288 lines
13 KiB
JavaScript
288 lines
13 KiB
JavaScript
import * as Variables from "./Variables.js";
|
|
|
|
export async function CreatePost(DID, Text) {
|
|
let PDS = localStorage.getItem(Variables.BlueskyPDS);
|
|
let Json = {
|
|
"$type": "app.bsky.feed.post",
|
|
"text": Text,
|
|
"createdAt": new Date(Date.now()).toISOString()
|
|
}
|
|
let RequestBody = {
|
|
"repo": DID,
|
|
"collection": "app.bsky.feed.post",
|
|
"record": Json
|
|
}
|
|
let DPoP = await ClientDPoPPDS("POST", PDS + "/xrpc/com.atproto.repo.createRecord");
|
|
let request = fetch(PDS + "/xrpc/com.atproto.repo.createRecord", { body: JSON.stringify(RequestBody), method: "POST", headers: {"Content-Type": "application/json", "Authorization": "DPoP " + localStorage.getItem(Variables.BlueskyAccessToken), "DPoP": DPoP}});
|
|
let body = await request.then((response) => response.json());
|
|
let status = await request.then((response) => response.status);
|
|
let header = await request.then((response) => response.headers.get("dpop-nonce"));
|
|
if (status == 401) {
|
|
if (body.message.includes("DPoP nonce mismatch")) {
|
|
await localStorage.setItem(Variables.BlueskyNonce, header);
|
|
}
|
|
if (body.message.includes("claim timestamp check failed")) {
|
|
await RefreshTokens();
|
|
}
|
|
body = await CreatePost(DID, Text);
|
|
}
|
|
return body;
|
|
}
|
|
|
|
export async function SetThreadGate(DID, Post, VisibilitySettings) {
|
|
let PDS = localStorage.getItem(Variables.BlueskyPDS);
|
|
let Json = {
|
|
"$type": "app.bsky.feed.threadgate",
|
|
"post": Post,
|
|
"allow": VisibilitySettings,
|
|
"createdAt": new Date(Date.now()).toISOString()
|
|
}
|
|
let RequestBody = {
|
|
"repo": DID,
|
|
"collection": "app.bsky.feed.threadgate",
|
|
"record": Json,
|
|
"rkey": Post.split("/")[Post.split("/").length - 1]
|
|
}
|
|
let DPoP = await ClientDPoPPDS("POST", PDS + "/xrpc/com.atproto.repo.createRecord");
|
|
let request = fetch(PDS + "/xrpc/com.atproto.repo.createRecord", { body: JSON.stringify(RequestBody), method: "POST", headers: {"Content-Type": "application/json", "Authorization": "DPoP " + localStorage.getItem(Variables.BlueskyAccessToken), "DPoP": DPoP}});
|
|
let body = await request.then((response) => response.json());
|
|
let status = await request.then((response) => response.status);
|
|
let header = await request.then((response) => response.headers.get("dpop-nonce"));
|
|
if (status == 401) {
|
|
if (body.message.includes("DPoP nonce mismatch")) {
|
|
await localStorage.setItem(Variables.BlueskyNonce, header);
|
|
}
|
|
if (body.message.includes("claim timestamp check failed")) {
|
|
await RefreshTokens();
|
|
}
|
|
body = await SetThreadGate(DID, Post, VisibilitySettings);
|
|
}
|
|
return body;
|
|
}
|
|
|
|
// Component 1/4
|
|
export async function GetPDSWellKnown() {
|
|
return await fetch("https://bsky.social/.well-known/oauth-authorization-server", {method: "GET"})
|
|
.then((response) => response.json());
|
|
}
|
|
|
|
// Component 2/4
|
|
// Many thanks to https://github.com/tonyxu-io/pkce-generator. It was the base for this code.
|
|
export async function CreatePKCECodeVerifier() {
|
|
// Generate some Numbers
|
|
let Numbers = new Uint8Array(32);
|
|
crypto.getRandomValues(Numbers);
|
|
// Generate a random string of characters.
|
|
let CodeVerifier = "";
|
|
for (let i in Numbers) {
|
|
CodeVerifier += String.fromCharCode(Numbers[i]);
|
|
}
|
|
// Put this random string into Base64URL format.
