private async Task <bool> OnAuthRequest(HttpListenerRequestEventArgs context) { if (!Settings.Config.ModuleIndustrialJobs) { return(false); } var request = context.Request; var response = context.Response; try { RunningRequestCount++; var port = Settings.WebServerModule.WebExternalPort; if (request.HttpMethod == HttpMethod.Get.ToString()) { if (request.Url.LocalPath == "/callback" || request.Url.LocalPath == $"{port}/callback") { var clientID = Settings.WebServerModule.CcpAppClientId; var secret = Settings.WebServerModule.CcpAppSecret; var prms = request.Url.Query.TrimStart('?').Split('&'); var code = prms[0].Split('=')[1]; var state = prms.Length > 1 ? prms[1].Split('=')[1] : null; if (string.IsNullOrEmpty(state)) { return(false); } if (!state.StartsWith("ijobsauth")) { return(false); } //var groupName = HttpUtility.UrlDecode(state.Replace("ijobsauth", "")); var result = await WebAuthModule.GetCharacterIdFromCode(code, clientID, secret); if (result == null) { await WebServerModule.WriteResponce( WebServerModule.GetAccessDeniedPage("Industry Jobs Module", LM.Get("accessDenied"), WebServerModule.GetAuthPageUrl()), response); return(true); } var lCharId = Convert.ToInt64(result[0]); //var group = Settings.IndustrialJobsModule.Groups[groupName]; var allowedCharacters = GetAllParsedCharactersWithGroups(); string allowedGroup = null; foreach (var(group, allowedCharacterIds) in allowedCharacters) { if (allowedCharacterIds.Contains(lCharId)) { allowedGroup = group; break; } } if (string.IsNullOrEmpty(allowedGroup)) { await WebServerModule.WriteResponce( WebServerModule.GetAccessDeniedPage("Industry Jobs Module", LM.Get("accessDenied"), WebServerModule.GetAuthPageUrl()), response); return(true); } await SQLHelper.InsertOrUpdateTokens("", result[0], null, null, result[1]); await WebServerModule.WriteResponce(File .ReadAllText(SettingsManager.FileTemplateMailAuthSuccess) .Replace("{headerContent}", WebServerModule.GetHtmlResourceDefault(false)) .Replace("{header}", "authTemplateHeader") .Replace("{body}", LM.Get("industryJobsAuthSuccessHeader")) .Replace("{body2}", LM.Get("industryJobsAuthSuccessBody")) .Replace("{backText}", LM.Get("backText")), response ); return(true); } } } catch (Exception ex) { await LogHelper.LogEx(ex.Message, ex, Category); } finally { RunningRequestCount--; } return(false); }
private async Task <bool> OnDisplayTimers(HttpListenerRequestEventArgs context) { if (!Settings.Config.ModuleTimers) { return(false); } var request = context.Request; var response = context.Response; try { var extPort = Settings.WebServerModule.WebExternalPort; var port = Settings.WebServerModule.WebExternalPort; if (request.HttpMethod == HttpMethod.Get.ToString()) { if (request.Url.LocalPath == "/callback.php" || request.Url.LocalPath == $"{extPort}/callback.php" || request.Url.LocalPath == $"{port}/callback.php") { var clientID = Settings.WebServerModule.CcpAppClientId; var secret = Settings.WebServerModule.CcpAppSecret; var prms = request.Url.Query.TrimStart('?').Split('&'); var code = prms[0].Split('=')[1]; var state = prms.Length > 1 ? prms[1].Split('=')[1] : null; if (state != "11") { return(false); } //state = 11 && have code var result = await WebAuthModule.GetCharacterIdFromCode(code, clientID, secret); if (result == null) { //TODO invalid auth await response.RedirectAsync(new Uri(WebServerModule.GetWebSiteUrl())); return(true); } var characterId = Convert.ToInt64(result[0]); await SQLHelper.UpdateTimersAuth(characterId); //redirect to timers var iid = Convert.ToBase64String(Encoding.UTF8.GetBytes(characterId.ToString())); iid = HttpUtility.UrlEncode(iid); var url = $"{WebServerModule.GetTimersURL()}?data=0&id={iid}&state=11"; await response.RedirectAsync(new Uri(url)); return(true); } if (request.Url.LocalPath == "/timers.php" || request.Url.LocalPath == $"{extPort}/timers.php" || request.Url.LocalPath == $"{port}/timers.php") { if (string.IsNullOrWhiteSpace(request.Url.Query)) { //redirect to auth await response.RedirectAsync(new Uri(WebServerModule.GetTimersAuthURL())); return(true); } var prms = request.Url.Query.TrimStart('?').Split('&'); if (prms.Length != 3) { await response.RedirectAsync(new Uri(WebServerModule.GetWebSiteUrl())); return(true); } var data = prms[0].Split('=')[1]; var inputId = prms[1].Split('=')[1]; var state = prms[2].Split('=')[1]; if (state != "11") { await response.RedirectAsync(new Uri(WebServerModule.GetWebSiteUrl())); return(true); } var characterId = Convert.ToInt64(Encoding.UTF8.GetString(Convert.FromBase64String(HttpUtility.UrlDecode(inputId)))); var rChar = await APIHelper.ESIAPI.GetCharacterData(Reason, characterId, true); if (rChar == null) { await response.RedirectAsync(new Uri(WebServerModule.GetWebSiteUrl())); return(true); } //have charId - had to check it //check in db var timeout = Settings.TimersModule.AuthTimeoutInMinutes; if (timeout != 0) { var result = await SQLHelper.GetTimersAuthTime(characterId); if (result == null || (DateTime.Now - DateTime.Parse(result)).TotalMinutes > timeout) { //redirect to auth await response.RedirectAsync(new Uri(WebServerModule.GetTimersAuthURL())); return(true); } } var checkResult = await CheckAccess(characterId, rChar); if (!checkResult[0]) { await WebServerModule.WriteResponce(WebServerModule.GetAccessDeniedPage("Timers Module", LM.Get("accessDenied"), WebServerModule.GetWebSiteUrl()), response); return(true); } if (checkResult[1] && data.StartsWith("delete")) { data = data.Substring(6, data.Length - 6); await SQLHelper.DeleteTimer(Convert.ToInt64(data)); var x = HttpUtility.ParseQueryString(request.Url.Query); x.Set("data", "0"); await response.RedirectAsync(new Uri($"{request.Url.ToString().Split('?')[0]}?{x}")); return(true); } await WriteCorrectResponce(response, checkResult[1], characterId); return(true); } } else if (request.HttpMethod == HttpMethod.Post.ToString()) { var prms = request.Url.Query.TrimStart('?').Split('&'); if (prms.Length != 3) { //await response.RedirectAsync(new Uri(WebServerModule.GetWebSiteUrl())); return(false); } var inputId = prms[1].Split('=')[1]; var state = prms[2].Split('=')[1]; if (state != "11") { // await response.RedirectAsync(new Uri(WebServerModule.GetWebSiteUrl())); return(false); } var characterId = Convert.ToInt64(Encoding.UTF8.GetString(Convert.FromBase64String(HttpUtility.UrlDecode(inputId)))); var rChar = await APIHelper.ESIAPI.GetCharacterData(Reason, characterId, true); if (rChar == null) { // await response.RedirectAsync(new Uri(WebServerModule.GetWebSiteUrl())); return(false); } var checkResult = await CheckAccess(characterId, rChar); if (!checkResult[0]) { return(true); } var data = await request.ReadContentAsStringAsync(); if (checkResult[1] && data != null) { if (data.StartsWith("delete")) { data = data.Substring(6, data.Length - 6); await SQLHelper.DeleteTimer(Convert.ToInt64(data)); } else { TimerItem entry = null; try { entry = JsonConvert.DeserializeObject <TimerItem>(data); } catch { //ignore } if (entry == null) { await response.WriteContentAsync(LM.Get("invalidInputData")); return(true); } var iDate = entry.GetDateTime(); if (iDate == null) { await response.WriteContentAsync(LM.Get("invalidTimeFormat")); return(true); } if (iDate < DateTime.Now) { await response.WriteContentAsync(LM.Get("passedTimeValue")); return(true); } //save entry.timerChar = rChar.name; await SQLHelper.UpdateTimer(entry); } return(true); } } } catch (Exception ex) { await LogHelper.LogEx(ex.Message, ex, Category); } return(false); }