diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AuthCoreProvider.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AuthCoreProvider.java index 3dac78f4..4c5551ac 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AuthCoreProvider.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AuthCoreProvider.java @@ -44,6 +44,10 @@ public static void registerProviders() { public abstract User getUserByUsername(String username); + public User getUserByLogin(String login) { + return getUserByUsername(login); + } + public abstract User getUserByUUID(UUID uuid); public abstract UserSession getUserSessionByOAuthAccessToken(String accessToken) throws OAuthAccessTokenExpired; diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/JsonCoreProvider.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/JsonCoreProvider.java index fd2a47cb..bdb2fc63 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/JsonCoreProvider.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/JsonCoreProvider.java @@ -1,5 +1,7 @@ package pro.gravit.launchserver.auth.core; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; import pro.gravit.launcher.ClientPermissions; import pro.gravit.launcher.Launcher; import pro.gravit.launcher.events.request.GetAvailabilityAuthRequestEvent; @@ -25,7 +27,9 @@ import java.util.UUID; public class JsonCoreProvider extends AuthCoreProvider { + private transient final Logger logger = LogManager.getLogger(); public String getUserByUsernameUrl; + public String getUserByLoginUrl; public String getUserByUUIDUrl; public String getUserSessionByOAuthAccessTokenUrl; public String getAuthDetailsUrl; @@ -77,6 +81,7 @@ public static class JsonAuthReportResponse { public String oauthRefreshToken; public long oauthExpire; public JsonUserSession session; + public String error; public AuthManager.AuthReport toAuthReport() { return new AuthManager.AuthReport(minecraftAccessToken, oauthAccessToken, oauthRefreshToken, oauthExpire, session); @@ -123,7 +128,7 @@ public static class JsonSuccessResponse { public static class JsonGetUserSessionByOAuthTokenResponse { public boolean expired; - public UserSession session; + public JsonUserSession session; public JsonGetUserSessionByOAuthTokenResponse() { } @@ -142,6 +147,14 @@ public User getUserByUsername(String username) { return jsonRequest(new JsonGetUserByUsername(username), getUserByUsernameUrl, JsonUser.class); } + @Override + public User getUserByLogin(String login) { + if (getUserByLoginUrl != null) { + return jsonRequest(new JsonGetUserByUsername(login), getUserByLoginUrl, JsonUser.class); + } + return super.getUserByLogin(login); + } + @Override public User getUserByUUID(UUID uuid) { return jsonRequest(new JsonGetUserByUUID(uuid), getUserByUUIDUrl, JsonUser.class); @@ -149,6 +162,9 @@ public User getUserByUUID(UUID uuid) { @Override public UserSession getUserSessionByOAuthAccessToken(String accessToken) throws OAuthAccessTokenExpired { + if (getUserSessionByOAuthAccessTokenUrl == null) { + return null; + } JsonGetUserSessionByOAuthTokenResponse response = jsonRequest(new JsonGetUserSessionByAccessToken(accessToken), getUserSessionByOAuthAccessTokenUrl, JsonGetUserSessionByOAuthTokenResponse.class); if (response == null) return null; if (!response.expired) throw new OAuthAccessTokenExpired(); @@ -186,13 +202,17 @@ public PasswordVerifyReport verifyPassword(User user, AuthRequest.AuthPasswordIn return PasswordVerifyReport.FAILED; } } + if (user == null) { + return jsonRequest(new JsonPasswordVerify(null, null), verifyPasswordUrl, PasswordVerifyReport.class); + } return jsonRequest(new JsonPasswordVerify(user.getUsername(), user.getUUID()), verifyPasswordUrl, PasswordVerifyReport.class); } @Override public AuthManager.AuthReport createOAuthSession(User user, AuthResponse.AuthContext context, PasswordVerifyReport report, boolean minecraftAccess) throws IOException { - JsonAuthReportResponse response = jsonRequest(new