From d9d79e760d1e1df5094f6383ff41f0ff964998d0 Mon Sep 17 00:00:00 2001 From: Armand <4831c0@proton.me> Date: Sat, 23 Aug 2025 15:11:16 +0200 Subject: [PATCH] login: update ua strings, remove copyright headers from files --- .../lib/helpers/api/client/kreta_client.dart | 2 +- firka/lib/helpers/api/consts.dart | 46 +++++++++++-------- firka/lib/helpers/api/model/guardian.dart | 18 -------- firka/lib/helpers/api/model/institution.dart | 18 -------- firka/lib/helpers/api/model/student.dart | 18 -------- firka/lib/helpers/api/resp/token_grant.dart | 18 -------- firka/lib/helpers/api/token_grant.dart | 24 ++-------- firka/lib/helpers/db/models/token_model.dart | 18 -------- firka/pubspec.yaml | 1 + 9 files changed, 33 insertions(+), 130 deletions(-) diff --git a/firka/lib/helpers/api/client/kreta_client.dart b/firka/lib/helpers/api/client/kreta_client.dart index 7cdf719..bfea11e 100644 --- a/firka/lib/helpers/api/client/kreta_client.dart +++ b/firka/lib/helpers/api/client/kreta_client.dart @@ -91,7 +91,7 @@ class KretaClient { final headers = { // "content-type": "application/x-www-form-urlencoded; charset=UTF-8", "accept": "*/*", - "user-agent": "eKretaStudent/264745 CFNetwork/1494.0.7 Darwin/23.4.0", + "user-agent": Constants.userAgent, "authorization": "Bearer $localToken", "apiKey": "21ff6c25-d1da-4a68-a811-c881a6057463" }; diff --git a/firka/lib/helpers/api/consts.dart b/firka/lib/helpers/api/consts.dart index 2896f57..7547e77 100644 --- a/firka/lib/helpers/api/consts.dart +++ b/firka/lib/helpers/api/consts.dart @@ -1,27 +1,28 @@ -/* - Firka, alternative e-Kréta client. - Copyright (C) 2025 QwIT Development +import 'dart:convert'; +import 'dart:math'; - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as - published by the Free Software Foundation, either version 3 of the - License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -*/ +import 'package:crypto/crypto.dart'; class Constants { - static const clientId = "kreta-ellenorzo-student-mobile-ios"; + static const clientId = "kreta-ellenorzo-student-mobile-android"; + static const userAgent = "hu.ekreta.student/5.7.0/SM-A705FN/11/30"; } class KretaEndpoints { static String kretaBase = "e-kreta.hu"; + + static String _generateCodeVerifier() { + var random = Random.secure(); + final bytes = List.generate(32, (i) => random.nextInt(256)); + return base64Url.encode(bytes).replaceAll('=', ''); + } + + static String _generateCodeChallenge(String codeVerifier) { + final bytes = utf8.encode(codeVerifier); + final digest = sha256.convert(bytes); + return base64Url.encode(digest.bytes).replaceAll('=', ''); + } + static String kreta(String iss) { if (iss == "firka-test") { return kretaBase; @@ -30,23 +31,32 @@ class KretaEndpoints { } } + static final String codeVerifier = _generateCodeVerifier(); + static final String _codeChallenge = _generateCodeChallenge(codeVerifier); + static String kretaIdp = "https://idp.e-kreta.hu"; static String kretaLoginUrl = - "$kretaIdp/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fprompt%3Dlogin%26nonce%3DwylCrqT4oN6PPgQn2yQB0euKei9nJeZ6_ffJ-VpSKZU%26response_type%3Dcode%26code_challenge_method%3DS256%26scope%3Dopenid%2520email%2520offline_access%2520kreta-ellenorzo-webapi.public%2520kreta-eugyintezes-webapi.public%2520kreta-fileservice-webapi.public%2520kreta-mobile-global-webapi.public%2520kreta-dkt-webapi.public%2520kreta-ier-webapi.public%26code_challenge%3DHByZRRnPGb-Ko_wTI7ibIba1HQ6lor0ws4bcgReuYSQ%26redirect_uri%3Dhttps%253A%252F%252Fmobil.e-kreta.hu%252Fellenorzo-student%252Fprod%252Foauthredirect%26client_id%3Dkreta-ellenorzo-student-mobile-ios%26state%3Dkreta_student_mobile%26suppressed_prompt%3Dlogin"; + "$kretaIdp/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fredirect_uri%3Dhttps%253A%252F%252Fmobil.e-kreta.hu%252Fellenorzo-student%252Fprod%252Foauthredirect%26client_id%3Dkreta-ellenorzo-student-mobile-android%26response_type%3Dcode%26prompt%3Dlogin%26state%3DaOPUjQU3sXBVRjQQkmYT8g%26nonce%3D3qtS0kDcaHIUGkkEcL1-5g%26scope%3Dopenid%2520email%2520offline_access%2520kreta-ellenorzo-webapi.public%2520kreta-eugyintezes-webapi.public%2520kreta-fileservice-webapi.public%2520kreta-mobile-global-webapi.public%2520kreta-dkt-webapi.public%2520kreta-ier-webapi.public%26code_challenge%3D$_codeChallenge%26code_challenge_method%3DS256%26suppressed_prompt%3Dlogin"; static String tokenGrantUrl = "$kretaIdp/connect/token"; static String getStudentUrl(String iss) => "${kreta(iss)}/ellenorzo/v3/sajat/TanuloAdatlap"; + static String getNoticeBoard(String iss) => "${kreta(iss)}/ellenorzo/v3/sajat/FaliujsagElemek"; + static String getGrades(String iss) => "${kreta(iss)}/ellenorzo/v3/sajat/Ertekelesek"; + static String getTimeTable(String iss) => "${kreta(iss)}/ellenorzo/v3/sajat/OrarendElemek"; + static String getOmissions(String iss) => "${kreta(iss)}/ellenorzo/v3/sajat/Mulasztasok"; + static String getHomework(String iss) => "${kreta(iss)}/ellenorzo/v3/sajat/HaziFeladatok"; + static String getTests(String