Created
July 27, 2010 23:25
-
-
Save hackervera/493049 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var http = require('http'); | |
var fs = require('fs'); | |
var config_file = fs.readFileSync('ritalin.config','ascii'); | |
var config = JSON.parse(config_file); | |
var crypto = require('crypto'); | |
var sys = require('sys'); | |
var spawn = require('child_process').spawn; | |
var url = require('url'); | |
var Buffer = require('buffer').Buffer; | |
var redis = require('redis-client').createClient(); | |
var expires = new Date(); | |
expires.setDate(expires.getDate() - 100000); | |
expires = expires.toUTCString(); | |
var when = new Date(); | |
when.setDate(when.getDate() + 14); | |
when.toUTCString(); | |
var b64 = require('base64'); | |
var Session = new Object; | |
if (config.bot == 1) | |
{ | |
var irc = require('irc'); | |
var client = new irc.Client(config.bot_server,config.bot_name, | |
{ | |
channels: [config.bot_channel], | |
}); | |
client.on("error", function(error) | |
{ | |
console.log(lookUp(error)); | |
console.log(error.stack); | |
}); | |
} | |
var dgram = require('dgram'); | |
var udp = dgram.createSocket('udp4'); | |
function hitAPI(host,path,data,port,method){ | |
var web_client = http.createClient(port,"http://" + host); | |
var request = web_client.request(method,path, {'host': host}); | |
request.write(data); | |
request.end(); | |
console.log(sys.inspect(request)); | |
request.on('response', function(response){ | |
response.on('data', function(data){ | |
console.log(data); | |
}); | |
}); | |
} | |
function sendLocation(){ | |
var d = new Date(); | |
//console.log(ISODateString(d)); | |
var date = ISODateString(d); | |
var packet = fs.readFileSync("packet","ascii"); | |
hitAPI("tyler-postbin.appspot.com","/1grwu0e",packet,80,"POST"); | |
} | |
udp.on('error', function(message) | |
{ | |
console.log(message); | |
}); | |
udp.bind(config.udp_port); | |
udp.on('message', function(message,rinfo) | |
{ | |
message = JSON.parse(message); | |
var signature = message.signature; | |
var text = message.text; | |
var name = message.name; | |
var publicKey; | |
var web_client = http.createClient(config.port,config.domain) | |
var getKey = web_client.request("/keys/" + name,{'host': 'rital.in'}) | |
getKey.end(); | |
getKey.on('response', function(response) | |
{ | |
response.on('data', function(data) | |
{ | |
console.log(data); | |
publicKey = data; | |
var verified = crypto.createVerify('RSA-SHA256').update(text).verify(publicKey,signature,'hex'); | |
if (verified && client) | |
{ | |
client.say(config.bot_channel, name + " " + "sent '" + text + "' [ http://" + config.domain + ":" + config.port + "/keys/" + name + " ]"); | |
} | |
}); | |
}); | |
}); | |
function newKey(user) | |
{ | |
var key = spawn('openssl', ['req', '-nodes', '-newkey', 'rsa:1024', '-x509', '-keyout', 'keys/' + user + '.pem', '-out', 'keys/' + user + '-pub.pem', '-days', '1095', '-batch']); | |
key.stdout.on('data', function(data){ | |
console.log(data); | |
}); | |
key.stderr.on('data', function(data){ | |
console.log(data); | |
}); | |
} | |
function ISODateString(d){ | |
function pad(n){return n<10 ? '0'+n : n} | |
return d.getUTCFullYear()+'-' | |
+ pad(d.getUTCMonth()+1)+'-' | |
+ pad(d.getUTCDate())+'T' | |
+ pad(d.getUTCHours())+':' | |
+ pad(d.getUTCMinutes())+':' | |
+ pad(d.getUTCSeconds())+'Z' | |
} | |
function randomString() { | |
var chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz"; | |
var string_length = 32; | |
var randomstring = ''; | |
for (var i=0; i<string_length; i++) { | |
