Removed NioTSO client and server

- NioTSO client isn't needed because we're using RayLib - Added FreeSO's API server to handle most backend operations
2025-07-06 22:50:30 -04:00 · 2024-05-01 02:55:43 -04:00 · 2024-05-01 02:55:43 -04:00 · 22191ce648
commit 22191ce648
parent f12ba1502b
591 changed files with 53264 additions and 3362 deletions
--- a/server/FSO.Server.Api.Core/Controllers/GithubController.cs
+++ b/server/FSO.Server.Api.Core/Controllers/GithubController.cs
@ -0,0 +1,77 @@
+using System;
+using System.Security.Cryptography;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Cors;
+using Microsoft.AspNetCore.Mvc;
+using Octokit;
+
+namespace FSO.Server.Api.Core.Controllers
+{
+    [EnableCors]
+    [ApiController]
+    public class GithubController : ControllerBase
+    {
+        readonly GitHubClient client =
+            new GitHubClient(new ProductHeaderValue(Api.INSTANCE.Github.AppName), new Uri("https://github.com/"));
+
+        private string StoredToken;
+        private static string CSRF;
+
+        // GET: /<controller>/
+        [HttpGet]
+        [Route("github/")]
+        public IActionResult Index()
+        {
+            if (Api.INSTANCE.Github == null) return NotFound();
+            if (Api.INSTANCE.Github.AccessToken != null) return NotFound();
+
+            return Redirect(GetOauthLoginUrl());
+        }
+
+        [HttpGet]
+        [Route("github/callback")]
+        public async Task<IActionResult> Callback(string code, string state)
+        {
+            if (Api.INSTANCE.Github == null) return NotFound();
+            if (Api.INSTANCE.Github.AccessToken != null) return NotFound();
+
+            if (!String.IsNullOrEmpty(code))
+            {
+                var expectedState = CSRF;
+                if (state != expectedState) throw new InvalidOperationException("SECURITY FAIL!");
+                //CSRF = null;
+
+                var token = await client.Oauth.CreateAccessToken(
+                    new OauthTokenRequest(Api.INSTANCE.Github.ClientID, Api.INSTANCE.Github.ClientSecret, code)
+                    {
+                        RedirectUri = new Uri("http://localhost:80/github/callback")
+                    });
+                StoredToken = token.AccessToken;
+            }
+
+            return Ok(StoredToken);
+        }
+
+        private string GetOauthLoginUrl()
+        {
+            var rngCsp = new RNGCryptoServiceProvider();
+            string csrf = "";
+            var random = new byte[24];
+            rngCsp.GetBytes(random);
+            for (int i=0; i<24; i++)
+            {
+                csrf += (char)('?' + random[i]/4);
+            }
+            CSRF = csrf;
+
+            // 1. Redirect users to request GitHub access
+            var request = new OauthLoginRequest(Api.INSTANCE.Github.ClientID)
+            {
+                Scopes = { "admin:org", "repo" },
+                State = csrf
+            };
+            var oauthLoginUrl = client.Oauth.GetGitHubLoginUrl(request);
+            return oauthLoginUrl.ToString();
+        }
+    }
+}