Active purchasing (non-static)

author Christian Weiske <cweiske@cweiske.de>

Sat, 25 Jan 2020 17:43:58 +0000 (18:43 +0100)

committer Christian Weiske <cweiske@cweiske.de>

Sat, 25 Jan 2020 17:43:58 +0000 (18:43 +0100)
author Christian Weiske <cweiske@cweiske.de>
Sat, 25 Jan 2020 17:43:58 +0000 (18:43 +0100)
committer Christian Weiske <cweiske@cweiske.de>
Sat, 25 Jan 2020 17:43:58 +0000 (18:43 +0100)
diff --git a/www/.htaccess b/www/.htaccess

index 1ba4fcc0b81d6356137b988260dae4d63cc0755c..1587472e10531e350f3b628ffba4cd4bed5759e7 100644 (file)
--- a/www/.htaccess
+++ b/www/.htaccess
@@ -20,6 +20,10 @@ RewriteRule ^api/v1/discover/?$ /api/v1/discover-data/discover.json [END]
  RewriteRule ^api/v1/discover/(.+)$ /api/v1/discover-data/$1.json [END]
  
  #purchased games/products
  RewriteRule ^api/v1/discover/(.+)$ /api/v1/discover-data/$1.json [END]
  
  #purchased games/products
+# active buy requests
+RewriteCond %{REQUEST_METHOD} POST
+RewriteRule ^api/v1/games/(.+)/purchases?$ /api/v1/games/purchase.php [END]
+
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule ^api/v1/games/(.+)/purchases?$ /api/v1/games/purchases-empty.json [END]
  
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule ^api/v1/games/(.+)/purchases?$ /api/v1/games/purchases-empty.json [END]
  
diff --git a/www/api/v1/games/purchase.php b/www/api/v1/games/purchase.php

new file mode 100644 (file)

index 0000000..38e58d2
--- /dev/null
+++ b/www/api/v1/games/purchase.php
@@ -0,0 +1,54 @@
+<?php
+if (!isset($_POST['blob'])) {
+    echo "blob key missing in POST data\n";
+    exit(1);
+}
+$innerJson = base64_decode($_POST['blob']);
+
+$inner = json_decode($innerJson);
+if ($inner === null) {
+    echo "Error decoding inner JSON data\n";
+    exit(1);
+}
+$buyRequest = json_decode(base64_decode($inner->blob));
+if ($buyRequest === null) {
+    echo "Error decoding encrypted inner JSON data\n";
+    exit(1);
+}
+if (!isset($buyRequest->uuid)) {
+    echo "uuid key missing in JSON data\n";
+    exit(1);
+}
+if (!isset($buyRequest->identifier)) {
+    echo "identifier key missing in JSON data\n";
+    exit(1);
+}
+
+ini_set('html_errors', false);
+
+$productFiles = glob(
+    __DIR__ . '/../developers/*/products/'
+    . $buyRequest->identifier . '.json'
+);
+if (!count($productFiles)) {
+    echo "Cannot find product file for product identifier\n";
+    exit(1);
+}
+$product = json_decode(file_get_contents($productFiles[0]))->products[0];
+if ($product === null) {
+    echo "could not find product in purchases file\n";
+    exit(1);
+}
+
+$payload = $product;
+$payload->uuid = $buyRequest->uuid;
+
+$enc = [
+    'key'  => base64_encode('0123456789abcdef'),
+    'iv'   => 't3jir1LHpICunvhlM76edQ==',//random bytes
+    'blob' => base64_encode(
+        json_encode($payload, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)
+    ),
+];
+echo json_encode($enc, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES) . "\n";
+?>
author	Christian Weiske <cweiske@cweiske.de>
	Sat, 25 Jan 2020 17:43:58 +0000 (18:43 +0100)
committer	Christian Weiske <cweiske@cweiske.de>
	Sat, 25 Jan 2020 17:43:58 +0000 (18:43 +0100)
www/.htaccess		patch \| blob \| history
www/api/v1/games/purchase.php	[new file with mode: 0644]	patch \| blob