Add initial code version

Author: derrod

.gitignore

@@ -0,0 +1,6 @@
+/target
+**/*.rs.bk
+wasm-pack.log
+build/
+.idea/
+Cargo.lock

Cargo.toml

@@ -0,0 +1,31 @@
+[package]
+name = "obs-oauth-cf"
+version = "0.1.0"
+authors = ["dennis <[email protected]>"]
+edition = "2018"
+
+[lib]
+crate-type = ["cdylib", "rlib"]
+
+[features]
+default = ["console_error_panic_hook"]
+
+[dependencies]
+cfg-if = "0.1.2"
+worker = "0.0.9"
+serde_qs = "0.9.1"
+serde_json = "1.0.67"
+serde = "1.0.136"
+rand = "0.8.5"
+getrandom = {version = "0.2.6", features = ["js"]}
+reqwest = { version="0.11", features=["json"] }
+
+# The `console_error_panic_hook` crate provides better debugging of panics by
+# logging them with `console.error`. This is great for development, but requires
+# all the `std::fmt` and `std::panicking` infrastructure, so isn't great for
+# code size when deploying.
+console_error_panic_hook = { version = "0.1.1", optional = true }
+
+[profile.release]
+# Tell `rustc` to optimize for small code size.
+opt-level = "s"

src/lib.rs

@@ -0,0 +1,66 @@
+use worker::*;
+
+mod utils;
+mod platforms;
+
+fn log_request(req: &Request) {
+    console_log!(
+        "{} - [{}], located at: {:?}, within: {}",
+        Date::now().to_string(),
+        req.path(),
+        req.cf().coordinates().unwrap_or_default(),
+        req.cf().region().unwrap_or("unknown region".into())
+    );
+}
+
+const BLANK_PAGE: &str = "This is an open field west of a white house, with a boarded front door.
+There is a small mailbox here.
+>";
+const OAUTH_FINISHED : &str = "OAuth finished. This window should close momentarily.";
+
+fn handle_redirects(_: Request, ctx: RouteContext<()>) -> Result<Response> {
+    let provider = ctx.param("platform");
+    let mut url: Option<String> = None;
+
+    match provider.unwrap().as_str() {
+        "twitch" => url = Some(platforms::twitch::get_redirect_url(&ctx)),
+        _ => {}
+    }
+
+    if url.is_some() {
+        Response::redirect(Url::parse(&url.unwrap()).unwrap())
+    } else {
+        Response::error(format!("Unknown provider: {}", provider.unwrap()), 404)
+    }
+}
+
+async fn handle_token(mut req: Request, ctx: RouteContext<()>) -> Result<Response> {
+    let provider = ctx.param("platform");
+    let params = req.form_data().await?;
+
+    match provider.unwrap().as_str() {
+        "twitch" => platforms::twitch::get_token(params, &ctx).await,
+        _ => Response::error(format!("Unknown provider: {}", provider.unwrap()), 404)
+    }
+}
+
+#[event(fetch)]
+pub async fn main(req: Request, env: Env, _ctx: worker::Context) -> Result<Response> {
+    log_request(&req);
+    utils::set_panic_hook();
+    let router = Router::new();
+    router
+        .get("/", |_, _| Response::ok(BLANK_PAGE))
+        .get("/v1/:platform/redirect", handle_redirects)
+        .get("/v1/:platform/finished", |_, _| Response::ok(OAUTH_FINISHED))
+        .post_async("/v1/:platform/token", |req, ctx| async move {
+            let res = handle_token(req, ctx).await;
+            if let Err(_res) = res {
+                Response::error("Bad Request (Fuck)", 400)
+            } else {
+                res
+            }
+        })
+        .run(req, env)
+        .await
+}

src/platforms/mod.rs

@@ -0,0 +1,2 @@
+pub mod twitch;
+mod utils;

