CatAClock/Fedi.CrowdedGames.Group
CatAClock/Fedi.CrowdedGames.Group
0
0
Fork 0
Code Issues Pull requests Activity

401 error now

Browse source
This commit is contained in:
CatAClock 2025-04-29 14:14:10 -07:00
parent 96432b006a
commit 7262b2ec32
2 changed files with 22 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
JS/BlueskyAPI.js
View file

@ -36,26 +36,31 @@ export async function CreatePKCECodeChallenge(CodeVerifier) {
// Component 3/4 // Component 3/4
export async function PARrequest(PAREndpoint, State, ChallengeCode) { export async function PARrequest(PAREndpoint, State, ChallengeCode) {
return fetch(PAREndpoint, {method: "POST", body: new URLSearchParams({ response_type: "code", code_challenge_method: "S256", scope: "atproto transition:generic", client_id: "https://fedi.crowdedgames.group/oauth/client-metadata.json", redirect_uri: "https://fedi.crowdedgames.group/HTML/setting.html", code_challenge: ChallengeCode, state: State, login_hint: "crowdedgames.group" }), "Content-Type": "application/x-www-form-urlencoded"}); return fetch(PAREndpoint, {method: "POST", body: new URLSearchParams({ response_type: "code", code_challenge_method: "S256", scope: "atproto transition:generic", client_id: "https://fedi.crowdedgames.group/oauth/client-metadata.json", redirect_uri: "https://fedi.crowdedgames.group/HTML/setting.html", code_challenge: ChallengeCode, state: State, login_hint: "crowdedgames.group" }), headers: {"Content-Type": "application/x-www-form-urlencoded"}});
}
export async function AuthRequest(TokenEndpoint, ChallengeVerifier, code, DPoP) {
return fetch(TokenEndpoint, {method: "POST", body: new URLSearchParams({ grant_type: "authorization_code", code: code, client_id: "https://fedi.crowdedgames.group/oauth/client-metadata.json", redirect_uri: "https://fedi.crowdedgames.group/HTML/setting.html", code_verifier: ChallengeVerifier}), headers: { "DPoP": DPoP, "Content-Type": "application/x-www-form-urlencoded"}});
} }
// Component 4/4 // Component 4/4
export async function ClientDPoP(POSTorGET, RequestURL, DPoPNonce, publicKey) { export async function ClientDPoP(POSTorGET, RequestURL, DPoPNonce) {
let KeyPair = await crypto.subtle.generateKey({name: "ECDSA", namedCurve: "P-256"}, true, ["sign", "verify"]); let KeyPair = await crypto.subtle.generateKey({name: "ECDSA", namedCurve: "P-256"}, true, ["sign", "verify"]);
// Header // Header
var Header = {alg: "HS256", typ: "dpop+jwt", jwk: await crypto.subtle.exportKey("jwk", KeyPair.publicKey).then(function(response) {return response})}; var Header = {alg: "ES256", typ: "dpop+jwt", jwk: await crypto.subtle.exportKey("jwk", KeyPair.publicKey).then(function(response) {return response})};
// Payload // Payload
var Payload = {}; var Payload = {};
Payload.jti = GenerateToken(64); Payload.jti = GenerateToken(64);
Payload.htm = POSTorGET; Payload.htm = POSTorGET;
Payload.htu = RequestURL; Payload.htu = RequestURL;
Payload.iat = Math.floor(new Date(Date.now()).getTime() / 1000); Payload.iat = Math.floor(new Date(Date.now()).getTime() / 1000);
Payload.iss = "https://fedi.crowdedgames.group/oauth/client-metadata.json";
Payload.nonce = DPoPNonce; Payload.nonce = DPoPNonce;
var sHeader = JSON.stringify(Header); var sHeader = JSON.stringify(Header);
var sPayload = JSON.stringify(Payload); var sPayload = JSON.stringify(Payload);
var JWT = KJUR.jws.JWS.sign("HS256", sHeader, sPayload, "616161"); var JWT = KJUR.jws.JWS.sign("ES256", sHeader, sPayload, await crypto.subtle.exportKey("jwk", KeyPair.privateKey).then(function(response) {return response}));
console.log(JWT); console.log(JWT);
return JWT; return JWT;
} }
@ -109,8 +114,15 @@ export async function HandleAuthorization(BlueskyPKCEverifer, BlueskyPKCEchallen
document.location.href = "https://bsky.social/oauth/authorize?client_id=https://fedi.crowdedgames.group/oauth/client-metadata.json&request_uri=" + body.request_uri; document.location.href = "https://bsky.social/oauth/authorize?client_id=https://fedi.crowdedgames.group/oauth/client-metadata.json&request_uri=" + body.request_uri;
} }
export async function GainTokens() { export async function GainTokens(PKCEcodeName, NonceName) {
if ((document.location.href.split("state=").length > 1 && document.location.href.split("iss=").length > 1 && document.location.href.split("code=").length > 1) && document.cookie.split("; ").find((row) => row.startsWith(PKCEcodeName + "="))?.split("=").length > 1) {
let DPoP = ClientDPoP("POST", "https://bsky.social/oauth/token", document.cookie.split("; ").find((row) => row.startsWith(NonceName + "="))?.split("=")[1]);
let PKCE = document.cookie.split("; ").find((row) => row.startsWith(PKCEcodeName + "="))?.split("=")[1];
let code = document.location.href.split("code=")[1];
console.log(code);
let Auth = AuthRequest("https://bsky.social/oauth/token", PKCE, code, DPoP);
console.log(AuthRequest);
}
} }
// Stolen from elsewhere. // Stolen from elsewhere.

