#!/usr/bin/env ruby

require 'openssl'
require 'securerandom'
require 'sinatra'

Users = {
  "Athena" => "Passw0rd!"
}

Services = {
  "_TGS" => "eiqu@a5ahs8mooqu9Eng",
  "Mail" => "{FvM<kgG}VpHxKJO;6Zo"
}

ReplayCache = []

def update_replaycache!(new_auth)
  ReplayCache.push(new_auth)
  now = Time.now.to_i
  ReplayCache.delete_if { |auth|
    _, _, als, ats = auth.split(?,)
    now > als.to_i + ats.to_i
  }
end

def encrypt(obj, key)
  cipher = OpenSSL::Cipher::AES.new(256, :CBC).encrypt
  cipher.key = Digest::SHA2.digest(key)
  s = cipher.update(obj) + cipher.final
  s.unpack('H*')[0].upcase
end

def decrypt(obj, key)
  ticket = [obj].pack("H*").unpack("C*").pack("c*")
  cipher = OpenSSL::Cipher::AES.new(256, :CBC).decrypt
  cipher.key = Digest::SHA2.digest(key)
  cipher.update(ticket) + cipher.final
end

def ticket(username, ws_address, service)
  ts = Time.now.to_i
  sk = SecureRandom.hex.upcase
  p = [sk, username, ws_address, service, 28800, ts].join(?\0)
  s = encrypt(p, Services[service])
  ["#{sk},#{ws_address},28800,#{ts}", s]
end

def noleak(msg, ul, ws)
  puts "Error: #{msg}, returning nonsense to avoid leakage."
  ticket(SecureRandom.alphanumeric(ul), ws, SecureRandom.alphanumeric(rand(24) + 8))
end

post '/login' do
  request.body.rewind
  data = JSON.parse(request.body.read)
  next "Invalid request\n" unless data.keys == %w(username)
  un = data["username"]
  ul = un.length
  ws = request.ip
  next noleak("Invalid username", ul, ws) unless Users.keys.include?(un)
  anc, tgt = ticket(un, ws, "_TGS")
  "#{encrypt(anc, Users[un])},#{tgt}"
end

post '/ticket' do
  request.body.rewind
  data = JSON.parse(request.body.read)
  next "Invalid request\n" unless data.keys.sort == %w(authenticator service ticket username)
  sk, un, ws, sn, ls, ts = decrypt(data["ticket"], Services["_TGS"]).split(?\0)
  ls = ls.to_i
  ts = ts.to_i
  next "Invalid ticket\n" unless sn == "_TGS"
  next "Invalid ticket\n" unless un == data["username"]
  next "Invalid ticket\n" unless ws == request.ip
  next "Invalid ticket\n" unless Time.now.to_i >= ts
  next "Ticket expired\n" unless Time.now.to_i < (ts + ls)
  begin
    auth = decrypt(data["authenticator"], sk)
    next "Replayed authenticator\n" if ReplayCache.include?(auth)
    update_replaycache!(auth)
    aun, aws, als, ats = auth.split(?,)
    als = als.to_i
    ats = ats.to_i
  rescue OpenSSL::Cipher::CipherError
    next "Invalid session key\n"
  end
  next "Invalid authenticator\n" unless aun == un
  next "Invalid authenticator\n" unless aws == ws
  next "Invalid authenticator\n" unless Time.now.to_i >= ats
  next "Authenticator expired\n" unless Time.now.to_i < (ats + als)
  anc, svt = ticket(un, ws, data["service"])
  "#{encrypt(anc, sk)},#{svt}"
end