From 68478dd22f2a8de908e003992235d7c59ebefa1f Mon Sep 17 00:00:00 2001
From: SantaSpeen <admin@ahegao.ovh>
Date: Mon, 28 Mar 2022 19:08:31 +0300
Subject: [PATCH] redirect server

---
 redirect_server/main.py          | 72 ++++++++++++++++++++++++++++++++
 redirect_server/readme           |  4 ++
 redirect_server/requirements.txt |  1 +
 3 files changed, 77 insertions(+)
 create mode 100644 redirect_server/main.py
 create mode 100644 redirect_server/readme
 create mode 100644 redirect_server/requirements.txt

diff --git a/redirect_server/main.py b/redirect_server/main.py
new file mode 100644
index 0000000..ec330b8
--- /dev/null
+++ b/redirect_server/main.py
@@ -0,0 +1,72 @@
+"""
+    This is redirect server for https://oauth.gitflic.ru/oauth/authorize
+    Base URL: https://gitflic.santaspeen.ru/
+    Author: @SantaSpeen
+    License: MIT
+"""
+import json
+import random
+from string import ascii_letters, digits
+
+from flask import Flask, request, redirect, abort
+
+app = Flask("gitflic oauth redirect")
+cache = {}
+
+
+@app.route("/favicon.ico")
+def fav():
+    return redirect("https://gitflic.ru/static/image/favicon/android-icon-192x192.png", 301)
+
+
+@app.route("/",  methods=["POST"])
+def save_code():
+    headers = request.headers
+
+    if headers.get('Cdn-Loop') == "cloudflare":
+
+        if headers['Cf-Connecting-Ip'] == "84.47.177.90":  # Gitflic server ip
+
+            jsn = json.loads(request.get_data())
+            cache[jsn['state']].update({"code": jsn['code']})
+            return "ok", 200
+
+    abort(403)
+
+
+@app.route("/<user_code>",  methods=["GET"])
+def redirect_to_localhost(user_code):
+    headers = request.headers
+    if headers.get('Cdn-Loop') == "cloudflare":
+        ip = headers['Cf-Connecting-Ip']
+        if cache.get(user_code) is None:
+            return "Unknown code.", 404
+
+        if cache[user_code]['ip'] != ip:
+            return "Cannot access from your IP.", 403
+
+        redirect_url = cache[user_code]['redirect'] + f"?code={cache[user_code]['code']}&state={user_code}"
+
+        del cache[user_code]
+
+        return redirect(redirect_url)
+
+    abort(403)
+
+
+@app.route("/getstate", methods=["GET"])
+def getcode():
+    headers = request.headers
+    if headers.get('Cdn-Loop') == "cloudflare":
+        ip = headers['Cf-Connecting-Ip']
+        port = request.args.get('port') or abort(401)
+        if port.isdigit() and 49152 <= int(port) <= 65535:
+            state = ''.join([random.choice(ascii_letters + digits) for _ in range(random.randint(10, 17))])
+            cache.update({state: {"ip": ip, "code": None, "redirect": f"http://localhost:{port}/"}})
+            return {"state": state, "allow_from": ip}, 201
+
+    abort(403)
+
+
+if __name__ == '__main__':
+    app.run("0.0.0.0", 18948, True)
diff --git a/redirect_server/readme b/redirect_server/readme
new file mode 100644
index 0000000..481203f
--- /dev/null
+++ b/redirect_server/readme
@@ -0,0 +1,4 @@
+Тут находятся исходники сервера для редиректа на localhost сервер
+
+Никакие токены не сохраняются, сервер выполнен исключительно для удобства
+
diff --git a/redirect_server/requirements.txt b/redirect_server/requirements.txt
new file mode 100644
index 0000000..7e10602
--- /dev/null
+++ b/redirect_server/requirements.txt
@@ -0,0 +1 @@
+flask