iss) => "${kreta(iss)}/ellenorzo/v3/sajat/BejelentettSzamonkeresek"; } diff --git a/firka/lib/helpers/api/model/guardian.dart b/firka/lib/helpers/api/model/guardian.dart index a324abf..4e6e516 100644 --- a/firka/lib/helpers/api/model/guardian.dart +++ b/firka/lib/helpers/api/model/guardian.dart @@ -1,21 +1,3 @@ -/* - Firka, alternative e-Kréta client. - Copyright (C) 2025 QwIT Development - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as - published by the Free Software Foundation, either version 3 of the - License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -*/ - class Guardian { final String? email; final bool isLegalRepresentative; diff --git a/firka/lib/helpers/api/model/institution.dart b/firka/lib/helpers/api/model/institution.dart index d390ab7..45ea845 100644 --- a/firka/lib/helpers/api/model/institution.dart +++ b/firka/lib/helpers/api/model/institution.dart @@ -1,21 +1,3 @@ -/* - Firka, alternative e-Kréta client. - Copyright (C) 2025 QwIT Development - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as - published by the Free Software Foundation, either version 3 of the - License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -*/ - class Institution { final CustomizationSettings customizationSettings; final String shortName; diff --git a/firka/lib/helpers/api/model/student.dart b/firka/lib/helpers/api/model/student.dart index 905d32c..438370d 100644 --- a/firka/lib/helpers/api/model/student.dart +++ b/firka/lib/helpers/api/model/student.dart @@ -1,21 +1,3 @@ -/* - Firka, alternative e-Kréta client. - Copyright (C) 2025 QwIT Development - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as - published by the Free Software Foundation, either version 3 of the - License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -*/ - import 'package:firka/helpers/api/model/guardian.dart'; import 'package:firka/helpers/api/model/institution.dart'; import 'package:firka/helpers/json_helper.dart'; diff --git a/firka/lib/helpers/api/resp/token_grant.dart b/firka/lib/helpers/api/resp/token_grant.dart index 6c05232..42b3f64 100644 --- a/firka/lib/helpers/api/resp/token_grant.dart +++ b/firka/lib/helpers/api/resp/token_grant.dart @@ -1,21 +1,3 @@ -/* - Firka, alternative e-Kréta client. - Copyright (C) 2025 QwIT Development - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as - published by the Free Software Foundation, either version 3 of the - License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -*/ - class TokenGrantResponse { final String idToken; final String accessToken; diff --git a/firka/lib/helpers/api/token_grant.dart b/firka/lib/helpers/api/token_grant.dart index 036d3d0..cd2aa8e 100644 --- a/firka/lib/helpers/api/token_grant.dart +++ b/firka/lib/helpers/api/token_grant.dart @@ -1,21 +1,3 @@ -/* - Firka, alternative e-Kréta client. - Copyright (C) 2025 QwIT Development - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as - published by the Free Software Foundation, either version 3 of the - License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -*/ - import 'package:dio/dio.dart'; import 'package:firka/helpers/api/resp/token_grant.dart'; import 'package:firka/helpers/db/models/token_model.dart'; @@ -27,12 +9,12 @@ Future getAccessToken(String code) async { final headers = const { "content-type": "application/x-www-form-urlencoded; charset=UTF-8", "accept": "*/*", - "user-agent": "eKretaStudent/264745 CFNetwork/1494.0.7 Darwin/23.4.0", + "user-agent": Constants.userAgent, }; final formData = { "code": code, - "code_verifier": "DSpuqj_HhDX4wzQIbtn8lr8NLE5wEi1iVLMtMK0jY6c", + "code_verifier": KretaEndpoints.codeVerifier, "redirect_uri": "https://mobil.e-kreta.hu/ellenorzo-student/prod/oauthredirect", "client_id": Constants.clientId, @@ -61,7 +43,7 @@ Future extendToken(TokenModel model) async { final headers = const { "content-type": "application/x-www-form-urlencoded; charset=UTF-8", "accept": "*/*", - "user-agent": "eKretaStudent/264745 CFNetwork/1494.0.7 Darwin/23.4.0", + "user-agent": Constants.userAgent, }; final formData = { diff --git a/firka/lib/helpers/db/models/token_model.dart b/firka/lib/helpers/db/models/token_model.dart index d769a8f..9aa6a08 100644 --- a/firka/lib/helpers/db/models/token_model.dart +++ b/firka/lib/helpers/db/models/token_model.dart @@ -1,21 +1,3 @@ -/* - Firka, alternative e-Kréta client. - Copyright (C) 2025 QwIT Development - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as - published by the Free Software Foundation, either version 3 of the - License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -*/ - import 'package:dart_jsonwebtoken/dart_jsonwebtoken.dart'; import 'package:firka/helpers/api/resp/token_grant.dart'; import 'package:isar/isar.dart'; diff --git a/firka/pubspec.yaml b/firka/pubspec.yaml index a585aae..adcdd68 100644 --- a/firka/pubspec.yaml +++ b/firka/pubspec.yaml @@ -60,6 +60,7 @@ dependencies: flutter_svg: ^1.1.6 home_widget: ^0.8.0 brotli: ^0.6.0 + crypto: ^3.0.6 dev_dependencies: flutter_test: