From 735db3d5f5e8a3f8841f5f281b883e50cdc91ad7 Mon Sep 17 00:00:00 2001
From: Zack Spear <hi@zackspear.com>
Date: Mon, 11 Dec 2023 16:38:29 -0500
Subject: [PATCH] refactor: connect page and state php data sharing

---
 .../plugins/dynamix.my.servers/Connect.page   | 103 +++++-----------
 .../dynamix.my.servers/include/state.php      | 113 ++++++++++++++----
 2 files changed, 119 insertions(+), 97 deletions(-)

diff --git a/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/Connect.page b/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/Connect.page
index 3f41f61c7..1447bcf23 100644
--- a/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/Connect.page
+++ b/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/Connect.page
@@ -13,48 +13,29 @@ Tag="globe"
  * The above copyright notice and this permission notice shall be included in
  * all copies or substantial portions of the Software.
  */
-$keyfile = empty($var['regFILE']) ? null : @file_get_contents($var['regFILE']);
-if ($keyfile !== false) {
-  $keyfile = @base64_encode($keyfile);
-}
-$myservers_flash_cfg_path = '/boot/config/plugins/dynamix.my.servers/myservers.cfg';
-$myservers = file_exists($myservers_flash_cfg_path) ? @parse_ini_file($myservers_flash_cfg_path,true) : [];
-// ensure some vars are defined here so we don't have to test them later
-if (empty($myservers['remote']['apikey'])) {
-  $myservers['remote']['apikey'] = "";
-}
-if (empty($myservers['remote']['wanaccess'])) {
-  $myservers['remote']['wanaccess'] = "no";
-}
-if (empty($myservers['remote']['wanport'])) {
-  $myservers['remote']['wanport'] = 33443;
-}
-if (empty($myservers['remote']['upnpEnabled'])) {
-  $myservers['remote']['upnpEnabled'] = "no";
-}
-if (empty($myservers['remote']['dynamicRemoteAccessType'])) {
-  $myservers['remote']['dynamicRemoteAccessType'] = "DISABLED";
-}
+require_once "$docroot/plugins/dynamix.my.servers/include/state.php";
+$serverState = new ServerState();
+
+$keyfile = $serverState->keyfileBase64;
+
+$myServersFlashCfg = $serverState->myServersFlashCfg;
+
 $showT2Fa = (file_exists('/boot/config/plugins/dynamix.my.servers/showT2Fa'));
 
-$nginx = parse_ini_file('/var/local/emhttp/nginx.ini');
-$hasMyUnraidNetCert = preg_match('/.*\.myunraid\.net$/', $nginx['NGINX_CERTNAME']);
+$hasMyUnraidNetCert = preg_match('/.*\.myunraid\.net$/', $serverState->nginxCfg['NGINX_CERTNAME']);
 
-$isRegistered = !empty($myservers['remote']['username']);
+$isRegistered = $serverState->registered;
+$isMiniGraphConnected = $serverState->myServersMiniGraphConnected;
 
-$myservers_memory_cfg_path ='/var/local/emhttp/myservers.cfg';
-$mystatus = (file_exists($myservers_memory_cfg_path)) ? @parse_ini_file($myservers_memory_cfg_path) : [];
-$isConnected = (($mystatus['minigraph']??'')==='CONNECTED') ? true : false;
-$flashbackup_ini = '/var/local/emhttp/flashbackup.ini';
-$flashbackup_status = (file_exists($flashbackup_ini)) ? @parse_ini_file($flashbackup_ini) : [];
+$flashbackup_status = $serverState->flashbackupStatus;
 
 $passwd_result = exec('/usr/bin/passwd --status root');
 $boolWebUIAuth = $isRegistered && (($passwd_result !== false) && (substr($passwd_result, 0, 6) == 'root P'));
 
