Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
7 changed files
with
366 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,202 @@ | ||
<?php | ||
|
||
$type = gr('type'); | ||
$out['TYPE'] = $type; | ||
if (gr('err_msg')) { | ||
$out['ERR_MSG'] = gr('err_msg'); | ||
} | ||
if (gr('ok_msg')) { | ||
$out['OK_MSG'] = gr('ok_msg'); | ||
} | ||
|
||
if (gr('refresh_devices')) { | ||
$this->refreshDevices(); | ||
} | ||
|
||
if ($type == 'reset') { | ||
@unlink(YADEVICES_COOKIE_PATH); | ||
$this->redirect("?view_mode=" . $this->view_mode); | ||
} | ||
|
||
if ($type == 'otp') { | ||
$track_id = gr('track_id'); | ||
if ($track_id) { | ||
$otp = gr('otp'); | ||
if ($otp!='') { | ||
$post = array( | ||
'csrf_token' => gr('csrf_token'), | ||
'track_id' => $track_id, | ||
'password' => $otp, | ||
'retpath' => 'https://passport.yandex.ru/am/finish?status=ok&from=Login', | ||
); | ||
$postvars = ''; | ||
foreach($post as $key=>$value) { | ||
$postvars .= $key . "=" . urlencode($value) . "&"; | ||
} | ||
$YaCurl = curl_init(); | ||
curl_setopt($YaCurl, CURLOPT_URL, 'https://passport.yandex.ru/registration-validations/auth/multi_step/commit_password'); | ||
curl_setopt($YaCurl, CURLOPT_POST, true); | ||
curl_setopt($YaCurl, CURLOPT_POSTFIELDS, $postvars); | ||
curl_setopt($YaCurl, CURLOPT_RETURNTRANSFER, true); | ||
curl_setopt($YaCurl, CURLOPT_COOKIEFILE, YADEVICES_COOKIE_PATH); | ||
curl_setopt($YaCurl, CURLOPT_COOKIEJAR, YADEVICES_COOKIE_PATH); | ||
$result = curl_exec($YaCurl); | ||
curl_close($YaCurl); | ||
$data = json_decode($result, true); | ||
if ($data['status']=='ok' || $data['errors'][0]=='account.auth_passed') { | ||
$checkCookie = $this->apiRequest('https://iot.quasar.yandex.ru/m/user/scenarios'); | ||
if ($checkCookie['status'] != 'ok') { | ||
@unlink(YADEVICES_COOKIE_PATH); | ||
$out['ERR_MSG'] = 'Ошибка авторизации!'; | ||
return; | ||
} else { | ||
$this->redirect("?view_mode=" . $this->view_mode . "&refresh_devices=1&ok_msg=" . urlencode("Успешная авторизация!")); | ||
} | ||
} else { | ||
$out['ERR_MSG'] = 'Авторизация не пройдена. Попробуйте ещё раз.'; | ||
} | ||
} | ||
$out['TRACK_ID']=$track_id; | ||
} else { | ||
$username = gr('username'); | ||
if ($username) { | ||
$csrf_token = $this->getCSRFToken(); | ||
if ($csrf_token!='') { | ||
$out['CSRF_TOKEN'] = $csrf_token; | ||
$post = array( | ||
'csrf_token' => $csrf_token, | ||
'login' => $username, | ||
); | ||
$postvars = ''; | ||
foreach($post as $key=>$value) { | ||
$postvars .= $key . "=" . urlencode($value) . "&"; | ||
} | ||
$YaCurl = curl_init(); | ||
curl_setopt($YaCurl, CURLOPT_URL, 'https://passport.yandex.ru/registration-validations/auth/multi_step/start'); | ||
curl_setopt($YaCurl, CURLOPT_POST, true); | ||
curl_setopt($YaCurl, CURLOPT_POSTFIELDS, $postvars); | ||
curl_setopt($YaCurl, CURLOPT_RETURNTRANSFER, true); | ||
curl_setopt($YaCurl, CURLOPT_COOKIEFILE, YADEVICES_COOKIE_PATH); | ||
curl_setopt($YaCurl, CURLOPT_COOKIEJAR, YADEVICES_COOKIE_PATH); | ||
$result = curl_exec($YaCurl); | ||
curl_close($YaCurl); | ||
$data = json_decode($result, true); | ||
if ($data['status']=='ok') { | ||
$track_id = $data['track_id']; | ||
$out['TRACK_ID']=$track_id; | ||
