From 9cc70382730f7ef3e1f19427704250bc51da7a08 Mon Sep 17 00:00:00 2001
From: CatAClock <CatAClock@proton.me>
Date: Mon, 28 Apr 2025 15:22:29 -0700
Subject: [PATCH] Mastodon Bug Fixes

---
 HTML/mail.html    |  8 ++++++--
 JS/BlueskyAPI.js  | 11 +++--------
 JS/MastodonAPI.js | 22 +++++++++++-----------
 JS/mail.js        | 33 ++++++++++++++++++++-------------
 4 files changed, 40 insertions(+), 34 deletions(-)

diff --git a/HTML/mail.html b/HTML/mail.html
index 1e3f68c..7f38b5f 100644
--- a/HTML/mail.html
+++ b/HTML/mail.html
@@ -17,8 +17,12 @@
 		<section style="position: absolute; width: 100%; height: 100%" class="Notifications"></section>
 		<header style="position: relative; z-index: 1;">
 			<h1>Mail</h1>
-			<p class="Login"><em>Login</em></p>
-			<p class="Logout" style="visibility: hidden;"><em>Logout</em></p>
+			<p class="Login Mastodon"><em>Login</em></p>
+			<input type="text" minlength="6" class="WebInput Mastodon" required />
+			<p class="Logout Mastodon" style="visibility: hidden;"><em>Logout</em></p>
+			<p class="Login Bluesky"><em>Login</em></p>
+			<input type="text" minlength="6" class="WebInput Bluesky" required />
+			<p class="Logout Bluesky" style="visibility: hidden;"><em>Logout</em></p>
 			<p onclick="history.back()"><b>Back</b></p>
 		</header>
 	</body>
diff --git a/JS/BlueskyAPI.js b/JS/BlueskyAPI.js
index be0afb5..20c6464 100644
--- a/JS/BlueskyAPI.js
+++ b/JS/BlueskyAPI.js
@@ -36,14 +36,9 @@ export async function CreatePKCECodeChallenge(CodeVerifier) {
 }
 
 // Component 3/4
-export async function CreatePAR() {
-	let WellKnown = await GetPDSWellKnown();
-	// Some verification mechanism with PAR
-	let PAREndpoint = WellKnown.pushed_authorization_request_endpoint;
-	
-	
-	// Token goes into the authorization endpoint
-	let AuthEndpoint = WellKnown.authorization_endpoint;
+export async function PARrequest(PAREndpoint, State, ChallengeCode) {
+	return await fetch(PAREndpoint, {method: "POST", body: new URLSearchParams({ response_type: "code", code_challenge_method: "S256", scope: "atproto transition:generic", client_id: "https://fedi.crowdedgames.group/oauth/client-metadata.json", redirect_uri: "https://fedi.crowdedgames.group/HTML/mail.html", code_challenge: ChallengeCode, state: State, login_hint: "crowdedgames.group" }), "Content-Type": "application/x-www-form-urlencoded"})
+	.then((response) => response.json());
 }
 
 // Component 4/4
diff --git a/JS/MastodonAPI.js b/JS/MastodonAPI.js
index c5b56ca..405b6b3 100644
--- a/JS/MastodonAPI.js
+++ b/JS/MastodonAPI.js
@@ -1,4 +1,5 @@
 export const Scopes = "read write follow push";
+let Origin = location.href;
 
 // Gets the public timeline.
 export async function GetPublicTimeline(Local = false, Remote = false, Website) {
@@ -66,22 +67,21 @@ export async function GetNotifications(Website, MastodonAccessToken, MastodonTok
 // The first step to using the app.
 export async function HandleAuthentication(Website, CookieClientID, CookieClientSecret) {
 	// See if the user is smart enough to put https.
-	let InstanceData;
-	if (!Website.toLowerCase().split("://")[0].includes("https")) {
-		// Quickly check to see if it has something before :// so it doesn't screw the link.
-		if (Website.toLowerCase().split("://").length > 1) {
-			Website = "https://" + Website.split("://")[1];
-		} else {
-			Website = "https://" + Website;
-		}
-		InstanceData = await fetch(Website + "/api/v1/apps?client_name=Channel Viewer&redirect_uris=" + Origin + "&scopes=" + ActivityPub.Scopes, {method: "POST"})
-		.then((response) => response.json());
+	let InstanceData = "";
+	// Quickly check to see if it has something before :// so it doesn't screw the link.
+	if (Website.toLowerCase().split("://").length > 1) {
+		Website = "https://" + Website.split("://")[1];
+	} else {
+		Website = "https://" + Website;
 	}
+	console.log(Website);
+	InstanceData = await fetch(Website + "/api/v1/apps?client_name=Channel Viewer&redirect_uris=" + Origin + "&scopes=" + Scopes, {method: "POST"})
+	.then((response) => response.json());
 	// Save the client stuff as cookies.
 	document.cookie = CookieClientID + "=" + InstanceData.client_id + ";samesite=strict;path=/;expires=9999-01-01;";
 	document.cookie = CookieClientSecret +  "=" + InstanceData.client_secret + ";samesite=strict;path=/;expires=9999-01-01;";
 	// Now authenticate the app.
-	document.location.href = Website + "/oauth/authorize?client_id=" + InstanceData.client_id + "&redirect_uri=" + Origin + "&response_type=code&scope=" + ActivityPub.Scopes;
+	document.location.href = Website + "/oauth/authorize?client_id=" + InstanceData.client_id + "&redirect_uri=" + Origin + "&response_type=code&scope=" + Scopes;
 }
 
