Skip to content

Commit

Permalink
Fix TokenHandler not checking EventHandler properly
Browse files Browse the repository at this point in the history
  • Loading branch information
@LogicismDev
LogicismDev committed Jan 15, 2025
1 parent 9560a83 commit 15f4d36
Showing 1 changed file with 39 additions and 31 deletions.
70 changes: 39 additions & 31 deletions src/me/Logicism/TwitchOverlayServer/http/handlers/TokenHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,32 +149,32 @@ public void run() {

JSONObject eventSubObject = new JSONObject(BrowserClient.requestToString(bd.getResponse()));

if (hasEventHandler(eventSubObject, "channel.prediction.begin",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.prediction.begin",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.prediction.begin", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
overlaySubBaseURL, 1);
}

if (hasEventHandler(eventSubObject, "channel.prediction.progress",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.prediction.progress",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.prediction.progress", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
overlaySubBaseURL, 1);
}

if (hasEventHandler(eventSubObject, "channel.prediction.lock",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.prediction.lock",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.prediction.lock", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
overlaySubBaseURL, 1);
}

if (hasEventHandler(eventSubObject, "channel.prediction.end",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.prediction.end",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.prediction.end", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
Expand All @@ -188,24 +188,24 @@ public void run() {

JSONObject eventSubObject = new JSONObject(BrowserClient.requestToString(bd.getResponse()));

if (hasEventHandler(eventSubObject, "channel.poll.begin",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.poll.begin",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.poll.begin", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
overlaySubBaseURL, 1);
}

if (hasEventHandler(eventSubObject, "channel.poll.progress",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.poll.progress",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.poll.progress", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
overlaySubBaseURL, 1);
}

if (hasEventHandler(eventSubObject, "channel.poll.end",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.poll.end",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.poll.end", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
Expand All @@ -219,48 +219,48 @@ public void run() {

JSONObject eventSubObject = new JSONObject(BrowserClient.requestToString(bd.getResponse()));

if (hasEventHandler(eventSubObject, "channel.follow",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.follow",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.follow", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
overlaySubBaseURL, 2);
}

if (hasEventHandler(eventSubObject, "channel.subscribe",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.subscribe",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.subscribe", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
overlaySubBaseURL, 1);
}

if (hasEventHandler(eventSubObject, "channel.subscription.gift",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.subscription.gift",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.subscription.gift", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
overlaySubBaseURL, 1);
}

if (hasEventHandler(eventSubObject, "channel.subscription.message",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.subscription.message",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.subscription.message", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
overlaySubBaseURL, 1);
}

if (hasEventHandler(eventSubObject, "channel.cheer",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.cheer",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.cheer", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
overlaySubBaseURL, 1);
}

if (hasEventHandler(eventSubObject, "channel.raid",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL)) {
if (!hasEventHandler(eventSubObject, "channel.raid",
userObject.getString("id"), exchange.getRequestHeaders().get("User-Agent").get(0), overlaySubBaseURL, headers)) {
registerEventSub("channel.raid", userObject.getString("id"),
exchange.getRequestHeaders().get("User-Agent").get(0),
TwitchOverlayServer.INSTANCE.getAppAccessTokenHandle().getAccessToken(),
Expand All @@ -287,10 +287,9 @@ public void run() {
}
}

public boolean hasEventHandler(JSONObject eventSubObject, String subType, String userId, String userAgent, String overlaySubBaseURL) throws IOException {
public boolean hasEventHandler(JSONObject eventSubObject, String subType, String userId, String userAgent, String overlaySubBaseURL, Map<String, String> headers) throws IOException {
for (int i = 0; i < eventSubObject.getJSONArray("data").length(); i++) {
JSONObject eventSubObj = eventSubObject.getJSONArray("data").getJSONObject(i);

if (eventSubObj.getString("type").equals(subType)) {
if (eventSubObj.getJSONObject("transport").getString("method").equals("webhook") &&
eventSubObj.getJSONObject("transport").getString("callback")
Expand All @@ -302,14 +301,23 @@ public boolean hasEventHandler(JSONObject eventSubObject, String subType, String
eventSubObj.getJSONObject("transport").getString("callback")
.equals(TwitchOverlayServer.INSTANCE.getConfig().getOverlayBaseURL()
+ "/webhook" + overlaySubBaseURL + "/" + userId) &&
eventSubObj.getString("status").equals("enabled")) {
!eventSubObj.getString("status").equals("enabled")) {
deleteEventSub(eventSubObject.getString("id"), userAgent, overlaySubBaseURL);

return false;
}
}
}

if (eventSubObject.getJSONObject("pagination").has("cursor")) {
BrowserData bd = BrowserClient.executeGETRequest(new URL(
"https://api.twitch.tv/helix/eventsub/subscriptions?after=" + eventSubObject.getJSONObject("pagination").getString("cursor")), headers);

eventSubObject = new JSONObject(BrowserClient.requestToString(bd.getResponse()));

return hasEventHandler(eventSubObject, subType, userId, userAgent, overlaySubBaseURL, headers);
}

return false;
}

Expand All @@ -322,8 +330,8 @@ public void registerEventSub(String subType, String userId, String userAgent, St
headers.put("Content-Type", "application/json");

JSONObject payload = new JSONObject().put("type", subType).put("version", String.valueOf(version)).put("transport", new JSONObject().put("method", "webhook")
.put("callback", TwitchOverlayServer.INSTANCE.getConfig().getOverlayBaseURL() + "/webhook"
+ overlaySubBaseURL + "/" + userId).put("secret",
.put("callback", TwitchOverlayServer.INSTANCE.getConfig().getOverlayBaseURL() + "/webhook"
+ overlaySubBaseURL + "/" + userId).put("secret",
TwitchOverlayServer.INSTANCE.getConfig().getWebhookSecret()));

JSONObject condition = new JSONObject();
Expand Down

0 comments on commit 15f4d36

Please sign in to comment.