Pritunl-Fake-API: www/index.php annotate

annotate www/index.php @ 0:b51518614818 default tip

New Files

author	Pluto <meokcin@gmail.com>
date	Tue, 03 Sep 2024 15:57:25 +0800
parents
children

rev	line source
0 b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	1 <?php
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	2 // Author: simonmicro 2023
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	3
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	4 // Config
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	5 $minVersionNumber = 1003235044068;
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	6 $minVersionName = '1.32.3504.68';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	7 $minVersionIgnored = false; // use this to ignore the min version check - used for the public endpoint to avoid breaking too many clients at once
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	8 $licenseCosts = 42; // insert here any price you want - "0" is a special value, which also breaks the UI ;)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	9
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	10 header('Access-Control-Allow-Origin: *'); //Allow access from everywhere...
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	11 $code = 200; // Assuming everything is fine for now
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	12
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	13 // Check if a ".ignoreMinVersion" file exists
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	14 if(!$minVersionIgnored && file_exists('.ignoreMinVersion')) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	15 $minVersionIgnored = true; // If so, we ignore the min version check
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	16 }
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	17
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	18 // Parse body (if possible)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	19 $body = json_decode(file_get_contents('php://input'));
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	20 $clientVersion = isset($body->version) ? $body->version : null;
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	21
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	22 // Fake API
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	23 $result = null;
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	24 if (version_compare(PHP_VERSION, '8.0.0', '<')) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	25 $result = array('error_msg' => 'This API only supports PHP 8 or higher.');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	26 $code = 500;
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	27 } else if(isset($_GET['path'])) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	28 $path = trim($_GET['path'], ' /');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	29 $pathParts = explode('/', $path);
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	30 if(count($pathParts) > 0 && $pathParts[0] == 'healthz') {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	31 $result = 'OK';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	32 } else if(count($pathParts) > 0 && $pathParts[0] == 'notification') {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	33 // Any notification/[version] will be answered here
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	34 $msg = 'Fake API endpoint for v' . $minVersionName . ' active and reachable (contacted at ' . date('r') . ').';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	35 if(intval($pathParts[1]) < $minVersionNumber) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	36 $msg .= ' Please update your Pritunl instance to a newer version as this endpoint may not compatible anymore.';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	37 }
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	38 $result = array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	39 'message' => $msg,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	40 'vpn' => false, // idk
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	41 'www' => false // idk
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	42 );
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	43 } else if(count($pathParts) > 0 && $pathParts[0] == 'auth') {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	44 $result = array('error_msg' => 'Sorry, but SSO is currently not supported.');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	45 $code = 401; // Let Pritunl fail, without 500 codes (it will show 405)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	46 } else if(count($pathParts) > 0 && $pathParts[0] == 'ykwyhd') {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	47 // The "you-know-what-you-have-done" endpoint -> used as dummy url target
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	48 $result = array('detail' => 'You know what you have done.');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	49 } else if(!$minVersionIgnored && $clientVersion != null && $clientVersion < $minVersionNumber) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	50 // Check if the instance is too old for us (for now following operators)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	51 $result = array('error_msg' => 'This API supports v' . $minVersionName . ' (' . $minVersionNumber . ') or higher.');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	52 $code = 473;
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	53 } else if(count($pathParts) > 0 && $pathParts[0] == 'subscription') {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	54 // The following only works with the body containing the desired license
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	55 if(isset($body->license)) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	56 $license = null;
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	57 $user = md5(base64_encode($body->license));
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	58 $url_key = substr($user, 0, 8);
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	59 $input = strtolower($body->license);
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	60
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	61 // The stylesheet determines what is shown on the dashboard (and by the plan).
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	62 $stylesheet = '';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	63 if(str_contains($input, 'premium')) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	64 $license = 'premium';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	65 $stylesheet = file_get_contents('premium.css');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	66 // No need to install the user license "id" into CSS class, as that file only contains custom patches
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	67 } else if(str_contains($input, 'enterprise')) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	68 $license = 'enterprise';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	69 $stylesheet = file_get_contents('enterprise.css');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	70 $stylesheet = preg_replace('/(\.enterprise)([\.\ ])/', '$1-'.$url_key.'$2', $stylesheet); // Install user license "id" into CSS class
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	71 } else if(str_contains($input, 'ultimate')) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	72 $license = 'enterprise_plus';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	73 $stylesheet = file_get_contents('enterprise_plus.css');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	74 $stylesheet = preg_replace('/(\.enterprise-plus)([\.\ ])/', '$1-'.$url_key.'$2', $stylesheet); // Install user license "id" into CSS class
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	75 }
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	76 $stylesheet .= "\n/* custom.css */\n";
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	77 $stylesheet .= str_replace('BACKGROUND_IMAGE_URI', "https://" . $_SERVER['HTTP_HOST'] . "/logo.png", file_get_contents('custom.css'));
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	78 $stylesheet .= "\n/* Generated for $license license */";
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	79
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	80 $state = null;
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	81 if($license) { // The following only makes sense if you selected any license
