Skip to content

Commit 9abd54f

Browse files
ImRodryImRodry
committed
fix: fetch firebase tokens
1 parent c88a726 commit 9abd54f

4 files changed

Lines changed: 63 additions & 5 deletions

File tree

scripts/extras.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -146,7 +146,7 @@ function createCookie(name, value, expiryDate) {
146146
"=" +
147147
value +
148148
"; expires=" +
149-
expiryDate.toGMTString() +
149+
expiryDate.toUTCString() +
150150
"; SameSite=strict" +
151151
"; Domain=" +
152152
getTLD() +

scripts/map.js

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -111,6 +111,12 @@ async function initMap() {
111111
user.accessToken = accessTokenCookie;
112112
}
113113

114+
// Check if the user has a stored firebase token
115+
const firebaseTokenCookie = getCookie("firebaseToken");
116+
if (firebaseTokenCookie) {
117+
user.firebaseToken = firebaseTokenCookie;
118+
}
119+
114120
/* Run the startup functions */
115121
await runStartupFunctions();
116122
}

scripts/requests.js

Lines changed: 29 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ const GIRA_GRAPHQL_WS_ENDPOINT = "wss://c2g091p01.emel.pt/ws/graphql";
88
const GIRA_AUTH_ENDPOINT = "https://api-auth.emel.pt/auth";
99
const GIRA_TOKEN_REFRESH_ENDPOINT = "https://api-auth.emel.pt/token/refresh";
1010
const GIRA_USER_ENDPOINT = "https://api-auth.emel.pt/user";
11+
const FIREBASE_TOKEN_URL = "https://luk.moe/girabot_tokens/exchange";
1112

1213
const NUMBER_OF_RETRIES = 3;
1314
const DEFAULT_PROXY = "https://corsproxy.afonsosousah.workers.dev/";
@@ -19,10 +20,11 @@ async function makePostRequest(url, body, accessToken = null) {
1920
const response = await fetch(proxyURL ?? DEFAULT_PROXY, {
2021
method: "POST",
2122
headers: {
22-
"User-Agent": "Gira/3.4.0 (Android 34)",
23+
"User-Agent": "Gira/3.4.3 (Android 34)",
2324
"X-Proxy-URL": url,
2425
"Content-Type": "application/json",
2526
"X-Authorization": `Bearer ${accessToken}`,
27+
"X-Firebase-Token": encryptFirebaseToken(user.firebaseToken, user.accessToken),
2628
},
2729
body: body,
2830
});
@@ -31,9 +33,19 @@ async function makePostRequest(url, body, accessToken = null) {
3133

3234
// refresh token
3335
accessToken = await tokenRefresh();
36+
// se o token tiver expirado
37+
if (!getCookiie("firebaseToken")) {
38+
const firebaseToken = await fetchFirebaseToken();
39+
const { exp } = getJWTPayload(user.firebaseToken);
40+
if (firebaseToken) {
41+
// Store firebaseToken cookie (for quick refreshes)
42+
createCookie("firebaseToken", firebaseToken, new Date(exp * 1000)); // 30 days
43+
user.firebaseToken = firebaseToken;
44+
} else delete user.firebaseToken;
45+
}
3446

35-
// check if token refresh was successful
36-
if (typeof accessToken !== "undefined") {
47+
// check if token refresh was successful and there's a firebase token
48+
if (typeof accessToken !== "undefined" && user.firebaseToken) {
3749
// try to make request again
3850
return await retryPostRequest(url, body, accessToken, "Erro da API (401)"); // be sure to use latest available token
3951
}
@@ -158,6 +170,20 @@ async function makePostRequest(url, body, accessToken = null) {
158170
}
159171
}
160172

173+
// source: trust me bro
174+
function encryptFirebaseToken(firebaseToken, authToken) {
175+
let { sub, jti } = getJWTPayload(authToken);
176+
177+
const key = sub.replaceAll("-", "");
178+
const iv = jti.slice(0, 16);
179+
180+
let cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
181+
182+
let encrypted = cipher.update(firebaseToken, "utf8", "base64");
183+
184+
return encrypted + cipher.final("base64");
185+
}
186+
161187
async function makeGetRequest(url, accessToken = null) {
162188
// Proxy is not needed for these GET requests
163189
const response = await fetch(url, {

scripts/user.js

Lines changed: 27 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,9 @@ async function login(event) {
6363
user.accessToken = response.data.accessToken;
6464
user.refreshToken = response.data.refreshToken;
6565
user.expiration = response.data.expiration;
66+
const firebaseToken = await fetchFirebaseToken(user.accessToken);
67+
if (firebaseToken) user.firebaseToken = encryptFirebaseToken(firebaseToken, user.accessToken);
68+
else alert("Erro ao obter o token de verificação do dispositivo. A app não vai funcionar corretamente.");
6669

6770
/* Run the startup functions */
6871
await runStartupFunctions();
@@ -81,13 +84,36 @@ async function login(event) {
8184
// Store accessToken cookie (for quick refreshes)
8285
createCookie("accessToken", user.accessToken, accessTokenExpiryDate);
8386

87+
const { exp: firebaseExpiryDate } = getJWTPayload(user.firebaseToken);
88+
createCookie("firebaseToken", user.firebaseToken, new Date(firebaseExpiryDate * 1000));
89+
8490
document.getElementById("loginMenu")?.remove();
8591
tokenRefreshed = true;
8692
} else {
8793
alert("Login failed!");
8894
}
8995
}
9096

97+
async function fetchFirebaseToken(accessToken) {
98+
const res = await fetch(FIREBASE_TOKEN_URL, {
99+
headers: `mGira ${currentVersion}`,
100+
"X-Gira-Token": accessToken,
101+
}),
102+
token = await res.text();
103+
if (!res.ok) {
104+
console.error("Error fetching encrypted token: ", token);
105+
return null;
106+
}
107+
return token;
108+
}
109+
110+
function getJWTPayload(token) {
111+
// Decode the JWT token and get the payload
112+
const payload = token.split(".")[1];
113+
const decodedPayload = atob(payload);
114+
return JSON.parse(decodedPayload);
115+
}
116+
91117
async function runStartupFunctions() {
92118
// Get all user details
93119
getUserInformation();
@@ -115,7 +141,7 @@ async function validateLogin() {
115141
query: `mutation {
116142
validateLogin(in: {
117143
language: "pt",
118-
userAgent: "Gira/3.4.0 (Android 34)",
144+
userAgent: "Gira/3.4.3 (Android 34)",
119145
firebaseToken: "cwEUfibvTHCRZ6z3R1l3B8"
120146
}) { messages { code text } }
121147
}`,

0 commit comments

Comments
 (0)