 // Helper to determine the current value for the remote access input
-$dynamicRemoteAccessType = $myservers['remote']['dynamicRemoteAccessType'];
-$upnpEnabled = $myservers['remote']['upnpEnabled'] === 'yes';
-$wanaccessEnabled = $myservers['remote']['wanaccess'] === 'yes';
+$dynamicRemoteAccessType = $myServersFlashCfg['remote']['dynamicRemoteAccessType'];
+$upnpEnabled = $myServersFlashCfg['remote']['upnpEnabled'] === 'yes';
+$wanaccessEnabled = $myServersFlashCfg['remote']['wanaccess'] === 'yes';
 
 $currentRemoteAccessValue = 'OFF';
 if ($dynamicRemoteAccessType === 'STATIC') {
@@ -83,7 +64,7 @@ div.shade-gray{background-color:#121510;margin-top:10px;padding:8px 0 3px 0}
 </style>
 <script>
 const hasMyUnraidNetCert = <?=($hasMyUnraidNetCert ? 'true' : 'false')?>;
-const wanAccessOrg = "<?=$myservers['remote']['wanaccess']?>";
+const wanAccessOrg = "<?=$myServersFlashCfg['remote']['wanaccess']?>";
 
 function registerServer(button) {
 
@@ -211,7 +192,7 @@ function dnsCheckServer(button) {
         } else {
             swal({
               title: "Oops",
-              text: "<?=sprintf(_("The Unraid server is unreachable from outside your network. Be sure you have configured your router to forward port") . " <strong style='font-weight: bold'>%u/TCP</strong> " . _("to the Unraid server at") . " <strong style='font-weight: bold'>%s</strong> " . _("port") . " <strong style='font-weight: bold'>%u</strong>", $myservers['remote']['wanport'], htmlspecialchars($eth0['IPADDR:0']??''), $var['PORTSSL']??443)?>",
+              text: "<?=sprintf(_("The Unraid server is unreachable from outside your network. Be sure you have configured your router to forward port") . " <strong style='font-weight: bold'>%u/TCP</strong> " . _("to the Unraid server at") . " <strong style='font-weight: bold'>%s</strong> " . _("port") . " <strong style='font-weight: bold'>%u</strong>", $myServersFlashCfg['remote']['wanport'], htmlspecialchars($eth0['IPADDR:0']??''), $var['PORTSSL']??443)?>",
               type: "error",
               html: true,
               confirmButtonText: "_(Ok)_"
@@ -517,41 +498,17 @@ $('body').on('click', '.js-goToExtraOrigins', function(e) {
  * Allowed origins warning displayed when the current webGUI URL is NOT included in the known lists of allowed origins.
  * Include localhost in the test, but only display HTTP(S) URLs that do not include localhost.
  */
-$host = $_SERVER['HTTP_HOST'] ?? "unknown";
-$allowedOrigins = $mystatus['allowedOrigins'] ?? "";
-$extraOrigins = $myservers['api']['extraOrigins'] ?? "";
-
-$allowedOriginsArr = [];
-// if the current host is not in the allowed origins list and extra origins list, display a warning
-if (stripos($allowedOrigins.",", "/".$host.",") === false && stripos($extraOrigins.",", "/".$host.",") === false) {
-  $allowedOriginsArr = explode(", ", $allowedOrigins);
-
-  if (strpos($extraOrigins, ",") !== false) { // check if the extra origins is a comma separated list of URLs
-    $extraOriginsArr = explode(",", $extraOrigins);
-    $allowedOriginsArr = array_merge($allowedOriginsArr, $extraOriginsArr);
-  } elseif ($extraOrigins) { // if the extra origins is not comma separated assume it's a single URL
-    $allowedOriginsArr[] = $extraOrigins;
-  }
-  if ($allowedOriginsArr) {
-    foreach($allowedOriginsArr as $key => $origin) {
-      if ( (strpos($origin, "http") === false) || (strpos($origin, "localhost") !== false) ) {
-        // clean up $allowedOriginsArr, only display warning if origins still remain to display
-        unset($allowedOriginsArr[$key]);
-      }
-    }
-  }
-}
 ?>
-<? if ($allowedOriginsArr): ?>
+<? if ($serverState->combinedKnownOrigins): ?>
 <div markdown="1" class="<?=$shade?>"><!-- begin allowedOrigins warning -->
 <dl>
   <div style="margin-bottom: 2rem;">
-    <span class="orange-text"><i class='fa fa-warning fa-fw'></i> <strong>_(Warning)_</strong></span> <?= sprintf(_('Your current url **%s** is not in the list of allowed origins for this server'), $host) ?>.
+    <span class="orange-text"><i class='fa fa-warning fa-fw'></i> <strong>_(Warning)_</strong></span> <?= sprintf(_('Your current url **%s** is not in the list of allowed origins for this server'), $serverState->host) ?>.
     <br/>_(For best results, add the current url to extra origins setting field below)_: <a class="js-goToExtraOrigins" href="#extraOriginsSettings">_(Add the current URL to the Extra Origins setting)_</a>
     <dd>
       <p>Allow Origins:</p>
       <ul>
-        <? foreach($allowedOriginsArr as $origin): ?>
+        <? foreach($serverState->combinedKnownOrigins as $origin): ?>
           <li><a href="<?= $origin ?>"><?= $origin ?></a></li>
         <? endforeach ?>
       </ul>
@@ -566,7 +523,7 @@ if (stripos($allowedOrigins.",", "/".$host.",") === false && stripos($extraOrigi
 _(Allow Remote Access)_:
 <?if(!$isRegistered): // NOTE: manually added close tags so the next section would not be indented ?>
 : <span><i class="fa fa-warning icon warning"></i> _(Disabled until you have signed in)_</span></dd></dl>
-<?elseif(!$isConnected && $myservers['remote']['wanaccess']!="yes"): // NOTE: manually added close tags so the next section would not be indented ?>
+<?elseif(!$isMiniGraphConnected && $myServersFlashCfg['remote']['wanaccess']!="yes"): // NOTE: manually added close tags so the next section would not be indented ?>
 : <span><i class="fa fa-warning icon warning"></i> _(Disabled until connected to Unraid Connect Cloud)_</span></dd></dl>
 <?elseif(!$hasMyUnraidNetCert): // NOTE: manually added close tags so the next section would not be indented ?>
 : <span><i class="fa fa-warning icon warning"></i> _(Disabled until you Provision a myunraid.net SSL Cert)_</span><input type="hidden" id="wanport" value="0"></dd></dl>
@@ -597,8 +554,8 @@ _(Allow Remote Access)_:
 <div markdown="1" id="wanpanel" style="display:'none'">
 
