From 164e99b5a9325e9afb2950eb6a6cd02cc800476c Mon Sep 17 00:00:00 2001 From: Yuan Si Date: Fri, 31 Mar 2023 09:41:35 +0800 Subject: [PATCH] Add Shengqu private apis Signed-off-by: Yuan Si --- go.mod | 1 + go.sum | 4 + handler/private.go | 266 +++++++++++++++++++++++++++++++++++++++++++++ main.go | 18 ++- 4 files changed, 287 insertions(+), 2 deletions(-) create mode 100644 handler/private.go diff --git a/go.mod b/go.mod index 9761bc1..b99ad34 100644 --- a/go.mod +++ b/go.mod @@ -5,6 +5,7 @@ go 1.19 require github.com/gin-gonic/gin v1.8.2 require ( + github.com/forgoer/openssl v1.5.0 github.com/mattn/go-sqlite3 v1.14.16 github.com/tidwall/gjson v1.14.4 ) diff --git a/go.sum b/go.sum index de6a67b..5825054 100644 --- a/go.sum +++ b/go.sum @@ -2,6 +2,8 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/forgoer/openssl v1.5.0 h1:zu1AvfECl6VatFfkfryvI/C8Cru+xLEvZ6Q80DmAPRc= +github.com/forgoer/openssl v1.5.0/go.mod h1:NMVFOzYeLVR7UiGTxsa+A21nrERTZ3Rv2JHDPcJpDyI= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= @@ -65,6 +67,7 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= @@ -131,6 +134,7 @@ gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMy gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/handler/private.go b/handler/private.go new file mode 100644 index 0000000..de590df --- /dev/null +++ b/handler/private.go @@ -0,0 +1,266 @@ +package handler + +import ( + "encoding/base64" + "fmt" + "honoka-chan/encrypt" + "honoka-chan/utils" + "io" + "net/http" + "net/url" + "strings" + + "github.com/forgoer/openssl" + "github.com/gin-gonic/gin" +) + +var ( + randKey string +) + +func ActiveHandler(ctx *gin.Context) { + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, `{ "code": 0, "msg": "ok", "data": { "message": "ok", "result": 0 } }`) +} + +func PublicKeyHandler(ctx *gin.Context) { + publicKey := utils.ReadAllText("publickey.pem") + publicKey = strings.ReplaceAll(publicKey, "\n", "") + publicKey = strings.ReplaceAll(publicKey, "-----BEGIN PUBLIC KEY-----", "") + publicKey = strings.ReplaceAll(publicKey, "-----END PUBLIC KEY-----", "") + publicKey = strings.ReplaceAll(publicKey, "/", "\\/") + // fmt.Println(publicKey) + resp := fmt.Sprintf(`{ "code": 0, "msg": "", "data": { "result": 0, "message": "ok", "key": "%s", "method": "rsa" } }`, publicKey) + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) +} + +func HandshakeHandler(ctx *gin.Context) { + body, err := io.ReadAll(ctx.Request.Body) + if err != nil { + panic(err) + } + defer ctx.Request.Body.Close() + // fmt.Println(string(body)) + + body64, err := base64.StdEncoding.DecodeString(string(body)) + if err != nil { + panic(err) + } + decryptedBody := encrypt.RSA_Decrypt(body64, "privatekey.pem") + // fmt.Println(decryptedBody) + // fmt.Println(string(decryptedBody)) + + params, err := url.ParseQuery(string(decryptedBody)) + if err != nil { + panic(err) + } + randKey = params.Get("randkey") + // fmt.Println(randKey) + + token := `{"token":"YUMEMICHI14104EF796D769AE404C1FC6"}` + encryptedToken, err := openssl.Des3ECBEncrypt([]byte(token), []byte(randKey)[0:24], openssl.PKCS7_PADDING) + if err != nil { + panic(err) + } + encryptedToken64 := base64.StdEncoding.EncodeToString(encryptedToken) + // fmt.Println(encryptedToken64) + + resp := fmt.Sprintf(`{ "code": 0, "msg": "ok", "data": "%s" }`, encryptedToken64) + + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) +} + +func InitializeHandler(ctx *gin.Context) { + // body, err := io.ReadAll(ctx.Request.Body) + // if err != nil { + // panic(err) + // } + // defer ctx.Request.Body.Close() + // fmt.Println(string(body)) + + // body64, err := base64.StdEncoding.DecodeString(string(body)) + // if err != nil { + // panic(err) + // } + // // fmt.Println(string(body64)) + + // decryptedBody, err := openssl.Des3ECBDecrypt(body64, []byte(randKey)[0:24], openssl.PKCS7_PADDING) + // if err != nil { + // panic(err) + // } + // fmt.Println(string(decryptedBody)) + + token := `{"message":"Hello, world!"