diff options
Diffstat (limited to 'juick-www/src/main/java/com/juick/www/controllers')
-rw-r--r-- | juick-www/src/main/java/com/juick/www/controllers/SocialLogin.java | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/juick-www/src/main/java/com/juick/www/controllers/SocialLogin.java b/juick-www/src/main/java/com/juick/www/controllers/SocialLogin.java index 4a5026379..b9d3c9c7f 100644 --- a/juick-www/src/main/java/com/juick/www/controllers/SocialLogin.java +++ b/juick-www/src/main/java/com/juick/www/controllers/SocialLogin.java @@ -28,10 +28,14 @@ import com.juick.server.util.HttpBadRequestException; import com.juick.server.util.UserUtils; import com.juick.service.CrosspostService; import com.juick.service.EmailService; +import com.juick.service.TelegramService; import com.juick.service.UserService; import com.juick.www.Utils; import com.juick.www.facebook.User; import com.juick.www.vk.UsersResponse; +import org.apache.commons.codec.digest.DigestUtils; +import org.apache.commons.codec.digest.HmacAlgorithms; +import org.apache.commons.codec.digest.HmacUtils; import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.math.NumberUtils; import org.slf4j.Logger; @@ -48,8 +52,10 @@ import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.util.Map; import java.util.UUID; import java.util.concurrent.ExecutionException; +import java.util.stream.Collectors; /** * @@ -79,6 +85,8 @@ public class SocialLogin { private String VK_APPID; @Value("${vk_secret}") private String VK_SECRET; + @Value("${telegram_token}") + private String telegramToken; @Inject private CrosspostService crosspostService; @@ -86,6 +94,8 @@ public class SocialLogin { private UserService userService; @Inject private EmailService emailService; + @Inject + private TelegramService telegramService; @PostConstruct public void init() { @@ -279,4 +289,33 @@ public class SocialLogin { return "redirect:/signup?type=vk&hash=" + loginhash; } } + + @GetMapping("/_tglogin") + public String doDurovLogin(HttpServletRequest request, + @RequestParam Map<String, String> params, + HttpServletResponse response) { + String dataCheckString = params.entrySet().stream() + .filter(p -> !p.getKey().equals("hash")) + .sorted(Map.Entry.comparingByKey()) + .map(p -> p.getKey() + "=" + p.getValue()) + .collect(Collectors.joining("\n")); + String hash = params.get("hash"); + byte[] secretKey = DigestUtils.sha256(telegramToken); + String resultString = new HmacUtils(HmacAlgorithms.HMAC_SHA_256, secretKey).hmacHex(dataCheckString); + if (hash.equals(resultString)) { + Long tgUser = Long.valueOf(params.get("id")); + int uid = telegramService.getUser(tgUser); + if (uid > 0) { + Cookie c = new Cookie("hash", userService.getHashByUID(uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return Utils.getPreviousPageByRequest(request).orElse("redirect:/"); + } else { + logger.warn("invalid user {}", tgUser); + } + } else { + logger.warn("invalid tg hash {} for {}", resultString, hash); + } + throw new HttpBadRequestException(); + } } |