|
|
CodeVerifier = btoa(CodeVerifier).replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_');
|
|
return CodeVerifier;
|
|
}
|
|
|
|
export async function CreatePKCECodeChallenge(CodeVerifier) {
|
|
// Generate a code challenge with the code verifier.
|
|
// This is done by first SHA256 encrypting the CodeVerifier, then putting the outputted string into Base64URL format.
|
|
let CodeChallenge = btoa(await sha256(CodeVerifier)).replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_');
|
|
return CodeChallenge;
|
|
}
|
|
|
|
// Component 3/4
|
|
export async function PARrequest(PAREndpoint, State, Challenge) {
|
|
return fetch(PAREndpoint, {method: "POST", body: new URLSearchParams({ response_type: "code", code_challenge_method: "S256", scope: "atproto transition:generic", client_id: "https://fedi.crowdedgames.group/oauth/client-metadata.json", redirect_uri: "https://fedi.crowdedgames.group/HTML/setting.html", code_challenge: Challenge, state: State, login_hint: "crowdedgames.group" }), headers: {"Content-Type": "application/x-www-form-urlencoded"}});
|
|
}
|
|
|
|
async function AuthRequest(TokenEndpoint, code, DPoP, Verify) {
|
|
return fetch(TokenEndpoint, {method: "POST", body: new URLSearchParams({ grant_type: "authorization_code", code: code, client_id: "https://fedi.crowdedgames.group/oauth/client-metadata.json", redirect_uri: "https://fedi.crowdedgames.group/HTML/setting.html", code_verifier: Verify}), headers: { "DPoP": DPoP, "Content-Type": "application/x-www-form-urlencoded"}})
|
|
.then((response) => response.json());
|
|
}
|
|
|
|
async function ReauthRequest(TokenEndpoint, Token, DPoP) {
|
|
return fetch(TokenEndpoint, {method: "POST", body: new URLSearchParams({ grant_type: "refresh_token", refresh_token: Token, client_id: "https://fedi.crowdedgames.group/oauth/client-metadata.json"}), headers: { "DPoP": DPoP, "Content-Type": "application/x-www-form-urlencoded"}});
|
|
}
|
|
|
|
// Component 4/4
|
|
export async function ClientDPoPToken(POSTorGET, RequestURL) {
|
|
let PublicKey = await crypto.subtle.importKey("jwk", JSON.parse(localStorage.getItem(Variables.BlueskyPublicKey)), {name: "ECDSA", namedCurve: "P-256"}, true, ["verify"]);
|
|
let PrivateKey = await crypto.subtle.importKey("jwk", JSON.parse(localStorage.getItem(Variables.BlueskyPrivateKey)), {name: "ECDSA", namedCurve: "P-256"}, true, ["sign"]);
|
|
|
|
// Header
|
|
var Header = {typ: "dpop+jwt", alg: "ES256", jwk:
|
|
await crypto.subtle.exportKey("jwk", PublicKey)
|
|
.then(function(response) {
|
|
delete response["key_ops"];
|
|
delete response["ext"];
|
|
delete response["alg"];
|
|
return response})
|
|
};
|
|
// Payload
|
|
var Payload = {};
|
|
Payload.iss = "https://fedi.crowdedgames.group/oauth/client-metadata.json";
|
|
Payload.jti = crypto.randomUUID();
|
|
Payload.htm = POSTorGET;
|
|
Payload.htu = RequestURL;
|
|
Payload.iat = Math.floor(new Date(Date.now()).getTime() / 1000);
|
|
Payload.nonce = localStorage.getItem(Variables.BlueskyNonce);
|
|
|
|
var sHeader = JSON.stringify(Header);
|
|
var sPayload = JSON.stringify(Payload);
|
|
var JWT = KJUR.jws.JWS.sign("ES256", sHeader, sPayload,
|
|
await crypto.subtle.exportKey("jwk", PrivateKey)
|
|
.then(function(response) {
|
|
delete response["key_ops"];
|
|
delete response["ext"];
|
|
delete response["alg"];
|
|
return response})
|
|
);
|
|
return JWT;
|
|
}
|
|
|
|
export async function ClientDPoPPDS(POSTorGET, RequestURL) {