}` + encryptedToken, err := openssl.Des3ECBEncrypt([]byte(token), []byte(randKey)[0:24], openssl.PKCS7_PADDING) + if err != nil { + panic(err) + } + encryptedToken64 := base64.StdEncoding.EncodeToString(encryptedToken) + // fmt.Println(encryptedToken64) + + resp := fmt.Sprintf(`{ "code": 0, "msg": "ok", "data": "%s" }`, encryptedToken64) + + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) +} + +func GetCodeHandler(ctx *gin.Context) { + resp := `{ "code": 0, "msg": "ok", "data": { "codeArray": [ { "btntext": "好的", "code": "-10264022", "msg_from": 2, "text": "", "title": "短信验证码被阻止", "type": 1 }, { "btntext": " ", "code": "-10869623", "msg_from": 2, "text": "", "title": "网络连接失败,无法一键登录", "type": 2 }, { "btntext": " ", "code": "10298300", "msg_from": 2, "text": "", "title": " ", "type": 3 }, { "btntext": "", "code": "10298311", "msg_from": 2, "text": "", "title": "", "type": 3 }, { "btntext": " ", "code": "10298312", "msg_from": 2, "text": "", "title": " ", "type": 3 }, { "btntext": " ", "code": "10298313", "msg_from": 2, "text": "", "title": " ", "type": 1 }, { "btntext": " ", "code": "10298321", "msg_from": 2, "text": "", "title": " ", "type": 3 }, { "btntext": " ", "code": "10298322", "msg_from": 2, "text": "", "title": " ", "type": 3 } ], "codeVersion": "1.0.5" } }` + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) +} + +func LoginAutoHandler(ctx *gin.Context) { + // body, err := io.ReadAll(ctx.Request.Body) + // if err != nil { + // panic(err) + // } + // defer ctx.Request.Body.Close() + // fmt.Println(string(body)) + + // body64, err := base64.StdEncoding.DecodeString(string(body)) + // if err != nil { + // panic(err) + // } + // // fmt.Println(string(body64)) + + // decryptedBody, err := openssl.Des3ECBDecrypt(body64, []byte(randKey)[0:24], openssl.PKCS7_PADDING) + // if err != nil { + // panic(err) + // } + // fmt.Println(string(decryptedBody)) + + token := `{"message":"Hello, world!"}` + encryptedToken, err := openssl.Des3ECBEncrypt([]byte(token), []byte(randKey)[0:24], openssl.PKCS7_PADDING) + if err != nil { + panic(err) + } + encryptedToken64 := base64.StdEncoding.EncodeToString(encryptedToken) + // fmt.Println(encryptedToken64) + + resp := fmt.Sprintf(`{ "code": 0, "msg": "ok", "data": "%s" }`, encryptedToken64) + + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) +} + +func LoginAreaHandler(ctx *gin.Context) { + userId := ctx.PostForm("userid") + if userId != "" { + // fmt.Println(userId) + resp := fmt.Sprintf(`{ "code": 0, "msg": "ok", "data": { "userid": "%s" } }`, userId) + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) + } +} + +func AccountLoginHandler(ctx *gin.Context) { + // body, err := io.ReadAll(ctx.Request.Body) + // if err != nil { + // panic(err) + // } + // defer ctx.Request.Body.Close() + // fmt.Println(string(body)) + + // body64, err := base64.StdEncoding.DecodeString(string(body)) + // if err != nil { + // panic(err) + // } + // // fmt.Println(string(body64)) + + // decryptedBody, err := openssl.Des3ECBDecrypt(body64, []byte(randKey)[0:24], openssl.PKCS7_PADDING) + // if err != nil { + // panic(err) + // } + // fmt.Println(string(decryptedBody)) + + token := `{"message":"Hello, world!"