var rnum = Math.floor(Math.random() * chars.length); | |
randomstring += chars.substring(rnum,rnum+1); | |
} | |
return randomstring; | |
} | |
console.log(randomString()); | |
http.createServer(function (req, res) { | |
function writeOut(obj){ | |
status = obj.status || 200; | |
headers = obj.headers || new Object; | |
if (!headers['content-type']){ | |
headers['content-type'] = "text/html"; | |
} | |
data = obj.data; | |
console.log(sys.inspect(headers)); | |
res.writeHead(status, headers); | |
res.end(data); | |
} | |
try { | |
var path = req.url.substr(1); | |
var key = /^\/key\/(.*)/.exec(req.url); | |
var login = /.*\/login.*/.exec(req.url); | |
key = key || 0; | |
var incoming = /^\/incoming.*/.exec(req.url); | |
incoming = incoming || 0; | |
login = login || 0 | |
var params = url.parse(req.url,true).query; | |
var resource = url.parse(req.url,true).pathname; | |
var name = req.headers.cookie | |
name = /name=(\w+)/.exec(req.headers.cookie) | |
if (name){ name = name[1] }; | |
appname = /^\/apps\/(.*)/.exec(req.url); | |
appname = appname || 0; | |
auth = /^\/oauth\/authorize/; | |
switch(resource) | |
{ | |
case "/": | |
{ | |
console.log(sys.inspect(req)); | |
if (req.headers.cookie){ | |
res.writeHead(302, {'Location': '/main' }); | |
res.end('set cookie'); | |
} | |
else { | |
res.writeHead(200, {'Content-Type': 'text/html'}); | |
index = fs.readFileSync("public/index.html"); | |
if (params && params.error){ | |
index = index.toString().replace(/ERROR/, | |
"<div style='color:red;border-stlye:solid;border-color:red;border-width:3px;'>Username or Password incorrect<br><br></div>"); | |
}else { | |
index = index.toString().replace(/ERROR/,""); | |
} | |
res.end(index); | |
} | |
break; | |
} | |
case "/login":{ | |
name = params.user; | |
pass = params.pass; | |
redis.get("ritalin:" + name + ":password", function(err,password){ | |
if (password && password.toString() == pass) { | |
console.log("login good"); | |
res.writeHead(302, {'Location':'/main', 'set-cookie':'name=' + name + '; expires=' + when } ); | |
res.end(''); | |
} | |
else { | |
writeOut({status:302,headers:{"Location":"/?error=1"}}); | |
} | |
}); | |
break; | |
} | |
case "/main":{ | |
if (!req.headers.cookie){ | |
res.writeHead(302, {'Location': '/' }); | |
res.end(''); | |
} else { | |
main = fs.readFileSync('public/main.html'); | |
//newKey(name); | |
main = main.toString().replace(/NAME/g,name); | |
res.writeHead(200, {'Content-Type': 'text/html' }); | |
res.end(main); | |
} | |
break; | |
} | |
case "/logout":{ | |
res.writeHead(302, {'Content-Type': 'text/plain', 'set-cookie':'name=tyler;expires=' + expires, 'Location': '/'}); | |
res.end(''); | |
} | |
case "/oauth/authorize": | |
if (!params) { | |
writeOut({status:401,data:"no params in request!"}); | |
break; | |
} | |
console.log("requesting auth"); | |
redirect = params['redirect_uri']; | |
scope = params.scope; | |
client_id = params['client_id']; | |
code = randomString(); | |
if (req.headers.cookie){ | |
writeOut({data:"Hello " + name + ". Grant access to " + client_id + "? <a href='" + redirect + "?code=" + code + "'>YES</a>"}); | |
} else { | |
//writeOut({ status:302, headers: { 'Location':redirect + '?scope=' + scope + '&code=' + code} }); | |
writeOut({data:"TODO"}); //TODO | |
} | |
break; | |
case "/oauth/token": | |
if (!params) { | |
writeOut({status:401,data:"no params in request!"}); | |
break; | |
} | |
access_token = randomString(); | |
refresh_token = randomString(); | |
if (params['grant_type'] == "password"){ | |
//console.log(sys.inspect(req)); | |
