Compare commits
6 commits
Author | SHA1 | Date | |
---|---|---|---|
0638ed6601 | |||
79a00f0866 | |||
e6bf86caa9 | |||
04fb803330 | |||
850d0af0bb | |||
9e02980415 |
4 changed files with 105 additions and 50 deletions
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"ContractCheckSum": "none",
|
||||
"ContractCheckSum": "5e4375b9e8214ed4183659114735a94ac26033d7",
|
||||
"AuthServerPort": 9096,
|
||||
"WalletFile": "none",
|
||||
"EndpointUrl": "url",
|
||||
"WalletFile": "../../frostfs-aio/morph/node-wallet.json",
|
||||
"EndpointUrl": "http://localhost:30333",
|
||||
"AccountSecret": "one"
|
||||
}
|
|
@ -3,10 +3,6 @@ package main
|
|||
import (
|
||||
"auth-server/logic"
|
||||
"context"
|
||||
"net/url"
|
||||
"os"
|
||||
"strconv"
|
||||
|
||||
"github.com/go-oauth2/oauth2/v4/errors"
|
||||
"github.com/go-oauth2/oauth2/v4/manage"
|
||||
"github.com/go-oauth2/oauth2/v4/server"
|
||||
|
@ -16,10 +12,12 @@ import (
|
|||
"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
|
||||
"github.com/nspcc-dev/neo-go/pkg/util"
|
||||
"github.com/nspcc-dev/neo-go/pkg/wallet"
|
||||
|
||||
"log"
|
||||
"log/slog"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"strconv"
|
||||
)
|
||||
|
||||
func main() {
|
||||
|
@ -98,12 +96,12 @@ func main() {
|
|||
r.Form.Add("grant_type", r.URL.Query().Get("grant_type"))
|
||||
r.Form.Add("scope", r.URL.Query().Get("scope"))
|
||||
|
||||
srv.HandleTokenRequest(w, r) // verifying secret
|
||||
srv.HandleTokenRequest(w, r) // grants access token
|
||||
})
|
||||
|
||||
http.HandleFunc("/register", func(writer http.ResponseWriter, request *http.Request) {
|
||||
id := request.Header.Get("client_id")
|
||||
secret := request.Header.Get("client_secret")
|
||||
id := request.URL.Query().Get("client_id")
|
||||
secret := request.URL.Query().Get("client_secret")
|
||||
|
||||
// check whether client exists
|
||||
_, err := blockchainStorage.GetByID(context.Background(), id)
|
||||
|
@ -115,16 +113,6 @@ func main() {
|
|||
return
|
||||
}
|
||||
|
||||
/* redundant
|
||||
// add client's credentials to in memory storage
|
||||
err = logic.AddInMemoryClient(id, "", "", false)
|
||||
if err != nil {
|
||||
slog.Error("Fault during setting client credentials", err)
|
||||
writer.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
*/
|
||||
|
||||
// add client's credentials to blockchain
|
||||
err = blockchainStorage.Set(&logic.StorageClientInfo{
|
||||
Id: id,
|
||||
|
@ -137,14 +125,10 @@ func main() {
|
|||
return
|
||||
}
|
||||
|
||||
writer.WriteHeader(http.StatusOK)
|
||||
redirectURL := "/login.html"
|
||||
http.Redirect(writer, request, redirectURL, http.StatusSeeOther)
|
||||
})
|
||||
|
||||
// for tests, can access only with valid token (when logged in)
|
||||
http.HandleFunc("/protected", logic.ValidateToken(func(w http.ResponseWriter, r *http.Request) {
|
||||
w.Write([]byte("Hello, I'm protected"))
|
||||
}, srv))
|
||||
|
||||
// can access only with valid token (when logged in), deletes client
|
||||
http.HandleFunc("/delete", logic.ValidateToken(func(w http.ResponseWriter, r *http.Request) {
|
||||
id := r.Header.Get("client_id")
|
||||
|
@ -167,10 +151,6 @@ func main() {
|
|||
w.Write([]byte(errorMessage))
|
||||
}
|
||||
|
||||
/* redundant
|
||||
logic.DeleteInMemoryClient(id)
|
||||
*/
|
||||
|
||||
}, srv))
|
||||
|
||||
// can access only with valid token (when logged in), deletes client and creates new one with another secret
|
||||
|
@ -196,21 +176,6 @@ func main() {
|
|||
w.Write([]byte(errorMessage))
|
||||
}
|
||||
|
||||
/* redundant
|
||||
logic.DeleteInMemoryClient(id)
|
||||
*/
|
||||
|
||||
/*
|
||||
// add client with new credentials to in memory storage
|
||||
err = logic.AddInMemoryClient(id, "", "", false)
|
||||
if err != nil {
|
||||
slog.Error(errorMessage+" (caused by in memory storage) for client with id: "+id, err)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
w.Write([]byte(errorMessage))
|
||||
return
|
||||
}
|
||||
*/
|
||||
|
||||
// add client with new credentials to blockchain
|
||||
err = blockchainStorage.Set(&logic.StorageClientInfo{
|
||||
Id: id,
|
||||
|
@ -233,6 +198,11 @@ func main() {
|
|||