}` + encryptedToken, err := openssl.Des3ECBEncrypt([]byte(token), []byte(randKey)[0:24], openssl.PKCS7_PADDING) + if err != nil { + panic(err) + } + encryptedToken64 := base64.StdEncoding.EncodeToString(encryptedToken) + // fmt.Println(encryptedToken64) + + resp := fmt.Sprintf(`{ "code": 0, "msg": "ok", "data": "%s" }`, encryptedToken64) + + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) +} + +func ReportRoleHandler(ctx *gin.Context) { + // body, err := io.ReadAll(ctx.Request.Body) + // if err != nil { + // panic(err) + // } + // defer ctx.Request.Body.Close() + // fmt.Println(string(body)) + + // body64, err := base64.StdEncoding.DecodeString(string(body)) + // if err != nil { + // panic(err) + // } + // // fmt.Println(string(body64)) + + // decryptedBody, err := openssl.Des3ECBDecrypt(body64, []byte(randKey)[0:24], openssl.PKCS7_PADDING) + // if err != nil { + // panic(err) + // } + // fmt.Println(string(decryptedBody)) + + // decrypted, err := url.QueryUnescape(string(decryptedBody)) + // if err != nil { + // panic(err) + // } + // fmt.Println(decrypted) + + token := `{"message":"Hello, world!"}` + encryptedToken, err := openssl.Des3ECBEncrypt([]byte(token), []byte(randKey)[0:24], openssl.PKCS7_PADDING) + if err != nil { + panic(err) + } + encryptedToken64 := base64.StdEncoding.EncodeToString(encryptedToken) + fmt.Println(encryptedToken64) + + resp := fmt.Sprintf(`{ "code": 0, "msg": "ok", "data": "%s" }`, encryptedToken64) + + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) +} + +func GetProductListHandler(ctx *gin.Context) { + resp := `{ "code": 0, "msg": "ok", "data": { "message": [ ], "result": 0 } }` + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) +} + +func ReportLog(ctx *gin.Context) { + // body, err := io.ReadAll(ctx.Request.Body) + // if err != nil { + // panic(err) + // } + // defer ctx.Request.Body.Close() + // fmt.Println(string(body)) + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, "") +} + +func ReportApp(ctx *gin.Context) { + // body, err := io.ReadAll(ctx.Request.Body) + // if err != nil { + // panic(err) + // } + // defer ctx.Request.Body.Close() + // fmt.Println(string(body)) + resp := `{ "code": 0, "msg": "", "data": { "needReport": 0 } }` + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) +} + +func AgreementHandler(ctx *gin.Context) { + resp := `{ "return_code": 0, "error_type": 0, "return_message": "", "data": { } }` + ctx.Header("Content-Type", "text/html;charset=utf-8") + ctx.String(http.StatusOK, resp) +} diff --git a/main.go b/main.go index 3399022..07738c9 100644 --- a/main.go +++ b/main.go @@ -24,12 +24,26 @@ func main() { r := gin.Default() r.Use(middleware.KlabHeader) + // Private APIs + r.GET("/v1/basic/getcode", handler.GetCodeHandler) + r.POST("/v1/account/active", handler.ActiveHandler) + r.POST("/v1/basic/publickey", handler.PublicKeyHandler) + r.POST("/v1/basic/handshake", handler.HandshakeHandler) + r.POST("/v1/account/initialize", handler.InitializeHandler) + r.POST("/v1/account/login", handler.AccountLoginHandler) + r.POST("/v1/account/loginauto", handler.LoginAutoHandler) + r.POST("/v1/basic/loginarea", handler.LoginAreaHandler) + r.POST("/v1/account/reportRole", handler.ReportRoleHandler) + r.POST("/v1/basic/getProductList", handler.GetProductListHandler) + r.POST("/report/ge/app", handler.ReportLog) + r.GET("/agreement/all", handler.AgreementHandler) + r.GET("/integration/appReport/initialize", handler.ReportApp) + // Private APIs + r.Any("/", func(ctx *gin.Context) { ctx.String(http.StatusOK, "Hello, world!") }) - r.GET("/webview.php/announce/index", handler.AnnounceIndexHandler) - r.POST("/main.php/login/authkey", handler.AuthKeyHandler) r.POST("/main.php/login/login", handler.LoginHandler) r.POST("/main.php/user/userInfo", handler.UserInfoHandler)