From 95f5ff13c3ec86412fc5fa165098779faa159274 Mon Sep 17 00:00:00 2001 From: Gravit Date: Fri, 7 Jun 2019 05:23:33 +0700 Subject: [PATCH] [FEATURE][EXPERIMENTAL] StdProtectHandler --- .../pro/gravit/launchserver/LaunchServer.java | 4 +-- .../auth/protect/ProtectHandler.java | 1 + .../auth/protect/StdProtectHandler.java | 31 +++++++++++++++++++ .../websocket/json/auth/AuthResponse.java | 21 ++++++------- 4 files changed, 44 insertions(+), 13 deletions(-) create mode 100644 LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/StdProtectHandler.java diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServer.java b/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServer.java index 4f427507..1dc4f34c 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServer.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServer.java @@ -52,8 +52,8 @@ import pro.gravit.launchserver.auth.permissions.DefaultPermissionsHandler; import pro.gravit.launchserver.auth.permissions.JsonFilePermissionsHandler; import pro.gravit.launchserver.auth.permissions.PermissionsHandler; -import pro.gravit.launchserver.auth.protect.NoProtectHandler; import pro.gravit.launchserver.auth.protect.ProtectHandler; +import pro.gravit.launchserver.auth.protect.StdProtectHandler; import pro.gravit.launchserver.auth.provider.AuthProvider; import pro.gravit.launchserver.auth.provider.RejectAuthProvider; import pro.gravit.launchserver.auth.texture.RequestTextureProvider; @@ -755,7 +755,7 @@ private void generateConfigIfNotExists(boolean testEnv) throws IOException { new RequestTextureProvider("http://example.com/skins/%username%.png", "http://example.com/cloaks/%username%.png") , "std")}; newConfig.auth[0].displayName = "Default"; - newConfig.protectHandler = new NoProtectHandler(); + newConfig.protectHandler = new StdProtectHandler(); if (testEnv) newConfig.permissionsHandler = new DefaultPermissionsHandler(); else newConfig.permissionsHandler = new JsonFilePermissionsHandler(); newConfig.legacyPort = 7240; diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/ProtectHandler.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/ProtectHandler.java index a0041bb1..c96a15f6 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/ProtectHandler.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/ProtectHandler.java @@ -11,6 +11,7 @@ public abstract class ProtectHandler { public static void registerHandlers() { if (!registredHandl) { providers.register("none", NoProtectHandler.class); + providers.register("std", StdProtectHandler.class); registredHandl = true; } } diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/StdProtectHandler.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/StdProtectHandler.java new file mode 100644 index 00000000..fe363480 --- /dev/null +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/StdProtectHandler.java @@ -0,0 +1,31 @@ +package pro.gravit.launchserver.auth.protect; + +import pro.gravit.launchserver.websocket.json.auth.AuthResponse; +import pro.gravit.utils.helper.SecurityHelper; + +public class StdProtectHandler extends ProtectHandler { + @Override + public String generateSecureToken(AuthResponse.AuthContext context) { + return SecurityHelper.randomStringToken(); + } + + @Override + public String generateClientSecureToken() { + return SecurityHelper.randomStringToken(); + } + + @Override + public boolean verifyClientSecureToken(String token, String secureKey) { + return true; + } + + @Override + public boolean allowGetAccessToken(AuthResponse.AuthContext context) { + return !(context.authType == AuthResponse.ConnectTypes.CLIENT); + } + + @Override + public void checkLaunchServerLicense() { + + } +} diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/websocket/json/auth/AuthResponse.java b/LaunchServer/src/main/java/pro/gravit/launchserver/websocket/json/auth/AuthResponse.java index 4e8bdbfa..858550f2 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/websocket/json/auth/AuthResponse.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/websocket/json/auth/AuthResponse.java @@ -73,17 +73,10 @@ public void execute(ChannelHandlerContext ctx, Client clientData) throws Excepti throw new AuthException("Password decryption error"); } } - clientData.permissions = server.config.permissionsHandler.getPermissions(login); - if (authType == ConnectTypes.BOT && !clientData.permissions.canBot) { - AuthProvider.authError("authType: BOT not allowed for this account"); - } - if (authType == ConnectTypes.SERVER && !clientData.permissions.canServer) { - AuthProvider.authError("authType: SERVER not allowed for this account"); - } AuthProviderPair pair; if (auth_id.isEmpty()) pair = server.config.getAuthProviderPair(); else pair = server.config.getAuthProviderPair(auth_id); - AuthContext context = new AuthContext(0, login, password.length(), customText, client, ip, null, false); + AuthContext context = new AuthContext(0, login, password.length(), customText, client, ip, null, authType); AuthProvider provider = pair.provider; server.authHookManager.preHook.hook(context, clientData); provider.preAuth(login, password, customText, ip); @@ -113,6 +106,12 @@ public void execute(ChannelHandlerContext ctx, Client clientData) throws Excepti clientData.updateAuth(server); result.accessToken = aresult.accessToken; result.permissions = clientData.permissions; + if (authType == ConnectTypes.BOT && !clientData.permissions.canBot) { + AuthProvider.authError("authType: BOT not allowed for this account"); + } + if (authType == ConnectTypes.SERVER && !clientData.permissions.canServer) { + AuthProvider.authError("authType: SERVER not allowed for this account"); + } if (getSession) { if (clientData.session == 0) { clientData.session = random.nextLong(); @@ -136,7 +135,7 @@ public void execute(ChannelHandlerContext ctx, Client clientData) throws Excepti } public static class AuthContext { - public AuthContext(long session, String login, int password_lenght, String customText, String client, String hwid, String ip, boolean isServerAuth) { + public AuthContext(long session, String login, int password_lenght, String customText, String client, String hwid, String ip, ConnectTypes authType) { this.session = session; this.login = login; this.password_lenght = password_lenght; @@ -144,7 +143,7 @@ public AuthContext(long session, String login, int password_lenght, String custo this.client = client; this.hwid = hwid; this.ip = ip; - this.isServerAuth = isServerAuth; + this.authType = authType; } public long session; @@ -154,6 +153,6 @@ public AuthContext(long session, String login, int password_lenght, String custo public String hwid; public String customText; public String ip; - public boolean isServerAuth; + public ConnectTypes authType; } }