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	82 if(str_starts_with($input, 'bad')) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	83 $state = 'Bad';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	84 } else if(str_starts_with($input, 'canceled')) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	85 $state = 'canceled';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	86 } else if(str_starts_with($input, 'active')) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	87 $state = 'Active';
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	88 }
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	89 }
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	90
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	91 if($state == 'Active') {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	92 $result = array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	93 'active' => true, // if the sub is not active, the css won't use the LICENSE-subscription_id pattern
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	94 'status' => $state,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	95 'plan' => $license,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	96 'url_key' => $user,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	97 'quantity' => 42,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	98 'amount' => $licenseCosts,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	99 'credit' => 42,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	100 'period_end' => false,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	101 'trial_end' => false,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	102 'cancel_at_period_end' => false,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	103 'premium_buy_url' => 'https://' . $_SERVER['HTTP_HOST'] . '/ykwyhd/',
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	104 'enterprise_buy_url' => 'https://' . $_SERVER['HTTP_HOST'] . '/ykwyhd/',
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	105 'portal_url' => 'https://' . $_SERVER['HTTP_HOST'] . '/ykwyhd/',
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	106 'styles' => array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	107 'etag' => null, // the resource is NOT encrypted
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	108 'last_modified' => time(),
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	109 'data' => $stylesheet
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	110 )
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	111 );
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	112 } else if($state == 'Canceled') {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	113 $result = array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	114 'active' => false, // Here we can savely disable any style
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	115 'status' => $state,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	116 'plan' => $license,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	117 'quantity' => 42,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	118 'amount' => 42,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	119 'period_end' => false,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	120 'trial_end' => false,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	121 'cancel_at_period_end' => false,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	122 'styles' => array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	123 'etag' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	124 'last_modified' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	125 'data' => null
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	126 )
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	127 );
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	128 } else if($state == 'Bad' \|\| $state == null) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	129 $code = 470; // -> bad license
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	130 // Do not mention "canceled" in "error_msg", as it is somewhat useless (same as bad)...
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	131 $result = array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	132 'error' => 'license_invalid',
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	133 'error_msg' => $state == null ? 'Unknown command. Use ["bad" \| "active"] ["premium" \| "enterprise" \| "ultimate"].' : 'As you wish.',
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	134 'active' => false,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	135 'status' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	136 'plan' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	137 'quantity' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	138 'amount' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	139 'period_end' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	140 'trial_end' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	141 'cancel_at_period_end' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	142 'styles' => array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	143 'etag' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	144 'last_modified' => null,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	145 'data' => null
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	146 )
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	147 );
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	148 }
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	149 } else {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	150 $result = array('error_msg' => 'Missing license in body.');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	151 $code = 401;
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	152 }
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	153 } else if(count($pathParts) > 0 && $pathParts[0] == 'checkout') {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	154 $result = array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	155 'zipCode' => false,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	156 'allowRememberMe' => false,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	157 'image' => 'https://' . $_SERVER['HTTP_HOST'] . '/logo.png',
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	158 'key' => null, // Insert here a key to unlock the stripe store (is a string). And buy the subscription...
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	159 'plans' => array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	160 'premium' => array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	161 'amount' => $licenseCosts
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	162 ),
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	163 'enterprise' => array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	164 'amount' => $licenseCosts
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	165 ),
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	166 'enterprise_plus' => array(
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	167 'amount' => $licenseCosts
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	168 )
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	169 )
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	170 );
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	171 }
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	172 }
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	173
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	174 header('Content-Type: application/json');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	175 http_response_code($code);
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	176 echo json_encode($result);
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	177
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	178 // Should we log any request? Used for the development and debugging of this API
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	179 if(false) {
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	180 // Log request
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	181 file_put_contents('access.log', "\n" . date('r') . ":\n" . json_encode(array('head' => getallheaders(), 'body' => file_get_contents('php://input'), 'get' => $_GET, 'post' => $_POST, 'answer_code' => $code, 'answer' => $result)) . "\n", FILE_APPEND);
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	182
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	183 // GET operator to clear log file
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	184 if(isset($_GET['clear']))
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	185 file_put_contents('access.log', '');
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	186 }
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	187 ?>

Mercurial > Pritunl-Fake-API

annotate www/index.php @ 0:b51518614818 default tip