leaf_api: Add play integrity
Change-Id: I6e9870af8f7949e38b294119687f6796aea772e6
diff --git a/play/nginx/play.leafos.org b/play/nginx/play.leafos.org
new file mode 100644
index 0000000..7884e5c
--- /dev/null
+++ b/play/nginx/play.leafos.org
@@ -0,0 +1,39 @@
+server {
+ listen 80;
+ listen [::]:80;
+ server_name play.leafos.org;
+ return 301 https://$server_name$request_uri;
+ root /var/www/play.leafos.org/;
+
+ access_log /var/log/nginx/access/play.leafos.org.log;
+ error_log /var/log/nginx/error/play.leafos.org.log;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+
+ include hsts.conf;
+
+ root /var/www/play.leafos.org;
+
+ server_name play.leafos.org;
+ access_log /var/log/nginx/access/play.leafos.org.log;
+ error_log /var/log/nginx/error/play.leafos.org.log;
+
+ location / {
+ try_files $uri $uri/ /play.php;
+ index play.php;
+ }
+
+ # pass PHP scripts to FastCGI server
+ #
+ location ~ \.php$ {
+ include snippets/fastcgi-php.conf;
+ fastcgi_param LEAF_PLAY_API_KEY REPLACEME;
+ fastcgi_pass php8;
+ }
+
+ ssl_certificate /etc/letsencrypt/live/leafos.org/fullchain.pem; # managed by Certbot
+ ssl_certificate_key /etc/letsencrypt/live/leafos.org/privkey.pem; # managed by Certbot
+}
diff --git a/play/play.php b/play/play.php
new file mode 100644
index 0000000..ef6b59c
--- /dev/null
+++ b/play/play.php
@@ -0,0 +1,64 @@
+<?php
+header('Content-Type: application/json');
+
+$db = "play_integrity";
+$table = "play_integrity";
+$mysqli = new mysqli("localhost", "leaf", "leaf", $db);
+if ($mysqli->connect_errno) {
+ http_response_code(500);
+ die("Database unavailable!");
+}
+
+$headers = getallheaders();
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && strpos($_SERVER['REQUEST_URI'], '/update') !== false) {
+ if (isset($headers['Api-Key'])) {
+ if ($headers['Api-Key'] !== $_SERVER['LEAF_PLAY_API_KEY']) {
+ http_response_code(401);
+ echo json_encode(['message' => 'Invalid API key']);
+ exit;
+ }
+ } else {
+ http_response_code(400);
+ echo json_encode(['message' => 'API key is missing']);
+ exit;
+ }
+
+ $data = json_decode(file_get_contents('php://input'), true);
+
+ $brand = $data['BRAND'];
+ $manufacturer = $data['MANUFACTURER'];
+ $model = $data['MODEL'];
+ $product = $data['PRODUCT'];
+ $device = $data['DEVICE'];
+ $id = $data['ID'];
+ $fingerprint = $data['FINGERPRINT'];
+ $security_patch = $data['VERSION:SECURITY_PATCH'];
+
+ $mysqli->query("DELETE FROM $table");
+ $stmt = $mysqli->prepare("INSERT INTO $table (BRAND, MANUFACTURER, MODEL, PRODUCT, DEVICE, ID, FINGERPRINT, `VERSION:SECURITY_PATCH`) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
+ $stmt->bind_param("ssssssss", $brand, $manufacturer, $model, $product, $device, $id, $fingerprint, $security_patch);
+ if ($stmt->execute()) {
+ http_response_code(200);
+ echo json_encode(['message' => 'Data inserted']);
+ } else {
+ http_response_code(500);
+ echo json_encode(['message' => 'Failed to insert data']);
+ }
+} else {
+ $stmt = $mysqli->prepare("SELECT * FROM $table");
+ $stmt->execute();
+ $result = $stmt->get_result();
+
+ if ($result->num_rows > 0) {
+ http_response_code(200);
+ $row = $result->fetch_assoc();
+ $filteredRow = array_filter($row, function ($value) {
+ return $value !== null;
+ });
+ echo json_encode($filteredRow, JSON_PRETTY_PRINT);
+ } else {
+ http_response_code(404);
+ echo json_encode(['message' => 'No data found']);
+ }
+}
diff --git a/play/play.sql b/play/play.sql
new file mode 100644
index 0000000..0b3eaad
--- /dev/null
+++ b/play/play.sql
@@ -0,0 +1,12 @@
+CREATE DATABASE IF NOT EXISTS play_integrity;
+
+CREATE TABLE IF NOT EXISTS play_integrity.play_integrity (
+ BRAND varchar(255),
+ MANUFACTURER varchar(255),
+ MODEL varchar(255),
+ PRODUCT varchar(255),
+ DEVICE varchar(255),
+ ID varchar(255),
+ FINGERPRINT varchar(255),
+ `VERSION:SECURITY_PATCH` varchar(255)
+);