 _(WAN Port)_:
-: <input type="number" id="wanport" onchange="enableDisableCheckButton()" onkeyup="enableDisableCheckButton()" data-orig="<?=$myservers['remote']['wanport']?>" class="trim" min="0" max="65535" value="<?=htmlspecialchars($myservers['remote']['wanport'])?>"> <span id="wanportdisplay" style="display:'none'"><?=$myservers['remote']['wanport']?>&nbsp;&nbsp;&nbsp;</span> <button type="button" id="wancheck" onclick="dnsCheckServer(this)" style="margin-top: 0">_(Check)_</button>
- <span id="wanportmsg"><?=sprintf(_("Remark: configure your router with port forwarding of port") . " <strong>%u/TCP</strong> " . _("to") . " <strong>%s:%u</strong>", $myservers['remote']['wanport'], htmlspecialchars($eth0['IPADDR:0']??''), $var['PORTSSL']??443)?></span>
+: <input type="number" id="wanport" onchange="enableDisableCheckButton()" onkeyup="enableDisableCheckButton()" data-orig="<?=$myServersFlashCfg['remote']['wanport']?>" class="trim" min="0" max="65535" value="<?=htmlspecialchars($myServersFlashCfg['remote']['wanport'])?>"> <span id="wanportdisplay" style="display:'none'"><?=$myServersFlashCfg['remote']['wanport']?>&nbsp;&nbsp;&nbsp;</span> <button type="button" id="wancheck" onclick="dnsCheckServer(this)" style="margin-top: 0">_(Check)_</button>
+ <span id="wanportmsg"><?=sprintf(_("Remark: configure your router with port forwarding of port") . " <strong>%u/TCP</strong> " . _("to") . " <strong>%s:%u</strong>", $myServersFlashCfg['remote']['wanport'], htmlspecialchars($eth0['IPADDR:0']??''), $var['PORTSSL']??443)?></span>
 