|
|
let PublicKey = await crypto.subtle.importKey("jwk", JSON.parse(localStorage.getItem(Variables.BlueskyPublicKey)), {name: "ECDSA", namedCurve: "P-256"}, true, ["verify"]);
|
|
let PrivateKey = await crypto.subtle.importKey("jwk", JSON.parse(localStorage.getItem(Variables.BlueskyPrivateKey)), {name: "ECDSA", namedCurve: "P-256"}, true, ["sign"]);
|
|
|
|
// Header
|
|
var Header = {typ: "dpop+jwt", alg: "ES256", jwk:
|
|
await crypto.subtle.exportKey("jwk", PublicKey)
|
|
.then(function(response) {
|
|
delete response["key_ops"];
|
|
delete response["ext"];
|
|
delete response["alg"];
|
|
return response})
|
|
};
|
|
// Payload
|
|
var Payload = {};
|
|
Payload.iss = "https://fedi.crowdedgames.group/oauth/client-metadata.json";
|
|
Payload.jti = crypto.randomUUID();
|
|
Payload.htm = POSTorGET;
|
|
Payload.htu = RequestURL;
|
|
Payload.iat = Math.floor(new Date(Date.now()).getTime() / 1000);
|
|
Payload.nonce = localStorage.getItem(Variables.BlueskyNonce);
|
|
Payload.ath = await CreatePKCECodeChallenge(localStorage.getItem(Variables.BlueskyAccessToken));
|
|
|
|
var sHeader = JSON.stringify(Header);
|
|
var sPayload = JSON.stringify(Payload);
|
|
var JWT = KJUR.jws.JWS.sign("ES256", sHeader, sPayload,
|
|
await crypto.subtle.exportKey("jwk", PrivateKey)
|
|
.then(function(response) {
|
|
delete response["key_ops"];
|
|
delete response["ext"];
|
|
delete response["alg"];
|
|
return response})
|
|
);
|
|
return JWT;
|
|
}
|
|
|
|
export async function HandleAuthorization(Website) {
|
|
// Quickly check to see if it has something before :// so it doesn't screw the link.
|
|
if (Website.toLowerCase().split("://").length > 1) {
|
|
Website = "https://" + Website.split("://")[1];
|
|
} else {
|
|
Website = "https://" + Website;
|
|
}
|
|
// Declare Variables
|
|
let KeyPair = await crypto.subtle.generateKey({name: "ECDSA", namedCurve: "P-256"}, true, ["sign", "verify"]);
|
|
|
|
let WellKnown = await GetPDSWellKnown();
|
|
|
|
let State = crypto.randomUUID();
|
|
|
|
let PKCEverifier = await CreatePKCECodeVerifier();
|
|
let PKCEchallenge = await CreatePKCECodeChallenge(PKCEverifier);
|
|
// Save these
|
|
localStorage.setItem(Variables.BlueskyPKCEVerifier, PKCEverifier);
|
|
localStorage.setItem(Variables.BlueskyPKCEChallenge, PKCEchallenge);
|
|
// PAR request (beginning)
|
|
let PAR = PARrequest(WellKnown.pushed_authorization_request_endpoint, State, PKCEchallenge);
|
|
let body = await PAR.then((response) => response.json());
|
|
let nonce = await PAR.then((response) => response.headers.get("dpop-nonce"));
|
|
// Save nonce
|
|
localStorage.setItem(Variables.BlueskyNonce, nonce);
|
|
// Export keys
|
|
let ExportedKey1 = await crypto.subtle.exportKey("jwk", KeyPair.publicKey);
|
|
let ExportedKey2 = await crypto.subtle.exportKey("jwk", KeyPair.privateKey);
|
|
// Convert them into a good format.
|
|
localStorage.setItem(Variables.BlueskyPublicKey, JSON.stringify(ExportedKey1));
|
|
localStorage.setItem(Variables.BlueskyPrivateKey, JSON.stringify(ExportedKey2));
|
|
// Now we need to authenticate. Make sure the State stays the same throughout this whole process :]
|
|
document.location.href = Website + "/oauth/authorize?client_id=https://fedi.crowdedgames.group/oauth/client-metadata.json&request_uri=" + body.request_uri;
|
|
}
|
|
|
|
export async function GainTokens() {
|
|
let WellKnown = await GetPDSWellKnown();
|
|
|
|
// Check to see if something's a miss...
