From 0afad1d9ae5c20174ea0f1bb7c234746a72ce2b6 Mon Sep 17 00:00:00 2001 From: rebelonion <87634197+rebelonion@users.noreply.github.com> Date: Sun, 11 Feb 2024 04:16:22 -0600 Subject: [PATCH] feat: comment authorization --- .gitignore | 3 + app/build.gradle | 8 +- .../dantotsu/connections/comments/Comments.kt | 116 ++++++++++++++++++ 3 files changed, 126 insertions(+), 1 deletion(-) create mode 100644 app/src/main/java/ani/dantotsu/connections/comments/Comments.kt diff --git a/.gitignore b/.gitignore index c81d22db..6cc9cdea 100644 --- a/.gitignore +++ b/.gitignore @@ -8,6 +8,9 @@ local.properties # Log/OS Files *.log +# Secrets +apikey.properties + # Android Studio generated files and folders captures/ .externalNativeBuild/ diff --git a/app/build.gradle b/app/build.gradle index 89eafa1b..39229933 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -10,6 +10,10 @@ def gitCommitHash = providers.exec { commandLine("git", "rev-parse", "--verify", "--short", "HEAD") }.standardOutput.asText.get().trim() +def apikeyPropertiesFile = rootProject.file("apikey.properties") +def apikeyProperties = new Properties() +apikeyProperties.load(new FileInputStream(apikeyPropertiesFile)) + android { compileSdk 34 @@ -21,6 +25,8 @@ android { versionName "2.2.0" versionCode 220000000 signingConfig signingConfigs.debug + buildConfigField("String", "APP_SECRET", apikeyProperties['APP_SECRET']) + buildConfigField("String", "USER_ID_ENCRYPT_KEY", apikeyProperties['USER_ID_ENCRYPT_KEY']) } flavorDimensions "store" @@ -49,7 +55,7 @@ android { } debug { applicationIdSuffix ".beta" - versionNameSuffix "-beta01" + versionNameSuffix "-beta02" manifestPlaceholders = [icon_placeholder: "@mipmap/ic_launcher_beta", icon_placeholder_round: "@mipmap/ic_launcher_beta_round"] debuggable false } diff --git a/app/src/main/java/ani/dantotsu/connections/comments/Comments.kt b/app/src/main/java/ani/dantotsu/connections/comments/Comments.kt new file mode 100644 index 00000000..86e8b9ad --- /dev/null +++ b/app/src/main/java/ani/dantotsu/connections/comments/Comments.kt @@ -0,0 +1,116 @@ +package ani.dantotsu.connections.comments + +import android.security.keystore.KeyProperties +import android.util.Base64 +import ani.dantotsu.BuildConfig +import ani.dantotsu.settings.saving.PrefManager +import ani.dantotsu.settings.saving.PrefName +import com.lagradost.nicehttp.Requests +import eu.kanade.tachiyomi.network.NetworkHelper +import kotlinx.coroutines.runBlocking +import kotlinx.serialization.SerialName +import kotlinx.serialization.Serializable +import kotlinx.serialization.json.Json +import okhttp3.FormBody +import uy.kohesive.injekt.Injekt +import uy.kohesive.injekt.api.get +import java.security.MessageDigest +import javax.crypto.Cipher +import javax.crypto.spec.SecretKeySpec + +class Comments { + val address: String = "http://10.0.2.2:8081" + val appSecret = BuildConfig.APP_SECRET + val requestClient = Injekt.get().client + var authToken: String? = null + fun run() { + runBlocking { + val request = Requests( + requestClient, + headerBuilder() + ) + .get(address) + println("comments: $request") + } + } + + fun getCommentsForId(id: Int) { + val url = "$address/comments/$id" + runBlocking { + val request = Requests( + requestClient, + headerBuilder() + ) + .get(url) + println("comments: $request") + } + } + + fun fetchAuthToken() { + val url = "$address/authenticate" + //test user id = asdf + //test username = test + val user = User(generateUserId() ?: return, "rebel onion") + val body: FormBody = FormBody.Builder() + .add("user_id", user.id) + .add("username", user.username) + .build() + runBlocking { + val request = Requests( + requestClient, + headerBuilder() + ) + val json = request.post(url, requestBody = body) + if (!json.text.startsWith("{")) return@runBlocking + val parsed = try { + Json.decodeFromString(json.text) + } catch (e: Exception) { + return@runBlocking + } + authToken = parsed.authToken + + println("comments: $json") + println("comments: $authToken") + } + } + + private fun headerBuilder(): Map { + return if (authToken != null) { + mapOf( + "appauth" to appSecret, + "Authorization" to authToken!! + ) + } else { + mapOf( + "appauth" to appSecret, + ) + } + } + + private fun generateUserId(): String? { + val anilistId = PrefManager.getVal(PrefName.AnilistToken, null as String?) ?: return null + val userIdEncryptKey = BuildConfig.USER_ID_ENCRYPT_KEY + val keySpec = SecretKeySpec(userIdEncryptKey.toByteArray(), KeyProperties.KEY_ALGORITHM_AES) + val cipher = Cipher.getInstance("${KeyProperties.KEY_ALGORITHM_AES}/${KeyProperties.BLOCK_MODE_CBC}/${KeyProperties.ENCRYPTION_PADDING_PKCS7}") + cipher.init(Cipher.ENCRYPT_MODE, keySpec) + val encrypted = cipher.doFinal(anilistId.toByteArray()) + val base = Base64.encodeToString(encrypted, Base64.NO_WRAP) + val bytes = MessageDigest.getInstance("SHA-256").digest(base.toByteArray()) + return bytes.joinToString("") { "%02x".format(it) } + + } +} + +@Serializable +data class Auth( + @SerialName("authToken") + val authToken: String +) + +@Serializable +data class User( + @SerialName("user_id") + val id: String, + @SerialName("username") + val username: String +) \ No newline at end of file