From 6b9d631b7a965d8e43e5608cd6b3b60542d88fcb Mon Sep 17 00:00:00 2001 From: Skylar Ittner Date: Wed, 5 Jun 2019 02:26:01 -0600 Subject: [PATCH] Add Munzee oauth and capture support (not tested fully) --- api/actions/submitcode.php | 101 ++++++++++++++++++++++++++++++++++++- munzee.php | 77 ++++++++++++++++++++++++++++ settings.template.php | 5 ++ 3 files changed, 182 insertions(+), 1 deletion(-) create mode 100644 munzee.php diff --git a/api/actions/submitcode.php b/api/actions/submitcode.php index fac6167..99abb9f 100644 --- a/api/actions/submitcode.php +++ b/api/actions/submitcode.php @@ -72,7 +72,7 @@ if ($database->has('claimedcodes', ["AND" => ['code' => $VARS["code"], 'accounti $database->insert('inventory', ['accountid' => getRequestUser()->getUID(), 'itemid' => $itemid]); $database->insert('claimedcodes', ['code' => $VARS["code"], 'accountid' => getRequestUser()->getUID()]); - + $player = new Player(getRequestUser()); $player->stats->updateStat(PlayerStats::SCANS, 1); $player->save(); @@ -84,4 +84,103 @@ if ($database->has('claimedcodes', ["AND" => ['code' => $VARS["code"], 'accounti $returndata['messages'][] = $Strings->build("You found one {item}", ["item" => $itemname], false); } +if (strpos($VARS["code"], "munzee") !== false && $database->has('munzee', ['accountid' => getRequestUser()->getUID()])) { + + if (!empty($VARS["latitude"]) && !empty($VARS["longitude"]) && !empty($VARS["accuracy"])) { + $latitude = $VARS["latitude"]; + $longitude = $VARS["longitude"]; + $accuracy = $VARS["accuracy"]; + /* Check if we need to refresh the bearer token first */ + if ($database->has('munzee', ["AND" => ['accountid' => getRequestUser()->getUID(), 'expires[<=]' => (time() + 30)]])) { + $url = 'https://api.munzee.com/oauth/login'; + $fields = array( + 'client_id' => urlencode($SETTINGS["munzee"]["id"]), + 'client_secret' => urlencode($SETTINGS["munzee"]["secret"]), + 'grant_type' => 'refresh_token', + 'refresh_token' => $database->select('munzee', 'refreshtoken', ['accountid' => getRequestUser()->getUID()])[0] + ); + + foreach ($fields as $key => $value) { + $fields_string .= $key . '=' . $value . '&'; + } + rtrim($fields_string, '&'); + + $ch = curl_init(); + + $options = array( + CURLOPT_URL => $url, + CURLOPT_POST => 1, + CURLOPT_POSTFIELDS => $fields_string, + CURLOPT_RETURNTRANSFER => 1, // return web page + CURLOPT_HEADER => false, // don't return headers + CURLOPT_ENCODING => "", // handle compressed + CURLOPT_USERAGENT => "TerranQuest Game Server", // name of client + CURLOPT_AUTOREFERER => true, // set referrer on redirect + CURLOPT_CONNECTTIMEOUT => 120, // time-out on connect + CURLOPT_TIMEOUT => 120, // time-out on response + ); + curl_setopt_array($ch, $options); + + $result = curl_exec($ch); + + curl_close($ch); + + $data = json_decode($result, TRUE)['data']; + $status_code = json_decode($result, TRUE)['status_code']; + if ($status_code == 200) { + $database->update('munzee', ['bearertoken' => $data['token']['access_token'], 'refreshtoken' => $data['token']['refresh_token'], 'expires' => $data['token']['expires']], ['accountid' => getRequestUser()->getUID()]); + } + } + + /* Check again now */ + if ($database->has('munzee', ["AND" => ['accountid' => getRequestUser()->getUID(), 'expires[>]' => (time() + 30)]])) { + $url = 'https://api.munzee.com/capture/light/'; + $header = array( + 'Authorization: ' . $database->select('munzee', ['bearertoken'], ['accountid' => getRequestUser()->getUID()])[0]['bearertoken'] + ); + + $time = time(); + $fields = ['data' => json_encode([ + "language" => "EN", + "latitude" => $latitude, + "longitude" => $longitude, + "accuracy" => $accuracy, + "time" => time(), + "code" => $VARS["code"] + ]) + ]; +//open connection + $ch = curl_init(); + + $options = array( + CURLOPT_URL => $url, + CURLOPT_POST => true, + CURLOPT_POSTFIELDS => $fields, + CURLOPT_HTTPHEADER => $header, + CURLOPT_RETURNTRANSFER => true, // return web page + CURLOPT_HEADER => false, // don't return headers + CURLOPT_FOLLOWLOCATION => true, // follow redirects + CURLOPT_MAXREDIRS => 10, // stop after 10 redirects + CURLOPT_ENCODING => "", // handle compressed + CURLOPT_USERAGENT => "TerranQuest Game Server", // name of client + CURLOPT_AUTOREFERER => true, // set referrer on redirect + CURLOPT_CONNECTTIMEOUT => 120, // time-out on connect + CURLOPT_TIMEOUT => 120, // time-out on response + ); + curl_setopt_array($ch, $options); + + $result = curl_exec($ch); +//close connection + curl_close($ch); + + + $data = json_decode($result, TRUE); + if ($data['status_code'] == 200) { + // Add munzee capture info to response + $returndata["munzee"] = $data["data"]["result"]; + } + } + } +} + exitWithJson($returndata); diff --git a/munzee.php b/munzee.php new file mode 100644 index 0000000..92629f4 --- /dev/null +++ b/munzee.php @@ -0,0 +1,77 @@ +exists()) { + return false; + } + if ($user->checkPassword($VARS["password"], true)) { + $_SESSION["userid"] = User::byUsername($VARS["username"])->getUID(); + $_SESSION["munzeeauthed"] = true; + header("Location: https://api.munzee.com/oauth?response_type=code&client_id=" . $SETTINGS["munzee"]["id"] . "&redirect_uri=" + $SETTINGS["munzee"]["redirecturl"] + "&scope=read capture_light"); + die("OK"); + } + die("Login incorrect."); +} else { + if ($_SESSION["munzeeauthed"] !== true) { + die("Invalid session or session expired. Try again."); + } + $code = $VARS['code']; + $url = 'https://api.munzee.com/oauth/login'; + $fields = array( + 'client_id' => urlencode($SETTINGS["munzee"]["id"]), + 'client_secret' => urlencode($SETTINGS["munzee"]["secret"]), + 'grant_type' => 'authorization_code', + 'code' => urlencode($code), + 'redirect_uri' => urlencode($SETTINGS["munzee"]["redirecturl"]) + ); + //url-ify the data for the POST + foreach ($fields as $key => $value) { + $fields_string .= $key . '=' . $value . '&'; + } + rtrim($fields_string, '&'); + //open connection + $ch = curl_init(); + + $options = array( + CURLOPT_URL => $url, + CURLOPT_POST => 1, + CURLOPT_POSTFIELDS => $fields_string, + CURLOPT_RETURNTRANSFER => true, // return web page + CURLOPT_HEADER => false, // don't return headers + CURLOPT_FOLLOWLOCATION => true, // follow redirects + CURLOPT_MAXREDIRS => 10, // stop after 10 redirects + CURLOPT_ENCODING => "", // handle compressed + CURLOPT_USERAGENT => "TerranQuest Game Server", // name of client + CURLOPT_AUTOREFERER => true, // set referrer on redirect + CURLOPT_CONNECTTIMEOUT => 120, // time-out on connect + CURLOPT_TIMEOUT => 120, // time-out on response + ); + curl_setopt_array($ch, $options); + //execute post + $result = curl_exec($ch); + //close connection + curl_close($ch); + + $jsonresult = json_decode($result, TRUE); + $data = $jsonresult['data']; + if ($jsonresult['status_code'] == 200) { + if ($database->has('munzee', ['accountid' => $_SESSION['userid']])) { + $database->update('munzee', ['bearertoken' => $data['token']['access_token'], 'refreshtoken' => $data['token']['refresh_token'], 'expires' => $data['token']['expires']], ['accountid' => $_SESSION['userid']]); + } else { + $database->insert('munzee', ['bearertoken' => $data['token']['access_token'], 'refreshtoken' => $data['token']['refresh_token'], 'expires' => $data['token']['expires'], 'accountid' => $_SESSION['userid']]); + } + die($Strings->get("Your Munzee account has been linked to TerranQuest!", false)); + } else { + die($Strings->get("Munzee is having problems right now. Try again later.", false)); + } +} \ No newline at end of file diff --git a/settings.template.php b/settings.template.php index 7393f9f..15c2ce3 100644 --- a/settings.template.php +++ b/settings.template.php @@ -74,6 +74,11 @@ $SETTINGS = [ "WATER_TOWER" ] ], + "munzee" => [ + "id" => "", + "secret" => "", + "redirecturl" => "https://gs.terranquest.net/munzee.php" + ], // List of required user permissions to access this app. "permissions" => [ ],