shellshock_firebase_LOL

1. twitter.com/cryptsploit
2.  
3. function signIn () {
4. firebaseSignInTimerStart = new Date();
5. playerAccount = new PlayerAccount();
6.  
7. console.log('Signing in to Firebase...');
8.  
9. // Try signing into Firebase
10. // If success, send token to services in auth request
11. // If failed, send local ID in auth request
12. // If no local ID exists, send blank auth request to have server generate a local ID
13.  
14. var config = {
15. apiKey: "AIzaSyDP4SIjKaw6A4c-zvfYxICpbEjn1rRnN50",
16. authDomain: "shellshockio-181719.firebaseapp.com",
17. databaseURL: "https://shellshockio-181719.firebaseio.com",
18. projectId: "shellshockio-181719",
19. storageBucket: "shellshockio-181719.appspot.com",
20. messagingSenderId: "68327206324"
21. }
22.  
23. firebase.initializeApp(config);
24.  
25. firebase.auth().onAuthStateChanged(function (signedInUser) {
26. //console.log('user: ' + JSON.stringify(signedInUser));
27. if (upgradingAnon && !hasValue(signedInUser)) {
28. return;
29. }
30.  
31. //vueApp.hideFirebaseSignIn();
32.  
33. if (signedInUser) {
34. firebaseUser = signedInUser;
35.  
36. if (firebaseUser.isAnonymous) {
37. console.log('Firebase: anonymous user');
38. anonymousUser = firebaseUser;
39. } else {
40. console.log('Firebase: auth provider: ' + firebaseUser.providerData[0].providerId);
41.  
42. // If this is an email/password login, and user has yet to verify email address, do so here
43. if (!firebaseUser.emailVerified && firebaseUser.providerData[0].providerId == 'password') {
44. console.log('Firebase: email not yet verified');
45. vueApp.showResendEmail();
46. }
47. }
48.  
49. firebaseAccountFound();
50. } else {
51. console.log('Firebase: no account found');
52. noFirebaseAccount();
53. }
54. });
55. }
56.  
57. function firebaseAccountFound () {
58. if (signingIn) {
59. return;
60. }
61.  
62. signingIn = true;
63. upgradingAnon = false;
64.  
65. firebaseUser.getIdToken(true)
66. .then((firebaseToken) => {
67. vueApp.showSpinner('signin_auth_title', 'signin_auth_msg');
68.  
69. // Send ID token to server
70. // Server verifies token against Firebase, then generates and
71. // returns a session ID that will be used for future transactions
72. // in the Shell Shockers database
73. //console.log('Authing player\'s firebase account with services, token: ' + JSON.stringify(firebaseToken));
74. api_auth(firebaseToken, authSuccess, authFailure, authClosed);
75.  
76. }).catch(function (error) {
77. console.log(error);
78. signingIn = false;
79. });
80.  
81. // Anon users don't have provider data
82. if (firebaseUser.photoURL && firebaseUser.providerData && firebaseUser.providerData.length > 0) {
83. var url = firebaseUser.photoURL;
84. var pd = firebaseUser.providerData[0];
85. if (pd.providerId == 'facebook.com') { // Facebook sucks
86. url = 'https://graph.facebook.com/' + pd.uid + '/picture';
87. }
88. vueApp.photoUrl = url;
89. }
90.  
91. }
92.  
93. function noFirebaseAccount () {
94. firebase.auth().signInAnonymously().catch(function(error) {
95. writeMsg('Failed Firebase anonymous signin, code: {0}, msg: {1}'.format(error.code, error.message));
96. })
97.  
98. sendOneSignalTagsForAnon();
99. }
100.  
101. function sendFirebaseVerificationEmail () {
102. console.log('sending email verification to: ' + firebaseUser.email);
103. firebaseUser.sendEmailVerification();
104. }
105.  
106. function authSuccess(authResponse) {
107. //console.log('authorization successful: ' + JSON.stringify(authResponse));
108.  
109. if (authResponse.error) {
110. console.log('accountDataResponse Error: ' + JSON.stringify(accountDataResponse.error));
111. } else {
112. //console.log('services auth response: ' + JSON.stringify(authResponse));
113. playerAccount.signedIn(firebaseUser, authResponse);
114.  
115. ready_auth = true;
116.  
117. sendOneSignalTagsForUser();
118. ga('send', 'event', vueData.googleAnalytics.cat.playerStats, vueData.googleAnalytics.action.eggCount, vueData.googleAnalytics.isUser, vueData.eggs );
119. theTimeTracker(firebaseSignInTimerStart, vueData.googleAnalytics.label.signInTiming, vueData.googleAnalytics.label.loading);
120. ga('send', 'event', vueData.googleAnalytics.cat.playerStats, vueData.googleAnalytics.action.signIn, vueData.googleAnalytics.label.signInCompleted);
121. console.log('Signed in');
122.  
123. }
124.  
125. vueApp.authCompleted(authResponse.emailVerified);
126.  
127. }
128.  
129.  
130. function authFailure() {
131. console.log('authorization failed');
132. ga('send', 'event', googleAnalytics.cat.playerStats, googleAnalytics.action.signIn, googleAnalytics.label.signInAuthFailed);
133.  
134. vueApp.authCompleted();
135. }
136.  
137. function authClosed(code) {
138. console.log('auth ws closed, code: ' + code);
139. if (code === 1006) {
140. vueApp.showGenericPopup('signin_failed_title', 'signin_failed', 'ok');
141. return;
142. }
143.  
144. signingIn = false;
145. }
146.  
147. function showSignInDialog () {
148. if (!firebaseUi) {
149. firebaseUi = new firebaseui.auth.AuthUI(firebase.auth());
150. }
151.  
152. var firebaseUiConfig = firebaseUiCreateConfig();
153. firebaseUi.start('#firebaseui-auth-container', firebaseUiConfig);
154. }
155.  
156. function firebaseUiCreateConfig () {
157. return {
158. autoUpgradeAnonymousUsers: true,
159. callbacks: {
160. signInSuccessWithAuthResult: firebaseUiSignInSuccess,
161. signInFailure: firebaseUiSignInFailure,
162. uiShown: function (e) { console.log('UI: showed firebase UI'); } // TODO: Remove Cancel button?
163. },
164. credentialHelper: firebaseui.auth.CredentialHelper.NONE,
165. signInFlow: 'popup',
166. //signInSuccessUrl: 'https://shellshock.io',
167. signInOptions: [
168. // Leave the lines as is for the providers you want to offer your users.
169. {
170. provider: firebase.auth.EmailAuthProvider.PROVIDER_ID,
171. requireDisplayName: false,
172. },
173. firebase.auth.FacebookAuthProvider.PROVIDER_ID,
174. firebase.auth.GoogleAuthProvider.PROVIDER_ID,
175. ],
176. // Terms of service url.
177. tosUrl: 'http://www.bluewizard.com/terms'
178. };
179. }
180.  
181. function firebaseUiSignInSuccess (firebaseResult, redirectUrl) {
182. firebaseUser = firebaseResult.user;
183. var emailVerified = firebaseUser.emailVerified;
184. var credential = firebaseResult.credential;
185. var isNewUser = firebaseResult.additionalUserInfo.isNewUser;
186. var providerId = firebaseResult.additionalUserInfo.providerId;
187. var operationType = firebaseResult.operationType;
188.  
189.  
190.  
191. vueApp.hideFirebaseSignIn();
192.  
193. // For email verification only
194. if (providerId == 'password' && !emailVerified) {
195. sendFirebaseVerificationEmail();
196. }
197.  
198. console.log('Authing Firebase ID: ' + firebase.uid);
199. firebaseAccountFound();
200.  
201. return false; // Don't automatically redirect
202. }
203.  
204. function firebaseUiSignInFailure (error) {
205. vueApp.hideFirebaseSignIn();
206.  
207. console.log('Firebase: sign in failure, error code: ' + error.code);
208. if (error.code === 'firebaseui/anonymous-upgrade-merge-conflict') {
209. // Player has signed into a pre-existing Firebase account
210. // The firebase.authStateChanged handler is automatically fired after this event with a null user
211. // Need to flag this so it doesn't create a new anonymous user
212. upgradingAnon = true;
213. firebase.auth().signInWithCredential(error.credential);
214. anonymousUser.delete();
215. setTimeout(() => {
216. vueApp.$nextTick(() => {
217. vueApp.urlParamSet = vueApp.urlParams ? true : null;
218. vueApp.shellShockUrlParamaterEvents();
219. });
220. }, 2000);
221. } else {
222. return Promise.resolve();
223. }
224. }
225.  
226. function signOut () {
227. firebase.auth().signOut().then(function() {
228. playerAccount = new PlayerAccount();
229. }, function(err) {
230. console.log(err);
231. });
232. ga('send', 'event', googleAnalytics.cat.playerStats, googleAnalytics.action.signIn, googleAnalytics.label.signInOut);
233. vueApp.photoUrl = null;