 :unraidnet_wanpanel_help:
 
@@ -645,16 +602,16 @@ else
 
 _(Enable Transparent 2FA for Remote Access)_<!-- do not index -->:
 : <select id="remote2fa" size="1" <?=($enableRemoteT2fa ? '' : 'disabled')?>>
-  <?=mk_option($myservers['remote']['2Fa']??'', "no", _("No"))?>
-  <?=mk_option($myservers['remote']['2Fa']??'', "yes", _("Yes"))?>
+  <?=mk_option($myServersFlashCfg['remote']['2Fa']??'', "no", _("No"))?>
+  <?=mk_option($myServersFlashCfg['remote']['2Fa']??'', "yes", _("Yes"))?>
   </select> <span id="remote2fa_remark" style="display:<?=($enableRemoteT2fa ? 'none' : 'inline')?>;"><?=$remoteT2faRemark??''?></span>
 
 :myservers_remote_t2fa_help:
 
 _(Enable Transparent 2FA for Local Access)_<!-- do not index -->:
 : <select id="local2fa" size="1" <?=($enableLocalT2fa ? '' : 'disabled')?>>
-  <?=mk_option($myservers['local']['2Fa']??'', "no", _("No"))?>
-  <?=mk_option($myservers['local']['2Fa']??'', "yes", _("Yes"))?>
+  <?=mk_option($myServersFlashCfg['local']['2Fa']??'', "no", _("No"))?>
+  <?=mk_option($myServersFlashCfg['local']['2Fa']??'', "yes", _("Yes"))?>
   </select> <span id="local2fa_remark" style="display:<?=($enableLocalT2fa ? 'none' : 'inline')?>;"><?=$localT2faRemark??''?></span>
 
 :myservers_local_t2fa_help:
@@ -672,7 +629,7 @@ _(Enable Transparent 2FA for Local Access)_<!-- do not index -->:
 _(Flash backup)_:
 <?if(!$isRegistered):?>
 : <span><i class="fa fa-warning icon warning"></i> _(Disabled until you have signed in)_</span>
-<?elseif(!$isConnected && empty($flashbackup_status['activated'])):?>
+<?elseif(!$isMiniGraphConnected && empty($flashbackup_status['activated'])):?>
 : <span><i class="fa fa-warning icon warning"></i> _(Disabled until connected to Unraid Connect Cloud)_</span>
 <?else: // begin show flash backup form ?>
 : <span id='flashbackuptext'><span class='blue p0'>_(Loading)_ <i class="fa fa-spinner fa-spin" aria-hidden="true"></i></span></span>
@@ -756,7 +713,7 @@ _(Account status)_:
 
 <!-- start extra origins -->
 <span id="extraOriginsSettings" class="js-extraOriginsLabel">_(Unraid API extra origins)_:</span>
-: <input class="js-extraOrigins" name="extraOrigins" type="text" value="<?=$myservers['api']['extraOrigins']??''?>">
+: <input class="js-extraOrigins" name="extraOrigins" type="text" value="<?=$myServersFlashCfg['api']['extraOrigins']??''?>">
 
 :unraidnet_extraorigins_help:
 
@@ -767,11 +724,11 @@ _(Account status)_:
 
 <?if($isRegistered):?>
 _(Connected to Unraid Connect Cloud)_: 
-<?if($isConnected):?>
+<?if($isMiniGraphConnected):?>
 : _(Yes)_
 <?else:?>
 : <i class="fa fa-warning icon warning"></i> _(No)_
-<?endif // end check for ($isConnected) ?>
+<?endif // end check for ($isMiniGraphConnected) ?>
 <?endif // end check for ($isRegistered) ?>
 
