From b8251b67b5e69e01b0a5a6516986da62e12576c9 Mon Sep 17 00:00:00 2001 From: Regalijan Date: Wed, 22 Nov 2023 22:47:40 -0500 Subject: [PATCH] Create data transfer verify endpoint --- functions/api/data-transfers/verify.ts | 94 ++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 functions/api/data-transfers/verify.ts diff --git a/functions/api/data-transfers/verify.ts b/functions/api/data-transfers/verify.ts new file mode 100644 index 0000000..509651c --- /dev/null +++ b/functions/api/data-transfers/verify.ts @@ -0,0 +1,94 @@ +import { jsonError } from "../../common.js"; +import { getBanList } from "../../roblox-open-cloud.js"; + +export async function onRequestGet(context: RequestContext) { + const code = new URL(context.request.url).searchParams.get("code"); + + if (!code) return jsonError("Missing code", 400); + + const dataTransferData = (await context.env.DATA.get( + `datatransfer_${context.data.data_transfer_id}`, + { type: "json" }, + )) as { [k: string]: any } | null; + + if (!dataTransferData) + return jsonError("No transfer exists with that ID", 404); + + const exchangeReq = await fetch("https://apis.roblox.com/oauth/v1/token", { + body: `code=${code}&grant_type=authorization_code`, + headers: { + authorization: `Basic ${ + btoa(context.env.ROBLOX_OAUTH_ID) + + ":" + + context.env.ROBLOX_OAUTH_SECRET + }`, + "content-type": "application/x-www-form-urlencoded", + }, + method: "POST", + }); + + if (!exchangeReq.ok) return jsonError("Failed to redeem code", 500); + + const { id_token } = (await exchangeReq.json()) as { id_token: string }; + + const { name, preferred_username, sub } = JSON.parse( + atob(id_token.replaceAll("-", "+").replaceAll("_", "/")), + ); + + if (!preferred_username) return jsonError("Username missing", 500); + + const userObj = { + displayName: name, + id: parseInt(sub), + name: preferred_username, + }; + + let redirectLocation = "/data-transfer/complete"; + + if (dataTransferData.oldUser) { + let banList; + + try { + banList = (await getBanList(context)) as { + [k: string]: { BanType: number }; + }; + } catch { + return jsonError("Failed to create data transfer request", 500); + } + + if (banList[userObj.id].BanType) + return new Response(null, { + headers: { + location: redirectLocation, + }, + status: 302, + }); + + dataTransferData.newUser = userObj; + + await fetch( + `https://api.trello.com/1/cards?key=${context.env.TRELLO_API_KEY}&token=${context.env.TRELLO_API_TOKEN}`, + { + body: JSON.stringify({ + desc: `${dataTransferData.oldUser.name} -> ${userObj.name}\n${dataTransferData.oldUser.id} -> ${userObj.id}\nNO MODMAIL TICKET - WEBSITE FORM SUBMISSION`, + idList: context.env.TRELLO_LIST_ID, + name: `${dataTransferData.oldUser.name} | Data Transfer`, + }), + headers: { + "content-type": "application/json", + }, + method: "POST", + }, + ); + } else { + dataTransferData.oldUser = userObj; + redirectLocation = "/data-transfer/destination-account"; + } + + return new Response(null, { + headers: { + location: redirectLocation, + }, + status: 302, + }); +}