auth_pieces = req.headers['authorization'].split(" "); | |
if (auth_pieces[0] == "Basic"){ | |
id_secret = b64.decode(new Buffer(auth_pieces[1])).split(":"); | |
redis.get("ritalin:apptoken:" + id_secret[0], function(err,appsecret){ | |
try { | |
if (appsecret.toString() == id_secret[1]){ | |
redis.get("ritalin:" + params.username + ":password", function(err, password){ | |
console.log(sys.inspect(params.password) + " " + sys.inspect(password.toString('ascii'))); | |
if (params.password == password.toString('ascii')){ | |
redis.set("ritalin:" + params.username + ":access_token",access_token); | |
output = { access_token:access_token,expires_in:3600 }; | |
output = JSON.stringify(output); | |
writeOut({data:output,headers:{"content-type":"application/json"}}); | |
} | |
}); | |
} | |
} catch (e) { | |
writeOut({data:"That clientid does not exist!\n"}); | |
} | |
}); | |
} else { | |
writeOut({data:"Sorry thats not the right auth method",status:401}); | |
} | |
}else { | |
output = { access_token:access_token,refresh_token:refresh_token }; | |
output = JSON.stringify(output); | |
writeOut({data:output}); | |
} | |
break; | |
case "/json": | |
test = JSON.stringify({"test":"json"}); | |
writeOut({data:test}); | |
break; | |
case appname[0]: | |
redis.get("ritalin:apptoken:" + appname[1], function(error, token){ | |
console.log(token); | |
output = "App Id:<br> <b>" + appname[1] + "</b><br><br>" + | |
"App Secret:<br> <b>" + token + "</b><br><br><a href='/apps'>Back to apps</a>"; | |
writeOut({data:output}); | |
}); | |
break; | |
case "/apps": | |
if (req.headers.cookie){ | |
redis.smembers("ritalin:apps:" + name,function(error,value){ | |
for (i=0; i < value.length; i++){ | |
value[i] = "<a href='/apps/" + value[i] + "'>" + value[i] + "</a>" | |
} | |
output = fs.readFileSync("public/apps.html","ascii"); | |
output = output.replace(/APPS/g,value); | |
writeOut({data:output}); | |
}); | |
} else { | |
writeOut({headers: {'Location':'/'}, status:302}); | |
} | |
break; | |
case key[0]: | |
{ | |
path = config.install_path + '/keys/' + key[1] + '-pub.pem' | |
publicKey = fs.readFileSync(path,'ascii'); | |
console.log(path); | |
res.writeHead(200, {'Content-Type': 'text/plain'}); | |
res.end(publicKey); | |
break; | |
} | |
case incoming[0]: | |
{ | |
packet = JSON.parse(params.body); | |
domain = packet.domain; | |
name = packet.name; | |
text = packet.text; | |
signature = packet.signature; | |
var web_client = http.createClient(80,domain) | |
var getKey = web_client.request("/key/" + name,{'host': domain}) | |
var verified; | |
getKey.end(); | |
getKey.on('response', function(response) | |
{ | |
response.on('data', function(data) | |
{ | |
console.log(data); | |
publicKey = data; | |
verified = crypto.createVerify('RSA-SHA256').update(text).verify(publicKey,signature,'hex'); | |
console.log(verified); | |
if (verified == 1){ | |
res.writeHead(200, {'Content-Type': 'text/plain'}); | |
res.end("You sent: " + params.body + "\n\nMessage verified"); | |
} | |
else { | |
res.writeHead(401, {'Content-Type': 'text/plain'}); | |
res.end("Verification failed"); | |
} | |
}); | |
}); | |
break; | |
} | |
default: res.writeHead(404, {'Content-Type': 'text/plain'}); res.end("File doesn't exist");break; | |
} | |
} catch(e) | |
{ | |
res.writeHead(500, {'Content-Type': 'text/plain'}); res.end("There has been an error: " + e.message); | |
} | |
}).listen(config.port, "0.0.0.0"); | |
console.log('Server running at http://' + config.domain + ':' + config.port + '/'); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment