From c57cb907008c65c0c290f524cca459f0298b0720 Mon Sep 17 00:00:00 2001 From: Gravit Date: Fri, 20 Mar 2020 09:23:09 +0700 Subject: [PATCH] [FEATURE][EXPERIMENTAL] SecurityReport --- .../auth/protect/AdvancedProtectHandler.java | 14 ---- .../auth/protect/NoProtectHandler.java | 14 ---- .../auth/protect/ProtectHandler.java | 6 -- .../auth/protect/StdProtectHandler.java | 15 ---- .../interfaces/SecureProtectHandler.java | 6 ++ .../security/SecurityReportModuleEvent.java | 18 +++++ .../modules/impl/LaunchServerCoreModule.java | 5 ++ .../launchserver/socket/WebSocketService.java | 2 + .../secure/SecurityReportResponse.java | 32 ++++++++ .../request/SecurityReportRequestEvent.java | 36 +++++++++ .../request/secure/SecurityReportRequest.java | 74 +++++++++++++++++++ .../websockets/ClientWebSocketService.java | 1 + 12 files changed, 174 insertions(+), 49 deletions(-) create mode 100644 LaunchServer/src/main/java/pro/gravit/launchserver/modules/events/security/SecurityReportModuleEvent.java create mode 100644 LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/secure/SecurityReportResponse.java create mode 100644 LauncherAPI/src/main/java/pro/gravit/launcher/events/request/SecurityReportRequestEvent.java create mode 100644 LauncherAPI/src/main/java/pro/gravit/launcher/request/secure/SecurityReportRequest.java diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/AdvancedProtectHandler.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/AdvancedProtectHandler.java index d4932430..17005bf0 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/AdvancedProtectHandler.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/AdvancedProtectHandler.java @@ -7,20 +7,6 @@ import pro.gravit.utils.helper.SecurityHelper; public class AdvancedProtectHandler extends ProtectHandler implements SecureProtectHandler { - @Override - public String generateSecureToken(AuthResponse.AuthContext context) { - return SecurityHelper.randomStringToken(); - } - - @Override - public String generateClientSecureToken() { - return SecurityHelper.randomStringToken(); - } - - @Override - public boolean verifyClientSecureToken(String token, String secureKey) { - return true; - } @Override public boolean allowGetAccessToken(AuthResponse.AuthContext context) { diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/NoProtectHandler.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/NoProtectHandler.java index 7985c744..6480fc79 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/NoProtectHandler.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/NoProtectHandler.java @@ -4,20 +4,6 @@ import pro.gravit.utils.helper.SecurityHelper; public class NoProtectHandler extends ProtectHandler { - @Override - public String generateSecureToken(AuthResponse.AuthContext context) { - return SecurityHelper.randomStringToken(); - } - - @Override - public String generateClientSecureToken() { - return SecurityHelper.randomStringToken(); - } - - @Override - public boolean verifyClientSecureToken(String token, String secureKey) { - return true; - } @Override public boolean allowGetAccessToken(AuthResponse.AuthContext context) { diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/ProtectHandler.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/ProtectHandler.java index 40777ec9..8bdaadc3 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/ProtectHandler.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/ProtectHandler.java @@ -17,12 +17,6 @@ public static void registerHandlers() { } } - public abstract String generateSecureToken(AuthResponse.AuthContext context); //Генерация токена для передачи его в LauncherGuardInterface - - public abstract String generateClientSecureToken(); - - public abstract boolean verifyClientSecureToken(String token, String secureKey); - public abstract boolean allowGetAccessToken(AuthResponse.AuthContext context); public abstract void checkLaunchServerLicense(); //Выдает SecurityException при ошибке проверки лицензии diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/StdProtectHandler.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/StdProtectHandler.java index 1b165ea4..380413e0 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/StdProtectHandler.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/StdProtectHandler.java @@ -6,21 +6,6 @@ public class StdProtectHandler extends ProtectHandler { public final boolean checkSecure = true; - @Override - public String generateSecureToken(AuthResponse.AuthContext context) { - return SecurityHelper.randomStringToken(); - } - - @Override - public String generateClientSecureToken() { - return SecurityHelper.randomStringToken(); - } - - @Override - public boolean verifyClientSecureToken(String token, String secureKey) { - return true; - } - @Override public boolean allowGetAccessToken(AuthResponse.AuthContext context) { return (context.authType == AuthResponse.ConnectTypes.CLIENT) && (!checkSecure || context.client.isSecure); diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/interfaces/SecureProtectHandler.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/interfaces/SecureProtectHandler.java index 1fd49654..5170d869 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/interfaces/SecureProtectHandler.