 // This specific functino goes after HandleAuthentication for when login happens.
diff --git a/JS/mail.js b/JS/mail.js
index e316836..55e965f 100644
--- a/JS/mail.js
+++ b/JS/mail.js
@@ -2,9 +2,12 @@ import * as MastodonAPI from "./MastodonAPI.js";
 import * as BlueskyAPI from "./BlueskyAPI.js";
 import * as TumblrAPI from "./TumblrAPI.js";
 
-let LoginButton = document.getElementsByClassName("Login")[0];
-let LogoutButton = document.getElementsByClassName("Logout")[0];
-let Origin = window.location.origin + "/HTML/mail"
+let MastodonLoginButton = document.getElementsByClassName("Login Mastodon")[0];
+let MastodonWebInput = document.getElementsByClassName("WebInput Mastodon")[0];
+let MastodonLogoutButton = document.getElementsByClassName("Logout Mastodon")[0];
+let BlueskyLoginButton = document.getElementsByClassName("Login Bluesky")[0];
+let BlueskyWebInput = document.getElementsByClassName("WebInput Bluesky")[0];
+let BlueskyLogoutButton = document.getElementsByClassName("Logout Bluesky")[0];
 
 // Mastodon
 let MastodonWebsite = "https://wetdry.world";
@@ -20,11 +23,13 @@ let BlueskyPDS = "https://bsky.social";
 // Tumblr
 let TumblrWebsite = "https://www.tumblr.com";
 
-LoginButton.onclick = (event) => {
-	MastodonAPI.HandleAuthentication(MastodonWebsite, MastodonClientID, MastodonClientSecret);
+MastodonLoginButton.onclick = (event) => {
+	if (MastodonWebInput != "") {
+		MastodonAPI.HandleAuthentication(MastodonWebsite, MastodonClientID, MastodonClientSecret);
+	}
 }
 
-LogoutButton.onclick = (event) => {
+MastodonLogoutButton.onclick = (event) => {
 	document.cookie = MastodonAccessToken + "=nothing;" + ";samesite=strict;path=/;expires=0000-01-01;";
 	document.cookie = MastodonTokenType + "=nothing;" + ";samesite=strict;path=/;expires=0000-01-01;";
 	console.log("Cleared the access token.");
@@ -98,21 +103,23 @@ BlueskyAPI.ClientDPoP();
 BlueskyAPI.AssertionJWT("Nothing");
 
 async function BlueskyTestingAuthorization() {
+	// Declare Variables
 	let WellKnown = await BlueskyAPI.GetPDSWellKnown();
 	let PAREndpoint = WellKnown.pushed_authorization_request_endpoint;
 	
-	let TestingState = generateToken(64);
+	let State = generateToken(64);
 	
-	let TestingVerifier = await BlueskyAPI.CreatePKCECodeVerifier()
-	let TestingChallenge = await BlueskyAPI.CreatePKCECodeChallenge(TestingVerifier);
+	let PKCEverifier = await BlueskyAPI.CreatePKCECodeVerifier();
+	let PKCEchallenge = await BlueskyAPI.CreatePKCECodeChallenge(TestingVerifier);
+	
+	let PAR = BlueskyAPI.PARrequest(WellKnown.pushed_authorization_request_endpoint, State, PKCEchallenge);
+	console.log(PAR);
 	
-	let TestingRequest = fetch(PAREndpoint, {method: "POST", body: new URLSearchParams({ response_type: "code", code_challenge_method: "S256", scope: "atproto", client_id: "https://fedi.crowdedgames.group/oauth/client-metadata.json", redirect_uri: "https://fedi.crowdedgames.group/HTML/mail.html", code_challenge: TestingChallenge, state: TestingState, login_hint: "crowdedgames.group" }), "Content-Type": "application/x-www-form-urlencoded"});
-	console.log(TestingRequest);
 }
 
-BlueskyTestingAuthorization();
+// BlueskyTestingAuthorization();
 
-// Stolen from Brave
+// Stolen from Search
 // TODO: implement my own function.
 function generateToken(length) {
     var chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';