From a4bf033aa8a12d73e1d72eb917c304ee25f4bda1 Mon Sep 17 00:00:00 2001 From: Gravita <12893402+gravit0@users.noreply.github.com> Date: Fri, 23 Feb 2024 14:42:00 +0700 Subject: [PATCH] [FEATURE] Support sudo in mysql/psotgresql/filesystem AuthCoreProvider --- .../auth/core/AbstractSQLCoreProvider.java | 28 +++++++++++++------ 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AbstractSQLCoreProvider.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AbstractSQLCoreProvider.java index 1ebc1939..857f9b7f 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AbstractSQLCoreProvider.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AbstractSQLCoreProvider.java @@ -12,6 +12,7 @@ import pro.gravit.launchserver.auth.AuthProviderPair; import pro.gravit.launchserver.auth.MySQLSourceConfig; import pro.gravit.launchserver.auth.SQLSourceConfig; +import pro.gravit.launchserver.auth.core.interfaces.provider.AuthSupportSudo; import pro.gravit.launchserver.auth.password.PasswordVerifier; import pro.gravit.launchserver.helper.LegacySessionHelper; import pro.gravit.launchserver.manangers.AuthManager; @@ -33,7 +34,7 @@ import static java.util.concurrent.TimeUnit.HOURS; import static java.util.concurrent.TimeUnit.SECONDS; -public abstract class AbstractSQLCoreProvider extends AuthCoreProvider { +public abstract class AbstractSQLCoreProvider extends AuthCoreProvider implements AuthSupportSudo { public final transient Logger logger = LogManager.getLogger(); public long expireSeconds = HOURS.toSeconds(1); public String uuidColumn; @@ -142,14 +143,12 @@ public AuthManager.AuthReport authorize(String login, AuthResponse.AuthContext c if (user == null) { throw AuthException.userNotFound(); } - if (context != null) { - AuthPlainPassword plainPassword = (AuthPlainPassword) password; - if (plainPassword == null) { - throw AuthException.wrongPassword(); - } - if (!passwordVerifier.check(user.password, plainPassword.password)) { - throw AuthException.wrongPassword(); - } + AuthPlainPassword plainPassword = (AuthPlainPassword) password; + if (plainPassword == null) { + throw AuthException.wrongPassword(); + } + if (!passwordVerifier.check(user.password, plainPassword.password)) { + throw AuthException.wrongPassword(); } SQLUserSession session = createSession(user); var accessToken = LegacySessionHelper.makeAccessJwtTokenFromString(user, LocalDateTime.now(Clock.systemUTC()).plusSeconds(expireSeconds), server.keyAgreementManager.ecdsaPrivateKey); @@ -163,6 +162,17 @@ public AuthManager.AuthReport authorize(String login, AuthResponse.AuthContext c } } + @Override + public AuthManager.AuthReport sudo(User user, boolean shadow) throws IOException { + SQLUser sqlUser = (SQLUser) user; + SQLUserSession session = createSession(sqlUser); + var accessToken = LegacySessionHelper.makeAccessJwtTokenFromString(sqlUser, LocalDateTime.now(Clock.systemUTC()).plusSeconds(expireSeconds), server.keyAgreementManager.ecdsaPrivateKey); + var refreshToken = sqlUser.username.concat(".").concat(LegacySessionHelper.makeRefreshTokenFromPassword(sqlUser.username, sqlUser.password, server.keyAgreementManager.legacySalt)); + String minecraftAccessToken = SecurityHelper.randomStringToken(); + updateAuth(user, minecraftAccessToken); + return AuthManager.AuthReport.ofOAuthWithMinecraft(minecraftAccessToken, accessToken, refreshToken, SECONDS.toMillis(expireSeconds), session); + } + @Override public User checkServer(Client client, String username, String serverID) throws IOException { SQLUser user = (SQLUser) getUserByUsername(username);