 _(Download unraid-api Logs)_:
diff --git a/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/include/state.php b/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/include/state.php
index 03b020a81..273fb307c 100644
--- a/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/include/state.php
+++ b/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/include/state.php
@@ -20,6 +20,7 @@ require_once "$docroot/plugins/dynamix.my.servers/include/reboot-details.php";
  *
  * Usage:
  * ```
+ * require_once "$docroot/plugins/dynamix.my.servers/include/state.php";
  * $serverStateClass = new ServerState();
  *
  * $serverStateClass->getServerState();
@@ -32,13 +33,9 @@ class ServerState
     protected $webguiGlobals;
 
     private $var;
-    private $flashbackupIni;
-    private $flashbackupStatus;
-    private $nginx;
+    private $flashbackupCfg;
     private $connectPluginInstalled = '';
     private $connectPluginVersion;
-    private $myserversFlashCfgPath;
-    private $myservers;
     private $configErrorEnum = [
         "error" => 'UNKNOWN_ERROR',
         "invalid" => 'INVALID',
@@ -47,9 +44,20 @@ class ServerState
     ];
     private $osVersion;
     private $osVersionBranch;
-    private $registered;
     private $rebootDetails;
     private $caseModel = '';
+    private $keyfileBase64UrlSafe = '';
+
+    public $myServersFlashCfg = [];
+    public $myServersMemoryCfg = [];
+    public $host = 'unknown';
+    public $combinedKnownOrigins = [];
+ 
+    public $nginxCfg;
+    public $flashbackupStatus;
+    public $registered;
+    public $myServersMiniGraphConnected = false;
+    public $keyfileBase64 = '';
 
     /**
      * Constructor to initialize class properties and gather server information.
@@ -65,10 +73,10 @@ class ServerState
         // echo "<pre>" . json_encode($this->webguiGlobals, JSON_PRETTY_PRINT) . "</pre>";
 
         $this->var = (array)parse_ini_file('state/var.ini');
+        $this->nginxCfg = parse_ini_file('/var/local/emhttp/nginx.ini');
 
-        $this->flashbackupIni = '/var/local/emhttp/flashbackup.ini';
-        $this->flashbackupStatus = (file_exists($this->flashbackupIni)) ? @parse_ini_file($this->flashbackupIni) : [];
-        $this->nginx = parse_ini_file('/var/local/emhttp/nginx.ini');
+        $this->flashbackupCfg = '/var/local/emhttp/flashbackup.ini';
+        $this->flashbackupStatus = (file_exists($this->flashbackupCfg)) ? @parse_ini_file($this->flashbackupCfg) : [];
 
         if (file_exists('/var/lib/pkgtools/packages/dynamix.unraid.net')) {
             $this->connectPluginInstalled = 'dynamix.unraid.net.plg';
@@ -90,17 +98,71 @@ class ServerState
          * - $myservers_memory_cfg_path ='/var/local/emhttp/myservers.cfg';
          * - $mystatus = (file_exists($myservers_memory_cfg_path)) ? @parse_ini_file($myservers_memory_cfg_path) : [];
          */
-        $this->myserversFlashCfgPath = '/boot/config/plugins/dynamix.my.servers/myservers.cfg';
-        $this->myservers = file_exists($this->myserversFlashCfgPath) ? @parse_ini_file($this->myserversFlashCfgPath, true) : [];
+        $flashCfgPath = '/boot/config/plugins/dynamix.my.servers/myservers.cfg';
+        $this->myServersFlashCfg = file_exists($flashCfgPath) ? @parse_ini_file($flashCfgPath, true) : [];
+        // ensure some vars are defined here so we don't have to test them later
+        if (empty($this->myServersFlashCfg['remote']['apikey'])) {
+            $this->myServersFlashCfg['remote']['apikey'] = "";
+        }
+        if (empty($this->myServersFlashCfg['remote']['wanaccess'])) {
+            $this->myServersFlashCfg['remote']['wanaccess'] = "no";
+        }
+        if (empty($this->myServersFlashCfg['remote']['wanport'])) {
+            $this->myServersFlashCfg['remote']['wanport'] = 33443;
+        }
