From 37080b80f26a604da1d0293bef8015c1481be657 Mon Sep 17 00:00:00 2001 From: mountain Date: Tue, 20 Jun 2023 17:42:19 +0900 Subject: [PATCH] =?UTF-8?q?=EA=B2=8C=EC=9E=84=ED=8C=9F=20=EC=A0=9C?= =?UTF-8?q?=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/maingate.go | 12 -- core/platformgamepot.go | 344 ---------------------------------------- 2 files changed, 356 deletions(-) delete mode 100644 core/platformgamepot.go diff --git a/core/maingate.go b/core/maingate.go index 6aed706..c8c7f36 100644 --- a/core/maingate.go +++ b/core/maingate.go @@ -7,7 +7,6 @@ import ( "encoding/json" "errors" "fmt" - "html/template" "io" "math/big" "math/rand" @@ -49,7 +48,6 @@ var ( const ( AuthPlatformFirebaseAuth = "firebase" - AuthPlatformGamepot = "gamepot" AuthPlatformGoogle = "google" AuthPlatformMicrosoft = "microsoft" AuthPlatformApple = "apple" @@ -185,7 +183,6 @@ type Maingate struct { authorizationEndpoints map[string]string userinfoEndpoint map[string]string jwksUri map[string]string - webTemplate map[string]*template.Template firebaseAppClient *auth.Client firebaseAppContext context.Context } @@ -303,9 +300,6 @@ func (mg *Maingate) prepare(context context.Context) (err error) { return err } - mg.webTemplate = make(map[string]*template.Template) - mg.webTemplate[AuthPlatformGamepot] = template.Must(template.ParseFiles("www/gamepot.html")) - // redis에서 env를 가져온 후에 mg.mongoClient, err = common.NewMongoClient(context, mg.Mongo, "maingate") if err != nil { @@ -540,10 +534,6 @@ func (mg *Maingate) RegisterHandlers(ctx context.Context, serveMux *http.ServeMu serveMux.HandleFunc(common.MakeHttpHandlerPattern(prefix, "authorize", AuthPlatformApple), mg.platform_apple_authorize) serveMux.HandleFunc(common.MakeHttpHandlerPattern(prefix, "authorize_result", AuthPlatformApple), mg.platform_apple_authorize_result) - serveMux.HandleFunc(common.MakeHttpHandlerPattern(prefix, "request_login_url", AuthPlatformGamepot), mg.platform_gamepot_get_login_url) - serveMux.HandleFunc(common.MakeHttpHandlerPattern(prefix, "authorize", AuthPlatformGamepot), mg.platform_gamepot_authorize) - serveMux.HandleFunc(common.MakeHttpHandlerPattern(prefix, "authorize_sdk", AuthPlatformGamepot), mg.platform_gamepot_authorize_sdk) - serveMux.HandleFunc(common.MakeHttpHandlerPattern(prefix, "request_login_url", AuthPlatformFirebaseAuth), mg.platform_firebaseauth_get_login_url) serveMux.HandleFunc(common.MakeHttpHandlerPattern(prefix, "authorize_sdk", AuthPlatformFirebaseAuth), mg.platform_firebaseauth_authorize_sdk) @@ -714,8 +704,6 @@ func (mg *Maingate) updateUserinfo(info usertokeninfo) (bool, string, string) { success, userid, email = mg.platform_microsoft_getuserinfo(info) case AuthPlatformGoogle: success, userid, email = mg.platform_google_getuserinfo(info) - case AuthPlatformGamepot: - success, userid, email = mg.platform_gamepot_getuserinfo(info) case AuthPlatformFirebaseAuth: success, userid, email = mg.platform_firebase_getuserinfo(info) } diff --git a/core/platformgamepot.go b/core/platformgamepot.go deleted file mode 100644 index e6ca211..0000000 --- a/core/platformgamepot.go +++ /dev/null @@ -1,344 +0,0 @@ -package core - -import ( - "bytes" - "encoding/json" - "errors" - "io" - "net/http" - "net/url" - "time" - - "repositories.action2quare.com/ayo/gocommon/logger" - - "go.mongodb.org/mongo-driver/bson" - "go.mongodb.org/mongo-driver/bson/primitive" - "go.mongodb.org/mongo-driver/mongo/options" -) - -type GamepotTemplate struct { - RedirectBaseUrl string - State string -} - -type Gamepot_LoginValidationResponse struct { - Message string `json:"message"` - Status int `json:"status"` -} - -func (mg *Maingate) platform_gamepot_get_login_url(w http.ResponseWriter, r *http.Request) { - - browserinfo, err := mg.GetUserBrowserInfo(r) - - if err != nil { - w.WriteHeader(http.StatusBadRequest) - logger.Error(err) - return - } - - existid := r.URL.Query().Get("existid") - withSDK := r.URL.Query().Get("withSDK") - - //fmt.Println("existid =>", existid) - if existid != "" { - //기존 계정이 있는 경우에는 그 계정 부터 조회한다. - info, err := mg.getUserTokenWithCheck(AuthPlatformGamepot, existid, browserinfo) - if err == nil { - if info.token != "" { - params := url.Values{} - params.Add("id", existid) - params.Add("authtype", AuthPlatformGamepot) - if withSDK == "1" { - w.Write([]byte("?" + params.Encode())) - } else { - http.Redirect(w, r, "actionsquare://login?"+params.Encode(), http.StatusSeeOther) - } - return - } - } - } - - sessionkey := mg.GeneratePlatformLoginNonceKey() - nonce := mg.GeneratePlatformLoginNonceKey() - - mg.mongoClient.Delete(CollectionPlatformLoginToken, bson.M{ - "platform": AuthPlatformGamepot, - "key": sessionkey, - }) - - _, _, err = mg.mongoClient.Update(CollectionPlatformLoginToken, bson.M{ - "_id": primitive.NewObjectID(), - }, bson.M{ - "$setOnInsert": bson.M{ - "platform": AuthPlatformGamepot, - "key": sessionkey, - "nonce": nonce, - "brinfo": browserinfo, - }, - }, options.Update().SetUpsert(true)) - - if err != nil { - w.WriteHeader(http.StatusBadRequest) - logger.Error(err) - return - } - - // set cookie for storing token - cookie := http.Cookie{ - Name: "LoginFlowContext_SessionKey", - Value: sessionkey, - Expires: time.Now().Add(1 * time.Hour), - //SameSite: http.SameSiteStrictMode, - SameSite: http.SameSiteLaxMode, - // HttpOnly: false, - Secure: true, - Path: "/", - } - http.SetCookie(w, &cookie) - - if withSDK == "1" { - params := url.Values{} - params.Add("nonce", nonce) - w.Write([]byte("?" + params.Encode())) - } else { - var templateVar GamepotTemplate - templateVar.RedirectBaseUrl = mg.RedirectBaseUrl - templateVar.State = nonce - mg.webTemplate[AuthPlatformGamepot].Execute(w, templateVar) - } - -} - -func (mg *Maingate) platform_gamepot_authorize(w http.ResponseWriter, r *http.Request) { - defer r.Body.Close() - - brinfo, err := mg.GetUserBrowserInfo(r) - if err != nil { - w.WriteHeader(http.StatusBadRequest) - logger.Error(err) - return - } - - cookie, err := r.Cookie("LoginFlowContext_SessionKey") - if err != nil { - logger.Println("Session not found", err) - w.WriteHeader(http.StatusBadRequest) - return - } - - r.ParseForm() - - code := r.Form.Get("code") - state := r.Form.Get("state") - - gamepotmemberId := r.Form.Get("id") - gamepotnickname := r.Form.Get("nickname") - gamepotprovider := r.Form.Get("provider") - gamepotproviderId := r.Form.Get("providerId") - // gamepotverify := r.Form.Get("verify") - // gamepotagree := r.Form.Get("agree") - - bSuccess, Result := mg.platform_gamepot_authorize_raw(w, brinfo, code, state, cookie.Value, gamepotmemberId, gamepotnickname, gamepotprovider, gamepotproviderId) - - if bSuccess { - http.Redirect(w, r, "actionsquare://login?"