go-nd-portal/portal/server.go

package portal

import (
	"crypto/sha1"
	"encoding/binary"
	"encoding/hex"
	"encoding/json"
	"fmt"
	"net"
	"strings"

	"github.com/google/go-querystring/query"

	"github.com/fumiama/go-nd-portal/base64"
	"github.com/fumiama/go-nd-portal/helper"
)

const (
	// PortalServerIPQsh default Server IP String in Qsh work area
	PortalServerIPQsh		= "10.253.0.237"
	// PortalServerIPQshDorm default Server IP String in Qsh new dorm area
	PortalServerIPQshDorm	= "10.253.0.235"

	// PortalDomainQsh PortalDomain for qsh-edu login type
	PortalDomainQsh			= "@dx-uestc"
	// PortalDomainQshDX PortalDomain for qsh-dx, qshd-dx login types
	PortalDomainQshDX		= "@dx"
	// PortalDomainQshCMCC PortalDomain for qshd-cmcc login type
	PortalDomainQshCMCC		= "@cmcc"

	// PortalGetChallenge GetChallenge URL
	PortalGetChallenge		= "http://%v/cgi-bin/get_challenge?%s"
	// 1.server IP 
	// 2.callback 
	// 3.username 4.PortalDomain 
	// 5.client IP
	// 6.timestamp
	// PortalGetChallenge	= "http://%v/cgi-bin/get_challenge?callback=%s&username=%s%s&ip=%v&_=%d"

	// AcIDQsh ACID for Qsh work area
	AcIDQsh					= "1"
	// AcIDQshDorm ACID for Qsh new dorm area
	AcIDQshDorm				= "3"

	// PortalCGI Auth CGI URL
	PortalCGI				= "http://%v/cgi-bin/srun_portal?%s"
	// qsh LoginURL key-value order
	// 1.server IP 
	// 2.callback 
	// 3.username 4.PortalDomain 
	// 5.encrypted password
	// 6.ac_id: determined by login area
	// 7.client IP
	// 8.checksum
	// 9.info
	// 10.timestamp
	// PortalLogin			= "http://%v/cgi-bin/srun_portal?callback=%s&action=login&username=%s%s&password={MD5}%s&ac_id=%s&ip=%v&chksum=%s&info={SRBX1}%s&n=200&type=1&os=Windows+10&name=Windows&double_stack=0&_=%d"
)

// GetChallengeReq struct for GetChallenge URL query
type GetChallengeReq struct {
	Callback	string	`url:"callback"`
	Username	string	`url:"username"`
	IP			string	`url:"ip"`
	Timestamp	int64	`url:"_"`
}

// GetPortalReq struct for Portal Auth CGI URL query
type GetPortalReq struct {
	Callback			string	`url:"callback"`
	Action				string	`url:"action"`
	Username			string	`url:"username"`
	EncryptedPassword	string	`url:"password"`
	AcID				string	`url:"ac_id"`
	IP					string	`url:"ip"`
	Checksum			string	`url:"chksum"`
	EncodedUserInfo		string	`url:"info"`
	ConstantN			string	`url:"n"`
	ConstantType		string	`url:"type"`
	OS					string	`url:"os"`
	Platform			string	`url:"name"`
	DoubleStack			string	`url:"double_stack"`
	Timestamp			int64	`url:"_"`
}

// GetChallengeURL generates the URL for getchallenge req
func GetChallengeURL(
	sIP,
	callback, 
	username, domain string,
	cIP net.IP, 
	timestamp int64) (string, error) {

	v, err := query.Values(&GetChallengeReq{
		Callback:	callback,
		Username:	username + domain,
		IP:			cIP.String(),
		Timestamp:	timestamp,
	})
	if err != nil {
		return "", err
	}

	return fmt.Sprintf(PortalGetChallenge, sIP, v.Encode()), nil
}

// GetLoginURL generates the URL for login req
func GetLoginURL(
	sIP,
	callback, 
	username, domain, 
	md5Password,
	acid string,
	cIP net.IP,
	chksum,
	info string, 
	timestamp int64) (string, error) {

	v, err := query.Values(&GetPortalReq{
		Callback:			callback,
		Action:				"login",
		Username:			username + domain,
		EncryptedPassword:	"{MD5}" + md5Password,
		AcID:				acid,
		IP:					cIP.String(),
		Checksum:			chksum,
		EncodedUserInfo:	"{SRBX1}" + info,
		ConstantN:			"200",
		ConstantType:		"1",
		OS:					"Windows 10",
		Platform:			"Windows",
		DoubleStack:		"0",
		Timestamp:			timestamp,
	})
	if err != nil {
		return "", err
	}

	return fmt.Sprintf(PortalCGI, sIP, v.Encode()), nil
}

const (
	// PortalHeaderUA fake User-Agent
	PortalHeaderUA = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 Edg/107.0.1418.56"
)

