9 +++++++--
 schema.sql | 3 ++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/main b/main
index e2b2c0e..a382fcd 100644
--- a/main
+++ b/main
@@ -267,6 +267,10 @@ async def apiauthenticate():
         if not str(appidcheck) == str(appId):
             return {}, 401
 
+        rdircheck = str(conn.execute("SELECT rdiruri FROM oauth WHERE appId = ?", (str(appId),)).fetchone()[0])
+        if not str(rdircheck) == str(redirect_uri):
+            return {}, 401
+
         datatemplate = {
             "sub": user["username"],
             "iss": "https://auth.hectabit.org",
@@ -389,6 +393,7 @@ async def apicreateauth():
         appId = data["appId"]
         secretKey = data["secretKey"]
         secret = str(secrets.token_hex(512))
+        rdiruri = data["rdiruri"]
         conn = get_db_connection()
         while True:
             try:
@@ -409,8 +414,8 @@ async def apicreateauth():
         userCookie = get_session(secretKey)
         user = get_user(userCookie["id"])
 
-        conn.execute("INSERT INTO oauth (appId, creator, secret) VALUES (?, ?, ?)",
-                         (str(appId),int(user["id"]),str(secret)))
+        conn.execute("INSERT INTO oauth (appId, creator, secret, rdiruri) VALUES (?, ?, ?, ?)",
+                         (str(appId),int(user["id"]),str(secret),str(rdiruri)))
         conn.commit()
         conn.close()
         secretkey = {
diff --git a/schema.sql b/schema.sql
index 4ac8094..29e4f30 100644
--- a/schema.sql
+++ b/schema.sql
@@ -40,5 +40,6 @@ CREATE TABLE logins (
 CREATE TABLE oauth (
     appId TEXT NOT NULL,
     secret TEXT NOT NULL,
-    creator INTEGER NOT NULL
+    creator INTEGER NOT NULL,
+    rdiruri TEXT NOT NULL
 )