+Result, http.StatusSeeOther) - } else { - http.Redirect(w, r, "actionsquare://error", http.StatusSeeOther) - } -} - -type GamePotSDKAuthInfo struct { - Code string `json:"code"` - State string `json:"state"` - MemberId string `json:"id"` - Nickname string `json:"nickname"` - Provider string `json:"provider"` - ProviderId string `json:"providerId"` - // Verify string `json:"verify"` - // Agree string `json:"agree"` -} - -func (mg *Maingate) platform_gamepot_authorize_sdk(w http.ResponseWriter, r *http.Request) { - - defer r.Body.Close() - - brinfo, err := mg.GetUserBrowserInfo(r) - if err != nil { - w.WriteHeader(http.StatusBadRequest) - logger.Error(err) - return - } - - cookie, err := r.Cookie("LoginFlowContext_SessionKey") - if err != nil { - logger.Println("Session not found", err) - w.WriteHeader(http.StatusBadRequest) - return - } - - var authinfo GamePotSDKAuthInfo - - err = json.NewDecoder(r.Body).Decode(&authinfo) - if err != nil { - logger.Println("authinfo decoding fail:", err) - w.WriteHeader(http.StatusBadRequest) - return - } - - bSuccess, Result := mg.platform_gamepot_authorize_raw(w, brinfo, authinfo.Code, authinfo.State, - cookie.Value, authinfo.MemberId, authinfo.Nickname, authinfo.Provider, authinfo.ProviderId) - - if bSuccess { - w.Write([]byte("?" + Result)) - //http.Redirect(w, r, "actionsquare://login?"+Result, http.StatusSeeOther) - } else { - http.Redirect(w, r, "actionsquare://error", http.StatusSeeOther) - } -} - -func (mg *Maingate) platform_gamepot_authorize_raw(w http.ResponseWriter, brinfo, code, state, cookieSessionKey, gamepotmemberId, gamepotnickname, gamepotprovider, gamepotproviderId string) (bool, string) { - - found, err := mg.mongoClient.FindOne(CollectionPlatformLoginToken, bson.M{ - "platform": AuthPlatformGamepot, - "key": cookieSessionKey, - }) - - if err != nil { - logger.Println("LoginFlowContext_SessionKey find key :", err) - w.WriteHeader(http.StatusBadRequest) - return false, "" - } - - if found == nil { - logger.Println("LoginFlowContext_SessionKey not found") - w.WriteHeader(http.StatusBadRequest) - return false, "" - } - - if cookieSessionKey != found["key"] { - logger.Println("LoginFlowContext_SessionKey key not match") - logger.Println(cookieSessionKey) - logger.Println(found["key"]) - w.WriteHeader(http.StatusBadRequest) - return false, "" - } - - if state != found["nonce"] { - logger.Println("LoginFlowContext_SessionKey nonce not match") - logger.Println(state) - logger.Println(found["nonce"]) - w.WriteHeader(http.StatusBadRequest) - return false, "" - } - - if brinfo != found["brinfo"] { //-- 로그인 시작점과 인증점의 브라우저 혹은 접속지 정보가 다르다? - logger.Println("LoginFlowContext_SessionKey brinfo not match ") - logger.Println(brinfo) - logger.Println(found["brinfo"]) - w.WriteHeader(http.StatusBadRequest) - return false, "" - } - - //================= - params := url.Values{} - params.Add("projectId", mg.GamepotProjectId) - params.Add("memberId", gamepotmemberId) - params.Add("token", code) - - var respLoginCheck Gamepot_LoginValidationResponse - content := params.Encode() - resp, _ := http.Post(mg.GamepotLoginCheckAPIURL, "application/json", bytes.NewBuffer([]byte(content))) - if resp != nil { - body, _ := io.ReadAll(resp.Body) - json.Unmarshal(body, &respLoginCheck) - } else { - logger.Println("gamepot logincheck fail.") - w.WriteHeader(http.StatusBadRequest) - return false, "" - } - - // fmt.Println("==============================") - // fmt.Println("respLoginCheck.Status:", respLoginCheck.Status) - // fmt.Println("respLoginCheck.Message:", respLoginCheck.Message) - // fmt.Println("==============================") - - if respLoginCheck.Status != 0 { - logger.Error("gamepot login fail:", respLoginCheck.Message) - w.WriteHeader(http.StatusBadRequest) - return false, "" - } - - acceestoken_expire_time := time.Date(2999, 1, int(time.January), 0, 0, 0, 0, time.UTC).Unix() - - if gamepotmemberId != "" && gamepotprovider != "" && gamepotproviderId != "" { - var info usertokeninfo - info.platform = AuthPlatformGamepot - info.userid = gamepotmemberId - //== memberid 제외하고는 모두 client로 부터 온 값이기 때문에 유효성이 확인된 값이 아니다. 하지만, 참조용으로 사용은 한다. - // 정확한 정보는 gamepotid를 gamepot dashboard에서 조회해서 확인 할 수 밖에 없다. - info.token = gamepotprovider + "-" + gamepotproviderId - info.brinfo = brinfo - info.accesstoken = "" - info.accesstoken_expire_time = acceestoken_expire_time - mg.setUserToken(info) - - mg.mongoClient.Delete(CollectionGamepotUserInfo, bson.M{ - "gamepotuserid": info.userid, - }) - - _, _, err := mg.mongoClient.Update(CollectionGamepotUserInfo, bson.M{ - "_id": primitive.NewObjectID(), - }, bson.M{ - "$setOnInsert": bson.M{ - "gamepotuserid": gamepotmemberId, - "gamepotnickname": gamepotnickname, - "gamepotprovider": gamepotprovider, - "gamepotproviderId": gamepotproviderId, - // "gamepotverify": gamepotverify, - // "gamepotagree": gamepotagree, - "updatetime": time.Now(), - }, - }, options.Update().SetUpsert(true)) - - if err != nil { - logger.Error(err) - } - - params := url.Values{} - params.Add("id", gamepotmemberId) - params.Add("authtype", AuthPlatformGamepot) - return true, params.Encode() - } - return false, "" -} - -func (mg *Maingate) platform_gamepot_getuserinfo(info usertokeninfo) (bool, string, string) { - - found, err := mg.mongoClient.FindOne(CollectionGamepotUserInfo, bson.M{ - "gamepotuserid": info.userid, - }) - - if err != nil { - logger.Error(err) - return false, "", "" - } - if found == nil { - logger.Error(errors.New("gamepot info not found: " + info.userid)) - return false, "", "" - } - - gamepotprovider := found["gamepotprovider"].(string) - gamepotproviderId := found["gamepotproviderId"].(string) - - if gamepotprovider+"-"+gamepotproviderId != info.token { - logger.Println("gamepot info not match..") //-- token은 플랫폼종류+플랫폼ID로 구성했는데... 검증할 방법이 없어서 client로 부터 온값을 쓴다. 그래도 유저가 조작하지 않는 이상 일치해야 된다. - logger.Println(info.token) - logger.Println(gamepotprovider + "-" + gamepotproviderId) - return false, "", "" - } - - tempEmail := info.userid + "@gamepot" //-- 게임팟은 email을 안줘서 일단 gamepotid기준으로 임시값을 할당한다. - - return true, info.userid, tempEmail - -}