} else { | ||
$out['ERR_MSG']='Ошибка авторизации. Попробуйте ещё раз.'; | ||
} | ||
|
||
} else { | ||
$out['ERR_MSG'] = 'Ошибка получения CSRF-токена'; | ||
} | ||
} | ||
|
||
} | ||
} | ||
|
||
if ($type == 'qr') { | ||
$track_id = gr('track_id'); | ||
if ($track_id) { | ||
$csrf_token = gr('csrf_token'); | ||
$post = array( | ||
'csrf_token' => $csrf_token, | ||
'track_id' => $track_id, | ||
); | ||
$postvars = ''; | ||
foreach($post as $key=>$value) { | ||
$postvars .= $key . "=" . urlencode($value) . "&"; | ||
} | ||
|
||
$YaCurl = curl_init(); | ||
$url = 'https://passport.yandex.ru/auth/magic/status/'; | ||
|
||
curl_setopt($YaCurl, CURLOPT_URL, $url); | ||
curl_setopt($YaCurl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0'); | ||
curl_setopt($YaCurl, CURLOPT_POST, true); | ||
curl_setopt($YaCurl, CURLOPT_POSTFIELDS, $postvars); | ||
curl_setopt($YaCurl, CURLOPT_RETURNTRANSFER, true); | ||
curl_setopt($YaCurl, CURLOPT_COOKIEFILE, YADEVICES_COOKIE_PATH); | ||
curl_setopt($YaCurl, CURLOPT_COOKIEJAR, YADEVICES_COOKIE_PATH); | ||
$result = curl_exec($YaCurl); | ||
curl_close($YaCurl); | ||
|
||
$data = json_decode($result, true); | ||
|
||
if ($data['status']=='ok' || $data['errors'][0]=='account.auth_passed') { | ||
$checkCookie = $this->apiRequest('https://iot.quasar.yandex.ru/m/user/scenarios'); | ||
if ($checkCookie['status'] != 'ok') { | ||
@unlink(YADEVICES_COOKIE_PATH); | ||
$out['ERR_MSG'] = 'Ошибка авторизации!'; | ||
return; | ||
} else { | ||
$this->redirect("?view_mode=" . $this->view_mode . "&refresh_devices=1&ok_msg=" . urlencode("Успешная авторизация!")); | ||
} | ||
} else { | ||
$out['ERR_MSG'] = 'Авторизация не пройдена. Попробуйте ещё раз.'; | ||
} | ||
|
||
$out['TRACK_ID'] = $track_id; | ||
$out['QR_URL'] = 'https://passport.yandex.ru/auth/magic/code/?track_id=' . $track_id; | ||
$out['CSRF_TOKEN'] = $csrf_token; | ||
|
||
} else { | ||
$csrf_token = $this->getCSRFToken(); | ||
if ($csrf_token) { | ||
$post = array( | ||
'csrf_token' => $csrf_token, | ||
'retpath' => 'https://passport.yandex.ru/profile', | ||
'with_code' => 1, | ||
); | ||
|
||
$postvars = ''; | ||
foreach($post as $key=>$value) { | ||
$postvars .= $key . "=" . urlencode($value) . "&"; | ||
} | ||
$YaCurl = curl_init(); | ||
curl_setopt($YaCurl, CURLOPT_URL, 'https://passport.yandex.ru/registration-validations/auth/password/submit'); | ||
curl_setopt($YaCurl, CURLOPT_POST, true); | ||
curl_setopt($YaCurl, CURLOPT_POSTFIELDS, $postvars); | ||
curl_setopt($YaCurl, CURLOPT_RETURNTRANSFER, true); | ||
curl_setopt($YaCurl, CURLOPT_COOKIEFILE, YADEVICES_COOKIE_PATH); | ||
curl_setopt($YaCurl, CURLOPT_COOKIEJAR, YADEVICES_COOKIE_PATH); | ||
$result = curl_exec($YaCurl); | ||
curl_close($YaCurl); | ||
|
||
$data = json_decode($result, true); | ||
if ($data['status'] == 'ok') { | ||
$out['TRACK_ID'] = $data['track_id']; | ||
$out['CSRF_TOKEN'] = $data['csrf_token']; | ||
$out['QR_URL'] = 'https://passport.yandex.ru/auth/magic/code/?track_id=' . $data['track_id']; | ||
} else { | ||
$out['ERR_MSG'] = 'Ошибка получения QR-кода'; | ||
} | ||
} else { | ||
$out['ERR_MSG'] = 'Ошибка получения CSRF-токена'; | ||
} | ||
} | ||
} | ||
|
||
if ($type == 'cookie') { | ||
