Ailur-Archives
/
hectabit-oauth2
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OpenID Proper token

This commit is contained in:
Tracker-Friendly 2024-03-30 19:19:57 +00:00
parent 23db9ed0fd
commit f5b1038289
1 changed files with 32 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
main
View File

@ -1,4 +1,5 @@
#!/usr/bin/python3 #!/usr/bin/python3
import jwt
import os import os
import sqlite3 import sqlite3
import time import time
@ -78,12 +79,26 @@ async def oauth2_token_refresh(openid, appId):
conn = get_db_connection() conn = get_db_connection()
# Fetch required data in a single query # Fetch required data in a single query
login_data = conn.execute("SELECT nextcode, nextsecret FROM logins WHERE appId = ? AND openid = ?", (str(appId), str(openid))).fetchone() login_data = conn.execute("SELECT nextcode, nextsecret, nextopenid FROM logins WHERE appId = ? AND openid = ?", (str(appId), str(openid))).fetchone()
datatemplate = {
"sub": user["username"],
"iss": "https://auth.hectabit.org",
"name": user["username"],
"aud": appId,
"exp": time.time() + 3600,
"iat": time.time(),
"auth_time": time.time(),
"nonce": str(secrets.token_hex(512))
}
jwt_token = jwt.encode(datatemplate, SECRET_KEY, algorithm='HS256')
if login_data: if login_data:
nextcode = login_data[0] nextcode = login_data[0]
nextsecret = login_data[1] nextsecret = login_data[1]
conn.execute("UPDATE logins SET code = ?, nextcode = ?, secret = ?, nextsecret = ? WHERE appId = ? AND openid = ?", (nextcode, str(secrets.token_hex(512)), nextsecret, str(secrets.token_hex(512)), str(appId), str(openid))) nextopenid = login_data[2]
conn.execute("UPDATE logins SET code = ?, nextcode = ?, secret = ?, nextsecret = ?, openid = ?, nextopenid = ? WHERE appId = ? AND openid = ?", (nextcode, str(secrets.token_hex(512)), nextsecret, str(secrets.token_hex(512)), nextopenid, str(jwt_token), str(appId), str(openid)))
conn.commit() conn.commit()
conn.close() conn.close()
await asyncio.sleep(3600) await asyncio.sleep(3600)
@ -238,8 +253,21 @@ async def apiauthenticate():
if not str(appidcheck) == str(appId): if not str(appidcheck) == str(appId):
return {}, 401 return {}, 401
conn.execute("INSERT INTO logins (appId, secret, nextsecret, code, nextcode, creator, openid) VALUES (?, ?, ?, ?, ?, ?, ?)", datatemplate = {
(str(appId), str(secretkey), str(secrets.token_hex(512)), str(secrets.token_hex(512)), str(secrets.token_hex(512)), int(user["id"]), str(secrets.token_hex(512)))) "sub": user["username"],
"iss": "https://auth.hectabit.org",
"name": user["username"],
"aud": appId,
"exp": time.time() + 3600,
"iat": time.time(),
"auth_time": time.time(),
"nonce": str(secrets.token_hex(512))
}
jwt_token = jwt.encode(datatemplate, SECRET_KEY, algorithm='HS256')
conn.execute("INSERT INTO logins (appId, secret, nextsecret, code, nextcode, creator, openid) VALUES (?, ?, ?, ?, ?, ?, ?)",
(str(appId), str(secretkey), str(secrets.token_hex(512)), str(secrets.token_hex(512)), str(secrets.token_hex(512)), int(user["id"]), str(jwt_token)))
conn.commit() conn.commit()
conn.close() conn.close()