crans
/
nixos
mirror of https://gitlab.crans.org/nounous/nixos
19
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Sanitize Note Usernames

wiki
Pyjacpp 2026-04-26 19:33:50 +02:00
parent 01dfd8506e
commit d8f322399c
No known key found for this signature in database
GPG Key ID: ED479A5A26930939
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
hosts/vm/mediakiwi/WSONoteKfetAuth/src/NoteKfetAuth.php
View File

@ -50,6 +50,8 @@ class NoteKfetAuth extends AuthProvider {
*/
public function login( ?string &$key, ?string &$secret, ?string &$authUrl ): bool {
// This state is used to prevent CSRF, i.e., ensuring that authentification request
// were initiated on our website.
$state = random_int(PHP_INT_MIN, PHP_INT_MAX);
$secret = "$state";
$authUrl = $GLOBALS['wgNoteKfetUrl'] . "o/authorize/?" . http_build_query([
@ -85,7 +87,7 @@ class NoteKfetAuth extends AuthProvider {
$userInfos = $this->getUserInfos( $token );
return [
'name' => "note_$userInfos->normalized_name",
'name' => this->sanitizeName( "$userInfos->normalized_name (note)" ),
'realname' => $userInfos->username,
'email' => $userInfos->email,
];
@ -94,6 +96,15 @@ class NoteKfetAuth extends AuthProvider {
}
}
private function sanitizeName( string $name ) {
// We replace forbidden chars.
$res = preg_replace('/[#\/:<>=@\|]/', '-', $name);
$res = preg_replace(['/[\[{]/', '/[\]}]/'], ['(', ')'], $res);
$res = str_replace('_', ' ', $res);
// We remove the last controls chars possibly remaining.
return preg_replace('/[^a-zA-Z0-9 !\"$%&\'()*+,\-.;?\\\^`~]/', '', $res);
}
private function getAccessTokens( string $code ) {
$data = [
'grant_type' => 'authorization_code',