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/interfaces/SecureProtectHandler.java @@ -1,7 +1,9 @@ package pro.gravit.launchserver.auth.protect.interfaces; import pro.gravit.launcher.events.request.GetSecureLevelInfoRequestEvent; +import pro.gravit.launcher.events.request.SecurityReportRequestEvent; import pro.gravit.launchserver.socket.Client; +import pro.gravit.launchserver.socket.response.secure.SecurityReportResponse; import pro.gravit.utils.helper.SecurityHelper; import java.security.SignatureException; @@ -20,4 +22,8 @@ default void verifySecureLevelKey(byte[] publicKey, byte[] signature) throws Inv } GetSecureLevelInfoRequestEvent onGetSecureLevelInfo(GetSecureLevelInfoRequestEvent event); boolean allowGetSecureLevelInfo(Client client); + default SecurityReportRequestEvent onSecurityReport(SecurityReportResponse report, Client client) + { + return new SecurityReportRequestEvent(); + } } diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/modules/events/security/SecurityReportModuleEvent.java b/LaunchServer/src/main/java/pro/gravit/launchserver/modules/events/security/SecurityReportModuleEvent.java new file mode 100644 index 00000000..8fb01c62 --- /dev/null +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/modules/events/security/SecurityReportModuleEvent.java @@ -0,0 +1,18 @@ +package pro.gravit.launchserver.modules.events.security; + +import pro.gravit.launcher.events.request.SecurityReportRequestEvent; +import pro.gravit.launcher.modules.LauncherModule; +import pro.gravit.launchserver.socket.Client; +import pro.gravit.launchserver.socket.response.secure.SecurityReportResponse; + +public class SecurityReportModuleEvent extends LauncherModule.Event { + public final SecurityReportRequestEvent event; + public final SecurityReportResponse response; + public final Client client; + + public SecurityReportModuleEvent(SecurityReportRequestEvent event, SecurityReportResponse response, Client client) { + this.event = event; + this.response = response; + this.client = client; + } +} diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/modules/impl/LaunchServerCoreModule.java b/LaunchServer/src/main/java/pro/gravit/launchserver/modules/impl/LaunchServerCoreModule.java index 9c35208a..6e54d9bb 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/modules/impl/LaunchServerCoreModule.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/modules/impl/LaunchServerCoreModule.java @@ -19,4 +19,9 @@ public void init(LauncherInitContext initContext) { public void testEvent(InitPhase event) { //LogHelper.debug("[LaunchServerCore] Event LaunchServerInitPhase passed"); } + + @Override + public boolean registerEvent(EventHandler handle, Class tClass) { + return super.registerEvent(handle, tClass); + } } diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/socket/WebSocketService.java b/LaunchServer/src/main/java/pro/gravit/launchserver/socket/WebSocketService.java index 2005c7d8..00b1b1b7 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/socket/WebSocketService.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/socket/WebSocketService.java @@ -22,6 +22,7 @@ import pro.gravit.launchserver.socket.response.profile.ProfileByUUIDResponse; import pro.gravit.launchserver.socket.response.profile.ProfileByUsername; import pro.gravit.launchserver.socket.response.secure.GetSecureLevelInfoResponse; +import pro.gravit.launchserver.socket.response.secure.SecurityReportResponse; import pro.gravit.launchserver.socket.response.secure.VerifySecureLevelKeyResponse; import pro.gravit.launchserver.socket.response.update.LauncherResponse; import pro.gravit.launchserver.socket.response.update.UpdateListResponse; @@ -129,6 +130,7 @@ public static void registerResponses() { providers.register("exit", ExitResponse.class); providers.register("getSecureLevelInfo", GetSecureLevelInfoResponse.class); providers.register("verifySecureLevelKey", VerifySecureLevelKeyResponse.class); + providers.register("securityReport", SecurityReportResponse.class); } public void sendObject(ChannelHandlerContext ctx, Object obj) { diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/secure/SecurityReportResponse.java b/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/secure/SecurityReportResponse.java new file mode 100644 index 00000000..da5f5138 --- /dev/null +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/secure/SecurityReportResponse.java @@ -0,0 +1,32 @@ +package pro.gravit.launchserver.socket.response.secure; + +import io.netty.channel.ChannelHandlerContext; +import pro.gravit.launcher.events.request.SecurityReportRequestEvent; +import pro.gravit.launchserver.auth.protect.interfaces.SecureProtectHandler; +import pro.gravit.launchserver.modules.events.security.SecurityReportModuleEvent; +import pro.gravit.launchserver.socket.Client; +import pro.gravit.launchserver.socket.response.SimpleResponse; + +public class SecurityReportResponse extends SimpleResponse { + public String reportType; + public String smallData; + public String largeData; + public byte[] smallBytes; + public byte[] largeBytes; + @Override + public String getType() { + return "securityReport"; + } + + @Override + public void execute(ChannelHandlerContext ctx, Client client) throws Exception { + if(!