Ailur-Archives
/
hectabit-oauth2
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OpenID Proper token

This commit is contained in:
Tracker-Friendly 2024-03-30 19:19:57 +00:00
parent 23db9ed0fd
commit f5b1038289
1 changed files with 32 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
main
View File

@ -1,4 +1,5 @@
#!/usr/bin/python3 #!/usr/bin/python3
import jwt
import os import os
import sqlite3 import sqlite3
import time import time
@ -78,12 +79,26 @@ async def oauth2_token_refresh(openid, appId):
conn = get_db_connection() conn = get_db_connection()
# Fetch required data in a single query # Fetch required data in a single query
login_data = conn.execute("SELECT nextcode, nextsecret FROM logins WHERE appId = ? AND openid = ?", (str(appId), str(openid))).fetchone() login_data = conn.execute("SELECT nextcode, nextsecret, nextopenid FROM logins WHERE appId = ? AND openid = ?", (str(appId), str(openid))).fetchone()
datatemplate = {
"sub": user["username"],
"iss": "https://auth.hectabit.org",
"name": user["username"],
"aud": appId,
"exp": time.time() + 3600,
"iat": time.time(),
"auth_time": time.time(),
"nonce": str(secrets.token_hex(512))
}
jwt_token = jwt.encode(datatemplate, SECRET_KEY, algorithm='HS256')
if login_data: if login_data:
nextcode = login_data[0] nextcode = login_data[0]
nextsecret = login_data[1] nextsecret = login_data[1]
conn.execute("UPDATE logins SET code = ?, nextcode = ?, secret = ?, nextsecret = ? WHERE appId = ? AND openid = ?", (nextcode, str(secrets.token_hex(512)), nextsecret, str(secrets.token_hex(512)), str(appId), str(openid))) nextopenid = login_data[2]
conn.execute("UPDATE logins SET code = ?, nextcode = ?, secret = ?, nextsecret = ?, openid = ?, nextopenid = ? WHERE appId = ? AND openid = ?", (nextcode, str(secrets.token_hex(512)), nextsecret, str(secrets.token_hex(512)), nextopenid, str(jwt_token), str(appId), str(openid)))
conn.commit() conn.commit()
conn.close() conn.close()
await asyncio.sleep(3600) await asyncio.sleep(3600)
@ -238,8 +253,21 @@ async def apiauthenticate():
if not str(appidcheck) == str(appId): if not str(appidcheck) == str(appId):
return {}, 401 return {}, 401
datatemplate = {
"sub": user["username"],
"iss": "https://auth.hectabit.org",
"name": user["username"],
"aud": appId,
"exp": time.time() + 3600,
"iat": time.time(),
"auth_time": time.time(),
"nonce": str(secrets.token_hex(512))
}
jwt_token = jwt.encode(datatemplate, SECRET_KEY, algorithm='HS256')
conn.execute("INSERT INTO logins (appId, secret, nextsecret, code, nextcode, creator, openid) VALUES (?, ?, ?, ?, ?, ?, ?)", conn.execute("INSERT INTO logins (appId, secret, nextsecret, code, nextcode, creator, openid) VALUES (?, ?, ?, ?, ?, ?, ?)",
(str(appId), str(secretkey), str(secrets.token_hex(512)), str(secrets.token_hex(512)), str(secrets.token_hex(512)), int(user["id"]), str(secrets.token_hex(512)))) (str(appId), str(secretkey), str(secrets.token_hex(512)), str(secrets.token_hex(512)), str(secrets.token_hex(512)), int(user["id"]), str(jwt_token)))
conn.commit() conn.commit()
conn.close() conn.close()