outputHTML(w, r, "static/register.html")
|
||||
})
|
||||
|
||||
// can access only with valid token (when logged in)
|
||||
http.HandleFunc("/verify", logic.ValidateToken(func(w http.ResponseWriter, r *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}, srv))
|
||||
|
||||
log.Fatal(http.ListenAndServe(":"+strconv.Itoa(config.AuthServerPort), nil))
|
||||
}
|
||||
|
||||
|
|
|
@ -12,9 +12,11 @@
|
|||
background-color: black;
|
||||
color: white;
|
||||
}
|
||||
|
||||
label {
|
||||
font-size: 20px;
|
||||
}
|
||||
|
||||
input {
|
||||
background-color: #282828;
|
||||
border: none;
|
||||
|
@ -24,6 +26,7 @@
|
|||
margin-bottom: 20px;
|
||||
padding: 10px;
|
||||
}
|
||||
|
||||
button {
|
||||
background-color: #4CAF50;
|
||||
border: none;
|
||||
|
@ -32,6 +35,7 @@
|
|||
padding: 10px 20px;
|
||||
margin-top: 20px;
|
||||
}
|
||||
|
||||
button:hover {
|
||||
background-color: #3e8e41;
|
||||
}
|
||||
|
@ -60,15 +64,21 @@
|
|||
const userLogin = document.querySelector('input[name="user_login"]').value;
|
||||
const clientSecret = document.querySelector('input[name="client_secret"]').value;
|
||||
const backRedirectionAddress = new URLSearchParams(window.location.search).get('back_redirection_address');
|
||||
fetch(`http://auth-server/login?user_login=${userLogin}&client_secret=${clientSecret}`)
|
||||
fetch(`http://localhost:9096/login?client_id=${userLogin}&client_secret=${clientSecret}&scope=all&grant_type=client_credentials`)
|
||||
.then(response => response.json())
|
||||
.then(data => {
|
||||
const accessToken = data.access_token;
|
||||
window.location.href = `${backRedirectionAddress}?access_token=${accessToken}&user_login=${userLogin}`;
|
||||
|
||||
window.location.href = `https://${backRedirectionAddress}?access_token=${accessToken}&user_login=${userLogin}`;
|
||||
})
|
||||
.catch(error => console.error(error));
|
||||
});
|
||||
</script>
|
||||
</body>
|
||||
|
||||
</html>
|
||||
</html>
|
||||
|
||||
<style>
|
||||
.btn-primary {
|
||||
margin-top: 10px;
|
||||
}
|
||||
</style>
|
75
index.html
Normal file
75
index.html
Normal file
|
@ -0,0 +1,75 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Hacker Token Verifier</title>
|
||||
<script src="script.js"></script>
|
||||
<style> body {
|
||||
background-color: #000;
|
||||
color: #0f0;
|
||||
font-family: 'Courier New', monospace;
|
||||
display: flex;
|
||||
justify-content: center;
|
||||
align-items: center;
|
||||
height: 100vh;
|
||||
margin: 0;
|
||||
}
|
||||
|
||||
.container {
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
button, input {
|
||||
background-color: #000;
|
||||
color: #0f0;
|
||||
border: 2px solid #0f0;
|
||||
padding: 5px 10px;
|
||||
font-size: 16px;
|
||||
cursor: pointer;
|
||||
}
|
||||
|
||||
input[type="text"] {
|
||||
margin-top: 10px;
|
||||
width: 300px;
|
||||
}
|
||||
|
||||
.message {
|
||||
margin-top: 10px;
|
||||
} </style>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<div class="container">
|
||||
<button id="login">Login via oauth</button>
|
||||
<div class="message"></div>
|
||||
<input type="text" id="input-token" placeholder="Enter token">
|
||||
<button id="verify-token">Verify Token</button>
|
||||
</div>
|
||||
</body>
|
||||
|
||||
<script>
|
||||
const generateTokenButton = document.getElementById('login');
|
||||
const inputToken = document.getElementById('input-token');
|
||||
const verifyTokenButton = document.getElementById('verify-token');
|
||||
const message = document.querySelector('.message');
|
||||
|
||||
generateTokenButton.addEventListener('click', () => {
|
||||
// ALARM ТУТ ЗАХАРДКОЖЕНОООООО
|
||||
const token = '12345';
|
||||
navigator.clipboard.writeText(token);
|
||||
message.textContent = 'Token copied to clipboard: ' + token;
|
||||
});
|
||||
|
||||
verifyTokenButton.addEventListener('click', () => {
|
||||
const token = inputToken.value;
|
||||
|
||||
// ALARM ТУТ ЗАХАРДКОЖЕНОООООО
|
||||
const correctToken = '12345';
|
||||
if (token === correctToken) {
|
||||
message.textContent = 'Token is correct';
|
||||
} else {
|
||||
message.textContent = 'Token is incorrect';
|
||||
}
|
||||
});
|
||||
</script>
|
Loading…
Reference in a new issue