7
JS/setting.js
View file

@ -79,12 +79,13 @@ BlueskyLogoutButton.onclick = (event) => {
document.cookie = BlueskyPKCEverifer + "=nothing;" + ";samesite=strict;path=/;expires=Thu, 01 Jan 1970 00:00:00 GMT;"; document.cookie = BlueskyPKCEverifer + "=nothing;" + ";samesite=strict;path=/;expires=Thu, 01 Jan 1970 00:00:00 GMT;";
document.cookie = BlueskyPKCEchallenge + "=nothing;" + ";samesite=strict;path=/;expires=Thu, 01 Jan 1970 00:00:00 GMT;"; document.cookie = BlueskyPKCEchallenge + "=nothing;" + ";samesite=strict;path=/;expires=Thu, 01 Jan 1970 00:00:00 GMT;";
document.cookie = BlueskyNonce + "=nothing;" + ";samesite=strict;path=/;expires=Thu, 01 Jan 1970 00:00:00 GMT;"; document.cookie = BlueskyNonce + "=nothing;" + ";samesite=strict;path=/;expires=Thu, 01 Jan 1970 00:00:00 GMT;";
document.location.href = document.location.href;
} }
// if an access token is found, login. // if an access token is found, login.
function CheckLogin() { function CheckLogin() {
// Check for a mastodon token. // Check for a mastodon token.
if (document.cookie.split("; ").find((row) => row.startsWith(MastodonAccessToken + "="))?.split("=").length > 1 || document.location.href.split("code=").length == 1) { if (document.cookie.split("; ").find((row) => row.startsWith(MastodonAccessToken + "="))?.split("=").length > 1 && document.location.href.split("code=").length == 1) {
// Swap the buttons // Swap the buttons
MastodonLoginButton.remove(); MastodonLoginButton.remove();
MastodonWebInput.remove(); MastodonWebInput.remove();
@ -93,14 +94,14 @@ function CheckLogin() {
// Auto log in // Auto log in
MastodonAPI.GainToken(MastodonWebsite, MastodonClientID, MastodonClientSecret, MastodonAccessToken, MastodonTokenType); MastodonAPI.GainToken(MastodonWebsite, MastodonClientID, MastodonClientSecret, MastodonAccessToken, MastodonTokenType);
} }
if ((document.location.href.split("state=").length == 1 && document.location.href.split("iss==").length == 1 && document.location.href.split("code=").length == 1) || || document.cookie.split("; ").find((row) => row.startsWith(BlueskyAccessToken + "="))?.split("=").length > 1) { if ((document.location.href.split("state=").length == 1 && document.location.href.split("iss=").length == 1 && document.location.href.split("code=").length == 1) && document.cookie.split("; ").find((row) => row.startsWith(BlueskyAccessToken + "="))?.split("=").length > 1) {
// Swap the buttons // Swap the buttons
BlueskyLoginButton.remove(); BlueskyLoginButton.remove();
BlueskyWebInput.remove(); BlueskyWebInput.remove();
BlueskyLogoutButton.setAttribute("style", ""); BlueskyLogoutButton.setAttribute("style", "");
} else { } else {
// Auto log in // Auto log in
BlueskyAPI.GainTokens(); BlueskyAPI.GainTokens(BlueskyPKCEchallenge, BlueskyNonce);
} }
// Check for a bluesky token. // Check for a bluesky token.
} }