JsonCreateOAuthSession(user.getUsername(), user.getUUID(), minecraftAccess), createOAuthSessionUrl, JsonAuthReportResponse.class); + JsonAuthReportResponse response = jsonRequest(new JsonCreateOAuthSession(user == null ? null : user.getUsername(), user == null ? null : user.getUUID(), minecraftAccess), createOAuthSessionUrl, JsonAuthReportResponse.class); if (response == null) return null; + if (response.error != null) throw new AuthException(response.error); JsonUser user1 = (JsonUser) user; user1.accessToken = response.minecraftAccessToken; return response.toAuthReport(); @@ -291,17 +311,25 @@ public R jsonRequest(T request, String url, Class clazz) { publisher = HttpRequest.BodyPublishers.noBody(); } try { - HttpRequest request1 = HttpRequest.newBuilder() + HttpRequest.Builder request1 = HttpRequest.newBuilder() .method("POST", publisher) .uri(new URI(url)) - .header("Authentication", "Bearer ".concat(bearerToken)) .header("Content-Type", "application/json; charset=UTF-8") .header("Accept", "application/json") - .timeout(Duration.ofMillis(10000)) - .build(); - HttpResponse response = client.send(request1, HttpResponse.BodyHandlers.ofInputStream()); + .timeout(Duration.ofMillis(10000)); + if (bearerToken != null) { + request1.header("Authentication", "Bearer ".concat(bearerToken)); + } + HttpResponse response = client.send(request1.build(), HttpResponse.BodyHandlers.ofInputStream()); int statusCode = response.statusCode(); if (200 > statusCode || statusCode > 300) { + if (statusCode >= 500) { + logger.error("JsonCoreProvider: {} return {}", url, statusCode); + } else if (statusCode >= 300 && statusCode <= 400) { + logger.error("JsonCoreProvider: {} return {}, try redirect to {}. Redirects not supported!", url, statusCode, response.headers().firstValue("Location").orElse("Unknown")); + } else if (statusCode == 403 || statusCode == 401) { + logger.error("JsonCoreProvider: {} return {}. Please set 'bearerToken'!", url, statusCode); + } return null; } try (Reader reader = new InputStreamReader(response.body())) { diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/AuthManager.java b/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/AuthManager.java index ca822311..c55fb8b0 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/AuthManager.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/AuthManager.java @@ -132,22 +132,33 @@ private AuthReport authWithCore(AuthResponse.AuthContext context, AuthRequest.Au } return AuthReport.ofMinecraftAccessToken(null); } - User user = provider.getUserByUsername(context.login); - if (user == null) { - throw new AuthException(AuthRequestEvent.USER_NOT_FOUND_ERROR_MESSAGE); + User user = null; + if (context.login != null) { + user = provider.getUserByLogin(context.login); + if (user == null) { + throw new AuthException(AuthRequestEvent.USER_NOT_FOUND_ERROR_MESSAGE); + } } AuthCoreProvider.PasswordVerifyReport report = provider.verifyPassword(user, password); if (report.success) { - UUID uuid = user.getUUID(); AuthReport result; try { result = provider.createOAuthSession(user, context, report, context.authType == AuthResponse.ConnectTypes.CLIENT && server.config.protectHandler.allowGetAccessToken(context)); } catch (IOException e) { + if (e instanceof AuthException) throw (AuthException) e; logger.error(e); throw new AuthException("Internal Auth Error"); } + if (user == null) { + if (result.session != null) { + user = result.session.getUser(); + } else { + logger.error("AuthCoreProvider {} method createOAuthSession returns null session with login null", context.pair.name); + throw new AuthException("Internal Auth Error"); + } + } context.client.coreObject = user; - internalAuth(context.client, context.authType, context.pair, user.getUsername(), uuid, user.getPermissions(), result.isUsingOAuth()); + internalAuth(context.client, context.authType, context.pair, user.getUsername(), user.getUUID(), user.getPermissions(), result.isUsingOAuth()); return result; } else { if (report.needMoreFactor) {