|
|
if ((document.location.href.split("state=").length > 1 && document.location.href.split("iss=").length > 1 && document.location.href.split("code=").length > 1) && localStorage.getItem(Variables.BlueskyPKCEVerifier) != null && localStorage.getItem(Variables.BlueskyAccessToken) == null) {
|
|
// Create varaibles, be aware of waits because of internet.
|
|
let DPoP = await ClientDPoPToken("POST", WellKnown.token_endpoint);
|
|
let code = document.location.href.split("code=")[1];
|
|
// Authentication
|
|
let Var = await localStorage.getItem(Variables.BlueskyPKCEVerifier);
|
|
let Auth = await AuthRequest(WellKnown.token_endpoint, code, DPoP, Var);
|
|
// Save the tokens and be done
|
|
localStorage.setItem(Variables.BlueskyAccessToken, Auth.access_token);
|
|
localStorage.setItem(Variables.BlueskyRefreshToken, Auth.refresh_token);
|
|
// That long string just gets the payload
|
|
// aud = PDS server we are communicating with; sub = user DID
|
|
localStorage.setItem(Variables.BlueskyPDS, "https://" + KJUR.jws.JWS.readSafeJSONString(b64utoutf8(localStorage.getItem(Variables.BlueskyAccessToken).split(".")[1])).aud.split(":")[2]);
|
|
localStorage.setItem(Variables.BlueskyDID, KJUR.jws.JWS.readSafeJSONString(b64utoutf8(localStorage.getItem(Variables.BlueskyAccessToken).split(".")[1])).sub);
|
|
}
|
|
}
|
|
|
|
// Refreshing tokens is an integral part of auth.
|
|
export async function RefreshTokens() {
|
|
let WellKnown = await GetPDSWellKnown();
|
|
// Create varaibles, be aware of waits because of internet.
|
|
let DPoP = await ClientDPoPToken("POST", WellKnown.token_endpoint);
|
|
// Token refresh
|
|
let Var = await localStorage.getItem(Variables.BlueskyRefreshToken);
|
|
let Auth = ReauthRequest(WellKnown.token_endpoint, Var, DPoP);
|
|
let body = await Auth.then((response) => response.json());
|
|
let header = await Auth.then((response) => response.headers.get("dpop-nonce"));
|
|
if (body.hasOwnProperty("error_description") && body.error_description.includes("DPoP nonce mismatch")) {
|
|
localStorage.setItem(Variables.BlueskyNonce, header);
|
|
DPoP = await ClientDPoPToken("POST", WellKnown.token_endpoint);
|
|
body = await ReauthRequest(WellKnown.token_endpoint, Var, DPoP).then((response) => response.json());
|
|
}
|
|
// Save the tokens and be done
|
|
localStorage.setItem(Variables.BlueskyAccessToken, body.access_token);
|
|
localStorage.setItem(Variables.BlueskyRefreshToken, body.refresh_token);
|
|
}
|
|
|
|
// Stolen from elsewhere.
|
|
// Firefox snippet; Slightly edited.
|
|
async function sha256(message) {
|
|
// encode as UTF-8
|
|
const MessageBuffer = new TextEncoder().encode(message);
|
|
|
|
// hash the message
|
|
const HashBuffer = await crypto.subtle.digest('SHA-256', MessageBuffer);
|
|
|
|
// convert ArrayBuffer to Array
|
|
const HashArray = Array.from(new Uint8Array(HashBuffer));
|
|
|
|
// convert this hashArray to a string
|
|
let string = "";
|
|
for (let i in HashArray) {
|
|
string += String.fromCharCode(HashArray[i]);
|
|
}
|
|
|
|
return string;
|
|
}
|
|
|
|
// Firefox snippet.
|
|
function ab2str(buf) {
|
|
return String.fromCharCode.apply(null, new Uint8Array(buf));
|
|
}
|
|
|
|
// Firefox snippet.
|
|
function str2ab(str) {
|
|
const buf = new ArrayBuffer(str.length);
|
|
const bufView = new Uint8Array(buf);
|
|
for (let i = 0, strLen = str.length; i < strLen; i++) {
|
|
bufView[i] = str.charCodeAt(i);
|
|
}
|
|
return buf;
|
|
}
|