global $file; | ||
if (is_file($file)) { | ||
move_uploaded_file($file, YADEVICES_COOKIE_PATH); | ||
$checkCookie = $this->apiRequest('https://iot.quasar.yandex.ru/m/user/scenarios'); | ||
if ($checkCookie['status'] != 'ok') { | ||
@unlink(YADEVICES_COOKIE_PATH); | ||
$out['ERR_MSG'] = 'Файл который вы загружаете не является Cookie файлом с сайта Яндекс или он устарел.'; | ||
return; | ||
} else { | ||
$this->redirect("?view_mode=" . $this->view_mode . "&refresh_devices=1&ok_msg=" . urlencode("Успешная авторизация!")); | ||
} | ||
} | ||
} | ||
|
||
if (!$type) { | ||
$data = $this->apiRequest('https://iot.quasar.yandex.ru/m/user/devices'); | ||
if (is_array($data)) { | ||
$out['AUTHORIZED_OK'] = 1; | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
<h2>Авторизация</h2> | ||
[#if ERR_MSG!=""#] | ||
<div class="alert alert-danger">[#ERR_MSG#]</div> | ||
[#endif ERR_MSG#] | ||
|
||
[#if OK_MSG!=""#] | ||
<div class="alert alert-success">[#OK_MSG#]</div> | ||
[#endif OK_MSG#] | ||
|
||
[#if TYPE=""#] | ||
<div> | ||
Состояние авторизации: | ||
[#if AUTHORIZED_OK="1"#] | ||
<span class="label label-success">Авторизовано</span> | ||
<sup> | ||
<a href="?view_mode=<#VIEW_MODE#>&type=reset" onclick="return confirm('Данные авторизации будут удалены. Продолжить?');">Удалить авторизацию</a> | ||
</sup> | ||
[#else#] | ||
<span class="label label-danger">Не авторизовано</span> | ||
[#endif#] | ||
</div> | ||
| ||
<h3>Выберите способ авторизации:</h3> | ||
<table class="table"> | ||
<tr> | ||
<td> | ||
<a href="?view_mode=<#VIEW_MODE#>&type=qr" class="btn btn-default">QR-код</a> | ||
</td> | ||
<td> | ||
Авторизация по QR-коду с помощью приложения Я.Ключ | ||
</td> | ||
</tr> | ||
<tr> | ||
<td> | ||
<a href="?view_mode=<#VIEW_MODE#>&type=otp" class="btn btn-default">Одноразовый пароль</a> | ||
</td> | ||
<td> | ||
Авторизация с помощью одноразового пароля | ||
</td> | ||
</tr> | ||
<tr> | ||
<td> | ||
<a href="?view_mode=<#VIEW_MODE#>&type=cookie" class="btn btn-default">Cookie-файл</a> | ||
</td> | ||
<td> | ||
Загрузка cookie-файла | ||
</td> | ||
</tr> | ||
</table> | ||
[#endif TYPE#] | ||
|
||
[#if TYPE="otp"#] | ||
[#inc auth_otp.html#] | ||
[#endif TYPE#] | ||
|
||
[#if TYPE="cookie"#] | ||
[#inc auth_cookie.html#] | ||
[#endif TYPE#] | ||
|
||
[#if TYPE="qr"#] | ||
[#inc auth_qr.html#] | ||
[#endif TYPE#] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
<p> | ||
Для работы данного способа, необходимо скачать файл с данными Cookie сформированный на странице <a href="https://yandex.ru/quasar/iot/" target="_blank">Yandex IOT</a>. | ||
После скачивания файла его необходимо загрузить в данную форму. | ||
</p> | ||
<form action="?" method="post" enctype="multipart/form-data"> | ||
<div class="from-group"> | ||
<input name="file" type="file"> | ||
</div> | ||
| ||
<div class="form-group"> | ||
<input type="submit" id="Cookie_upload" name="submit" value="Загрузить" class="btn btn-success"> | ||
<a href="?view_mode=<#VIEW_MODE#>" class="btn btn-default"><#LANG_CANCEL#></a> | ||
</div> | ||
<input type="hidden" name="view_mode" value="<#VIEW_MODE#>"> | ||
<input type="hidden" name="type" value="<#TYPE#>"> | ||
</form> |
Oops, something went wrong.