[FEATURE][EXPERIMENTAL] StdProtectHandler

LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServer.java

@@ -52,8 +52,8 @@
 import pro.gravit.launchserver.auth.permissions.DefaultPermissionsHandler;
 import pro.gravit.launchserver.auth.permissions.JsonFilePermissionsHandler;
 import pro.gravit.launchserver.auth.permissions.PermissionsHandler;
-import pro.gravit.launchserver.auth.protect.NoProtectHandler;
 import pro.gravit.launchserver.auth.protect.ProtectHandler;
+import pro.gravit.launchserver.auth.protect.StdProtectHandler;
 import pro.gravit.launchserver.auth.provider.AuthProvider;
 import pro.gravit.launchserver.auth.provider.RejectAuthProvider;
 import pro.gravit.launchserver.auth.texture.RequestTextureProvider;
@@ -755,7 +755,7 @@ private void generateConfigIfNotExists(boolean testEnv) throws IOException {
                 new RequestTextureProvider("http://example.com/skins/%username%.png", "http://example.com/cloaks/%username%.png")
                 , "std")};
         newConfig.auth[0].displayName = "Default";
-        newConfig.protectHandler = new NoProtectHandler();
+        newConfig.protectHandler = new StdProtectHandler();
         if (testEnv) newConfig.permissionsHandler = new DefaultPermissionsHandler();
         else newConfig.permissionsHandler = new JsonFilePermissionsHandler();
         newConfig.legacyPort = 7240;

LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/ProtectHandler.java

@@ -11,6 +11,7 @@ public abstract class ProtectHandler {
     public static void registerHandlers() {
         if (!registredHandl) {
             providers.register("none", NoProtectHandler.class);
+            providers.register("std", StdProtectHandler.class);
             registredHandl = true;
         }
     }

LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/StdProtectHandler.java

@@ -0,0 +1,31 @@
+package pro.gravit.launchserver.auth.protect;
+
+import pro.gravit.launchserver.websocket.json.auth.AuthResponse;
+import pro.gravit.utils.helper.SecurityHelper;
+
+public class StdProtectHandler extends ProtectHandler {
+    @Override
+    public String generateSecureToken(AuthResponse.AuthContext context) {
+        return SecurityHelper.randomStringToken();
+    }
+
+    @Override
+    public String generateClientSecureToken() {
+        return SecurityHelper.randomStringToken();
+    }
+
+    @Override
+    public boolean verifyClientSecureToken(String token, String secureKey) {
+        return true;
+    }
+
+    @Override
+    public boolean allowGetAccessToken(AuthResponse.AuthContext context) {
+        return !(context.authType == AuthResponse.ConnectTypes.CLIENT);
+    }
+
+    @Override
+    public void checkLaunchServerLicense() {
+
+    }
+}

LaunchServer/src/main/java/pro/gravit/launchserver/websocket/json/auth/AuthResponse.java

@@ -73,17 +73,10 @@ public void execute(ChannelHandlerContext ctx, Client clientData) throws Excepti
                     throw new AuthException("Password decryption error");
                 }
             }
-            clientData.permissions = server.config.permissionsHandler.getPermissions(login);
-            if (authType == ConnectTypes.BOT && !clientData.permissions.canBot) {
-                AuthProvider.authError("authType: BOT not allowed for this account");
-            }
-            if (authType == ConnectTypes.SERVER && !clientData.permissions.canServer) {
-                AuthProvider.authError("authType: SERVER not allowed for this account");
-            }
             AuthProviderPair pair;
             if (auth_id.isEmpty()) pair = server.config.getAuthProviderPair();
             else pair = server.config.getAuthProviderPair(auth_id);
-            AuthContext context = new AuthContext(0, login, password.length(), customText, client, ip, null, false);
+            AuthContext context = new AuthContext(0, login, password.length(), customText, client, ip, null, authType);
             AuthProvider provider = pair.provider;
             server.authHookManager.preHook.hook(context, clientData);
             provider.preAuth(login, password, customText, ip);
@@ -113,6 +106,12 @@ public void execute(ChannelHandlerContext ctx, Client clientData) throws Excepti
             clientData.updateAuth(server);
             result.accessToken = aresult.accessToken;
             result.permissions = clientData.permissions;
+            if (authType == ConnectTypes.BOT && !clientData.permissions.canBot) {
+                AuthProvider.authError("authType: BOT not allowed for this account");
+            }
+            if (authType == ConnectTypes.SERVER && !clientData.permissions.canServer) {
+                AuthProvider.authError("authType: SERVER not allowed for this account");
+            }
             if (getSession) {
                 if (clientData.session == 0) {
                     clientData.session = random.nextLong();
@@ -136,7 +135,7 @@ public void execute(ChannelHandlerContext ctx, Client clientData) throws Excepti
     }
 
     public static class AuthContext {
-        public AuthContext(long session, String login, int password_lenght, String customText, String client, String hwid, String ip, boolean isServerAuth) {
+        public AuthContext(long session, String login, int password_lenght, String customText, String client, String hwid, String ip, ConnectTypes authType) {
             this.session = session;
             this.login = login;
             this.password_lenght = password_lenght;
@@ -144,7 +143,7 @@ public AuthContext(long session, String login, int password_lenght, String custo
             this.client = client;
             this.hwid = hwid;
             this.ip = ip;
-            this.isServerAuth = isServerAuth;
+            this.authType = authType;
         }
 
         public long session;
@@ -154,6 +153,6 @@ public AuthContext(long session, String login, int password_lenght, String custo
         public String hwid;
         public String customText;
         public String ip;
-        public boolean isServerAuth;
+        public ConnectTypes authType;
     }
 }