+        if (empty($this->myServersFlashCfg['remote']['upnpEnabled'])) {
+            $this->myServersFlashCfg['remote']['upnpEnabled'] = "no";
+        }
+        if (empty($this->myServersFlashCfg['remote']['dynamicRemoteAccessType'])) {
+            $this->myServersFlashCfg['remote']['dynamicRemoteAccessType'] = "DISABLED";
+        }
 
         $this->osVersion = $this->var['version'];
         $this->osVersionBranch = trim(@exec('plugin category /var/log/plugins/unRAIDServer.plg') ?? 'stable');
-        $this->registered = !empty($this->myservers['remote']['apikey']) && $this->connectPluginInstalled;
+        $this->registered = !empty($this->myServersFlashCfg['remote']['apikey']) && $this->connectPluginInstalled;
 
         $caseModelFile = '/boot/config/plugins/dynamix/case-model.cfg';
         $this->caseModel = file_exists($caseModelFile) ? file_get_contents($caseModelFile) : '';
 
         $this->rebootDetails = new RebootDetails();
+
+        /**
+         * Allowed origins warning displayed when the current webGUI URL is NOT included in the known lists of allowed origins.
+         * Include localhost in the test, but only display HTTP(S) URLs that do not include localhost.
+         */
+        $this->host = $_SERVER['HTTP_HOST'] ?? "unknown";
+        $memoryCfgPath = '/var/local/emhttp/myservers.cfg';
+        $this->myServersMemoryCfg = (file_exists($memoryCfgPath)) ? @parse_ini_file($memoryCfgPath) : [];
+        $this->myServersMiniGraphConnected = (($this->myServersMemoryCfg['minigraph']??'') === 'CONNECTED');
+
+        $allowedOrigins = $this->myServersMemoryCfg['allowedOrigins'] ?? "";
+        $extraOrigins = $this->myServersFlashCfg['api']['extraOrigins'] ?? "";
+
+        // if the current host is not in the allowed origins list and extra origins list, display a warning
+        if (stripos($allowedOrigins.",", "/".$this->host.",") === false && stripos($extraOrigins.",", "/".$this->host.",") === false) {
+            $this->combinedKnownOrigins = explode(", ", $allowedOrigins);
+
+            if (strpos($extraOrigins, ",") !== false) { // check if the extra origins is a comma separated list of URLs
+                $extraOriginsArr = explode(",", $extraOrigins);
+                $this->combinedKnownOrigins = array_merge($this->combinedKnownOrigins, $extraOriginsArr);
+            } elseif ($extraOrigins) { // if the extra origins is not comma separated assume it's a single URL
+                $this->combinedKnownOrigins[] = $extraOrigins;
+            }
+            if ($this->combinedKnownOrigins) {
+                foreach($this->combinedKnownOrigins as $key => $origin) {
+                    if ( (strpos($origin, "http") === false) || (strpos($origin, "localhost") !== false) ) {
+                        // clean up $this->combinedKnownOrigins, only display warning if origins still remain to display
+                        unset($this->combinedKnownOrigins[$key]);
+                    }
+                }
+            }
+        }
+
+        $this->keyfileBase64 = empty($this->var['regFILE']) ? null : @file_get_contents($this->var['regFILE']);
+        if ($this->keyfileBase64 !== false) {
+          $this->keyfileBase64 = @base64_encode($this->keyfileBase64);
+          $this->keyfileBase64UrlSafe = str_replace(['+', '/', '='], ['-', '_', ''], trim($this->keyfileBase64));
+        }
     }
 
     /**
@@ -109,7 +171,6 @@ class ServerState
     public function getWebguiGlobal(string $key) {
         return $this->webguiGlobals[$key];
     }
-
     /**
      * Retrieve the server information as an associative array
      *
@@ -118,9 +179,9 @@ class ServerState
     public function getServerState()
     {
         $serverState = [
-            "apiKey" => $this->myservers['upc']['apikey'] ?? '',
-            "apiVersion" => $this->myservers['api']['version'] ?? '',