// UserInfo struct for userinfo JSON required by server
type UserInfo struct {
	Username string `json:"username"` // = username + domain
	Password string `json:"password"`
	IP       string `json:"ip"`
	AcID     string `json:"acid"`
	EncVer   string `json:"enc_ver"`
}

// GetUserInfo serializes UserInfo JSON to string
func GetUserInfo(
	username, 
	domain, 
	password string, 
	cIP net.IP, 
	acid string) (string, error) {
	
	var b strings.Builder 
	err := json.NewEncoder(&b).Encode(&UserInfo{
		Username:	username + domain,
		Password:	password,
		IP:			cIP.String(),
		AcID:		acid,
		EncVer:		"srun_bx1",
	})
	if err != nil {
		return "", err
	}
	
	// Note: in case of unexpected error
	// we have to remove "\n" at the tail to match actual JSON format
	return strings.TrimSpace(b.String()), nil
}

// EncodeUserInfo encodes userinfo with challenge
func EncodeUserInfo(info, challenge string) string {
	if len(info) == 0 || len(challenge) == 0 || len(challenge)%4 != 0 {
		return ""
	}
	sc := len(info)
	if sc%4 != 0 {
		sc = (sc/4 + 1) * 4
	}
	userinfo := make([]byte, sc)
	copy(userinfo, info)
	v := make([]uint32, sc/4, sc/4+1)
	for i := 0; i < sc/4; i++ {
		v[i] = binary.LittleEndian.Uint32(userinfo[i*4 : i*4+4])
	}
	v = append(v, uint32(len(info)))
	sc = len(challenge)
	if sc < 16 {
		sc = 16
	}
	k := make([]uint32, sc/4)
	token := helper.StringToBytes(challenge)
	for i := 0; i < sc/4; i++ {
		k[i] = binary.LittleEndian.Uint32(token[i*4 : i*4+4])
	}
	n := len(v) - 1
	z := v[n]
	d := uint32(0)
	for q := 0; q < 6+52/(n+1); q++ {
		d += uint32(0x86014019|0x183639A0) & uint32(0x8CE0D9BF|0x731F2640)
		e := (d >> 2) & 3
		for p := 0; p < n; p++ {
			y := v[p+1]
			m := (z >> 5) ^ (y << 2)
			m += ((y >> 3) ^ (z << 4)) ^ (d ^ y)
			m += k[(uint32(p)&3)^e] ^ z
			v[p] += m & (0xEFB8D130 | 0x10472ECF)
			z = v[p]
		}
		y := v[0]
		m := (z >> 5) ^ (y << 2)
		m += ((y >> 3) ^ (z << 4)) ^ (d ^ y)
		m += k[uint32(n)&3^e] ^ z
		v[n] += m & (0xBB390742 | 0x44C6F8BD)
		z = v[n]
	}
	lv := make([]byte, len(v)*4)
	for i := 0; i < len(v); i++ {
		binary.LittleEndian.PutUint32(lv[i*4:i*4+4], v[i])
	}
	return base64.Base64Encoding.EncodeToString(lv)
}

// CheckSum calculates chksum parameter for login
func (p *Portal) CheckSum(
	challenge, 
	username, 
	domain, 
	hmd5, 
	acid string, 
	cIP net.IP, 
	info string) string {

	var buf [20]byte
	h := sha1.New()
	_, _ = h.Write(helper.StringToBytes(challenge))
	_, _ = h.Write(helper.StringToBytes(username))
	_, _ = h.Write([]byte(domain))
	_, _ = h.Write(helper.StringToBytes(challenge))
	_, _ = h.Write(helper.StringToBytes(hmd5))
	_, _ = h.Write(helper.StringToBytes(challenge))
	_, _ = h.Write([]byte(acid)) // acid
	_, _ = h.Write(helper.StringToBytes(challenge))
	_, _ = h.Write(helper.StringToBytes(cIP.String()))
	_, _ = h.Write(helper.StringToBytes(challenge))
	_, _ = h.Write([]byte("200")) // n
	_, _ = h.Write(helper.StringToBytes(challenge))
	_, _ = h.Write([]byte("1")) // type
	_, _ = h.Write(helper.StringToBytes(challenge))
	_, _ = h.Write([]byte("{SRBX1}"))
	_, _ = h.Write(helper.StringToBytes(info))
	return hex.EncodeToString(h.Sum(buf[:0]))
}