(server.config.protectHandler instanceof SecureProtectHandler)) + { + sendError("Method not allowed"); + } + SecureProtectHandler secureProtectHandler = (SecureProtectHandler) server.config.protectHandler; + SecurityReportRequestEvent event = secureProtectHandler.onSecurityReport(this, client); + server.modulesManager.invokeEvent(new SecurityReportModuleEvent(event, this, client)); + sendResult(event); + } +} diff --git a/LauncherAPI/src/main/java/pro/gravit/launcher/events/request/SecurityReportRequestEvent.java b/LauncherAPI/src/main/java/pro/gravit/launcher/events/request/SecurityReportRequestEvent.java new file mode 100644 index 00000000..7dec5d4f --- /dev/null +++ b/LauncherAPI/src/main/java/pro/gravit/launcher/events/request/SecurityReportRequestEvent.java @@ -0,0 +1,36 @@ +package pro.gravit.launcher.events.request; + +import pro.gravit.launcher.events.RequestEvent; + +public class SecurityReportRequestEvent extends RequestEvent { + public SecurityReportRequestEvent(ReportAction action) { + this.action = action; + this.otherAction = null; + } + + public SecurityReportRequestEvent(String otherAction) { + this.action = ReportAction.OTHER; + this.otherAction = otherAction; + } + + public SecurityReportRequestEvent() { + this.action = ReportAction.NONE; + this.otherAction = null; + } + + public enum ReportAction + { + NONE, + LOGOUT, + EXIT, + CRASH, + OTHER + } + public final ReportAction action; + public final String otherAction; + + @Override + public String getType() { + return "securityReport"; + } +} diff --git a/LauncherAPI/src/main/java/pro/gravit/launcher/request/secure/SecurityReportRequest.java b/LauncherAPI/src/main/java/pro/gravit/launcher/request/secure/SecurityReportRequest.java new file mode 100644 index 00000000..92cd43c6 --- /dev/null +++ b/LauncherAPI/src/main/java/pro/gravit/launcher/request/secure/SecurityReportRequest.java @@ -0,0 +1,74 @@ +package pro.gravit.launcher.request.secure; + +import pro.gravit.launcher.events.request.SecurityReportRequestEvent; +import pro.gravit.launcher.request.Request; + +public final class SecurityReportRequest extends Request { + public final String reportType; + public final String smallData; + public final String largeData; + public final byte[] smallBytes; + public final byte[] largeBytes; + + public SecurityReportRequest(String reportType, String smallData, String largeData, byte[] smallBytes, byte[] largeBytes) { + this.reportType = reportType; + this.smallData = smallData; + this.largeData = largeData; + this.smallBytes = smallBytes; + this.largeBytes = largeBytes; + } + public SecurityReportRequest(String reportType, String smallData, String largeData, byte[] smallBytes) { + this.reportType = reportType; + this.smallData = smallData; + this.largeData = largeData; + this.smallBytes = smallBytes; + this.largeBytes = null; + } + public SecurityReportRequest(String reportType, String smallData, String largeData) { + this.reportType = reportType; + this.smallData = smallData; + this.largeData = largeData; + this.smallBytes = null; + this.largeBytes = null; + } + public SecurityReportRequest(String reportType, String smallData, byte[] smallBytes) { + this.reportType = reportType; + this.smallData = smallData; + this.largeData = null; + this.smallBytes = smallBytes; + this.largeBytes = null; + } + public SecurityReportRequest(String reportType, byte[] smallBytes, byte[] largeBytes) { + this.reportType = reportType; + this.smallData = null; + this.largeData = null; + this.smallBytes = smallBytes; + this.largeBytes = largeBytes; + } + public SecurityReportRequest(String reportType, byte[] smallBytes) { + this.reportType = reportType; + this.smallData = null; + this.largeData = null; + this.smallBytes = smallBytes; + this.largeBytes = null; + } + public SecurityReportRequest(String reportType, String smallData) { + this.reportType = reportType; + this.smallData = smallData; + this.largeData = null; + this.smallBytes = null; + this.largeBytes = null; + } + public SecurityReportRequest(String reportType) { + this.reportType = reportType; + this.smallData = null; + this.largeData = null; + this.smallBytes = null; + this.largeBytes = null; + } + + @Override + public String getType() { + return "securityReport"; + } +} diff --git a/LauncherAPI/src/main/java/pro/gravit/launcher/request/websockets/ClientWebSocketService.java b/LauncherAPI/src/main/java/pro/gravit/launcher/request/websockets/ClientWebSocketService.java index 1d5da0d6..4e74f253 100644 --- a/LauncherAPI/src/main/java/pro/gravit/launcher/request/websockets/ClientWebSocketService.java +++ b/LauncherAPI/src/main/java/pro/gravit/launcher/request/websockets/ClientWebSocketService.java @@ -109,6 +109,7 @@ public void registerResults() { results.register("exit", ExitRequestEvent.class); results.register("getSecureLevelInfo", GetSecureLevelInfoRequestEvent.class); results.register("verifySecureLevelKey", VerifySecureLevelKeyRequestEvent.class); + results.register("securityReport", SecurityReportRequestEvent.class); } public void waitIfNotConnected() {