-            "avatar" => (!empty($this->myservers['remote']['avatar']) && $this->connectPluginInstalled) ? $this->myservers['remote']['avatar'] : '',
+            "apiKey" => $this->myServersFlashCfg['upc']['apikey'] ?? '',
+            "apiVersion" => $this->myServersFlashCfg['api']['version'] ?? '',
+            "avatar" => (!empty($this->myServersFlashCfg['remote']['avatar']) && $this->connectPluginInstalled) ? $this->myServersFlashCfg['remote']['avatar'] : '',
             "caseModel" => $this->caseModel,
             "config" => [
                 'valid' => ($this->var['configValid'] === 'yes'),
@@ -135,21 +196,21 @@ class ServerState
             ],
             "description" => $this->var['COMMENT'] ? htmlspecialchars($this->var['COMMENT']) : '',
             "deviceCount" => $this->var['deviceCount'],
-            "email" => $this->myservers['remote']['email'] ?? '',
+            "email" => $this->myServersFlashCfg['remote']['email'] ?? '',
             "expireTime" => 1000 * (($this->var['regTy'] === 'Trial' || strstr($this->var['regTy'], 'expired')) ? $this->var['regTm2'] : 0),
-            "extraOrigins" => explode(',', $this->myservers['api']['extraOrigins'] ?? ''),
+            "extraOrigins" => explode(',', $this->myServersFlashCfg['api']['extraOrigins'] ?? ''),
             "flashProduct" => $this->var['flashProduct'],
             "flashVendor" => $this->var['flashVendor'],
             "flashBackupActivated" => empty($this->flashbackupStatus['activated']) ? '' : 'true',
             "guid" => $this->var['flashGUID'],
-            "hasRemoteApikey" => !empty($this->myservers['remote']['apikey']),
+            "hasRemoteApikey" => !empty($this->myServersFlashCfg['remote']['apikey']),
             "internalPort" => $_SERVER['SERVER_PORT'],
-            "keyfile" => empty($this->var['regFILE']) ? '' : str_replace(['+', '/', '='], ['-', '_', ''], trim(base64_encode(@file_get_contents($this->var['regFILE'])))),
+            "keyfile" => $this->keyfileBase64UrlSafe,
             "lanIp" => ipaddr(),
             "locale" => (!empty($_SESSION) && $_SESSION['locale']) ? $_SESSION['locale'] : 'en_US',
             "model" => $this->var['SYS_MODEL'],
             "name" => htmlspecialchars($this->var['NAME']),
-            "osVersion" => $this->var['version'],
+            "osVersion" => $this->osVersion,
             "osVersionBranch" => $this->osVersionBranch,
             "protocol" => $_SERVER['REQUEST_SCHEME'],
             "rebootType" => $this->rebootDetails->getRebootType(),
@@ -161,7 +222,7 @@ class ServerState
             "regTy" => @$this->var['regTy'] ?? '',
             "regExp" => $this->var['regExp'] ? @$this->var['regExp'] * 1000 : '', // JS expects milliseconds
             "registered" => $this->registered,
-            "registeredTime" => $this->myservers['remote']['regWizTime'] ?? '',
+            "registeredTime" => $this->myServersFlashCfg['remote']['regWizTime'] ?? '',
             "site" => $_SERVER['REQUEST_SCHEME'] . "://" . $_SERVER['HTTP_HOST'],
             "state" => strtoupper(empty($this->var['regCheck']) ? $this->var['regTy'] : $this->var['regCheck']),
             "theme" => [
@@ -175,10 +236,14 @@ class ServerState
             ],
             "ts" => time(),
             "uptime" => 1000 * (time() - round(strtok(exec("cat /proc/uptime"), ' '))),
-            "username" => $this->myservers['remote']['username'] ?? '',
-            "wanFQDN" => $this->nginx['NGINX_WANFQDN'] ?? '',
+            "username" => $this->myServersFlashCfg['remote']['username'] ?? '',
+            "wanFQDN" => $this->nginxCfg['NGINX_WANFQDN'] ?? '',
         ];
 
+        if ($this->combinedKnownOrigins) {
+            $serverState['combinedKnownOrigins'] = $this->combinedKnownOrigins;
+        }
+
         return $serverState;
     }