src/platforms/twitch.rs

@@ -0,0 +1,121 @@
+use std::collections::HashMap;
+
+use reqwest;
+use serde::Serialize;
+use serde_json;
+use serde_qs;
+use worker::{FormData, FormEntry, Response, Result, RouteContext};
+
+use crate::platforms::utils::generate_state_string;
+
+const SCOPES: &str = "channel:read:stream_key";
+const TWITCH_AUTH_URL: &str = "https://id.twitch.tv/oauth2/authorize";
+const TWITCH_TOKEN_URL: &str = "https://id.twitch.tv/oauth2/token";
+
+#[derive(Serialize)]
+struct RedirectParams {
+    client_id: String,
+    redirect_uri: String,
+    response_type: String,
+    scope: String,
+    state: String,
+}
+
+pub fn get_redirect_url(ctx: &RouteContext<()>) -> String {
+    let q = RedirectParams {
+        client_id: ctx.secret("TWITCH_ID").unwrap().to_string(),
+        redirect_uri: ctx.secret("TWITCH_REDIRECT_URL").unwrap().to_string(),
+        response_type: "code".to_string(),
+        scope: SCOPES.to_string(),
+        state: generate_state_string(),
+    };
+
+    format!("{}?{}", TWITCH_AUTH_URL, serde_qs::to_string(&q).unwrap())
+}
+
+fn get_param_val(form_data: &FormData, name: &str) -> Option<String> {
+    // This is fucking atrocious.
+    if let Some(value) = form_data.get(name) {
+        if let FormEntry::Field(val) = value {
+            return Some(val);
+        }
+    };
+
+    None
+}
+
+pub async fn get_token(params: FormData, ctx: &RouteContext<()>) -> Result<Response> {
+    let grant_type: String = get_param_val(&params, "grant_type").unwrap_or_default();
+    let mut post_data: HashMap<&str, String> = HashMap::from([
+        ("client_id", ctx.secret("TWITCH_ID").unwrap().to_string()),
+        ("client_secret", ctx.secret("TWITCH_SECRET").unwrap().to_string()),
+        ("grant_type", grant_type.to_string())
+    ]);
+
+    match grant_type.as_str() {
+        "refresh_token" => {
+            post_data.insert("refresh_token", get_param_val(&params, "refresh_token").unwrap());
+        }
+        "authorization_code" => {
+            post_data.insert("code", get_param_val(&params, "code").unwrap());
+            post_data.insert("redirect_uri", ctx.secret("TWITCH_REDIRECT_URL").unwrap().to_string());
+        }
+        _ => return Response::error(format!("Invalid grant_type '{}'", grant_type), 400),
+    }
+
+    let client = reqwest::Client::new();
+    let _resp = client.post(TWITCH_TOKEN_URL).form(&post_data).send().await;
+
+    if _resp.is_err() {
+        let resp = Response::from_json(&serde_json::json!({
+            "error": "curl_error",
+            "error_description": format!("Request failed with {}", _resp.err().unwrap())
+        }))?;
+        return Ok(resp.with_status(500));
+    }
+    let resp = _resp.unwrap();
+
+    let status = resp.status().as_u16();
+    let _json = resp.json::<HashMap<String, serde_json::Value>>().await;
+    if _json.is_err() {
+        let res = Response::from_json(&serde_json::json!({
+            "error": "parse_error",
+            "error_description": "Bad JSON response from Twitch"
+        }))?;
+        return Ok(res.with_status(500));
+    }
+    let data = _json.unwrap();
+
+
+    if status != 200 {
+        let resp_data: serde_json::Value;
+
+        if data.contains_key("message") {
+            if data["message"].as_str().unwrap() == "Invalid refresh token" {
+                resp_data = serde_json::json!({
+                    "error": "Error",
+                    "error_description": "Your Twitch login token is no longer valid. Please try reconnecting your account."
+                });
+            } else {
+                resp_data = serde_json::json!({
+                    "error": "Error",
+                    "error_description": data["message"].as_str().unwrap()
+                })
+            };
+        } else {
+            resp_data = serde_json::json!({
+                "error": "status_error",
+                "error_description": format!("Received HTTP {} from Twitch", status)
+            });
+        }
+        let res = Response::from_json(&resp_data)?;
+        return Ok(res.with_status(status));
+    }
+
+    let res = Response::from_json(&data)?;
+    if data.contains_key("error") {
+        return Ok(res.with_status(500));
+    }
+
+    Ok(res)
+}

src/platforms/utils.rs

@@ -0,0 +1,12 @@
+use rand::distributions::Alphanumeric;
+use rand::Rng;
+
+pub fn generate_state_string() -> String {
+    let rand_string: String = rand::thread_rng()
+        .sample_iter(&Alphanumeric)
+        .take(32)
+        .map(char::from)
+        .collect();
+
+    rand_string
+}

src/utils.rs

@@ -0,0 +1,12 @@
+use cfg_if::cfg_if;
+
+cfg_if! {
+    // https://github.com/rustwasm/console_error_panic_hook#readme
+    if #[cfg(feature = "console_error_panic_hook")] {
+        extern crate console_error_panic_hook;
+        pub use self::console_error_panic_hook::set_once as set_panic_hook;
+    } else {
+        #[inline]
+        pub fn set_panic_hook() {}
+    }
+}

wrangler.toml

@@ -0,0 +1,19 @@
+name = "obs-oauth-cf"
+type = "javascript"
+workers_dev = true
+compatibility_date = "2022-03-29"
+
+[build]
+command = "cargo install -q worker-build && worker-build --release" # required
+
+[build.upload]
+dir = "build/worker"
+format = "modules"
+main = "./shim.mjs"
+
+[[build.upload.rules]]
+globs = ["**/*.wasm"]
+type = "CompiledWasm"
+
+# read more about configuring your Worker via wrangler.toml at:
+# https://developers.cloudflare.com/workers/cli-wrangler/configuration