[FEATURE][EXPERIMENTAL] SecurityReport

This commit is contained in:
Gravit 2020-03-20 09:23:09 +07:00
parent 8dddb08255
commit c57cb90700
No known key found for this signature in database
GPG key ID: 061981E1E85D3216
12 changed files with 174 additions and 49 deletions

View file

@ -7,20 +7,6 @@
import pro.gravit.utils.helper.SecurityHelper; import pro.gravit.utils.helper.SecurityHelper;
public class AdvancedProtectHandler extends ProtectHandler implements SecureProtectHandler { public class AdvancedProtectHandler extends ProtectHandler implements SecureProtectHandler {
@Override
public String generateSecureToken(AuthResponse.AuthContext context) {
return SecurityHelper.randomStringToken();
}
@Override
public String generateClientSecureToken() {
return SecurityHelper.randomStringToken();
}
@Override
public boolean verifyClientSecureToken(String token, String secureKey) {
return true;
}
@Override @Override
public boolean allowGetAccessToken(AuthResponse.AuthContext context) { public boolean allowGetAccessToken(AuthResponse.AuthContext context) {

View file

@ -4,20 +4,6 @@
import pro.gravit.utils.helper.SecurityHelper; import pro.gravit.utils.helper.SecurityHelper;
public class NoProtectHandler extends ProtectHandler { public class NoProtectHandler extends ProtectHandler {
@Override
public String generateSecureToken(AuthResponse.AuthContext context) {
return SecurityHelper.randomStringToken();
}
@Override
public String generateClientSecureToken() {
return SecurityHelper.randomStringToken();
}
@Override
public boolean verifyClientSecureToken(String token, String secureKey) {
return true;
}
@Override @Override
public boolean allowGetAccessToken(AuthResponse.AuthContext context) { public boolean allowGetAccessToken(AuthResponse.AuthContext context) {

View file

@ -17,12 +17,6 @@ public static void registerHandlers() {
} }
} }
public abstract String generateSecureToken(AuthResponse.AuthContext context); //Генерация токена для передачи его в LauncherGuardInterface
public abstract String generateClientSecureToken();
public abstract boolean verifyClientSecureToken(String token, String secureKey);
public abstract boolean allowGetAccessToken(AuthResponse.AuthContext context); public abstract boolean allowGetAccessToken(AuthResponse.AuthContext context);
public abstract void checkLaunchServerLicense(); //Выдает SecurityException при ошибке проверки лицензии public abstract void checkLaunchServerLicense(); //Выдает SecurityException при ошибке проверки лицензии

View file

@ -6,21 +6,6 @@
public class StdProtectHandler extends ProtectHandler { public class StdProtectHandler extends ProtectHandler {
public final boolean checkSecure = true; public final boolean checkSecure = true;
@Override
public String generateSecureToken(AuthResponse.AuthContext context) {
return SecurityHelper.randomStringToken();
}
@Override
public String generateClientSecureToken() {
return SecurityHelper.randomStringToken();
}
@Override
public boolean verifyClientSecureToken(String token, String secureKey) {
return true;
}
@Override @Override
public boolean allowGetAccessToken(AuthResponse.AuthContext context) { public boolean allowGetAccessToken(AuthResponse.AuthContext context) {
return (context.authType == AuthResponse.ConnectTypes.CLIENT) && (!checkSecure || context.client.isSecure); return (context.authType == AuthResponse.ConnectTypes.CLIENT) && (!checkSecure || context.client.isSecure);

View file

@ -1,7 +1,9 @@
package pro.gravit.launchserver.auth.protect.interfaces; package pro.gravit.launchserver.auth.protect.interfaces;
import pro.gravit.launcher.events.request.GetSecureLevelInfoRequestEvent; import pro.gravit.launcher.events.request.GetSecureLevelInfoRequestEvent;
import pro.gravit.launcher.events.request.SecurityReportRequestEvent;
import pro.gravit.launchserver.socket.Client; import pro.gravit.launchserver.socket.Client;
import pro.gravit.launchserver.socket.response.secure.SecurityReportResponse;
import pro.gravit.utils.helper.SecurityHelper; import pro.gravit.utils.helper.SecurityHelper;
import java.security.SignatureException; import java.security.SignatureException;
@ -20,4 +22,8 @@ default void verifySecureLevelKey(byte[] publicKey, byte[] signature) throws Inv
} }
GetSecureLevelInfoRequestEvent onGetSecureLevelInfo(GetSecureLevelInfoRequestEvent event); GetSecureLevelInfoRequestEvent onGetSecureLevelInfo(GetSecureLevelInfoRequestEvent event);
boolean allowGetSecureLevelInfo(Client client); boolean allowGetSecureLevelInfo(Client client);
default SecurityReportRequestEvent onSecurityReport(SecurityReportResponse report, Client client)
{
return new SecurityReportRequestEvent();
}
} }

View file

@ -0,0 +1,18 @@
package pro.gravit.launchserver.modules.events.security;
import pro.gravit.launcher.events.request.SecurityReportRequestEvent;
import pro.gravit.launcher.modules.LauncherModule;
import pro.gravit.launchserver.socket.Client;
import pro.gravit.launchserver.socket.response.secure.SecurityReportResponse;
public class SecurityReportModuleEvent extends LauncherModule.Event {
public final SecurityReportRequestEvent event;
public final SecurityReportResponse response;
public final Client client;
public SecurityReportModuleEvent(SecurityReportRequestEvent event, SecurityReportResponse response, Client client) {
this.event = event;
this.response = response;
this.client = client;
}
}

View file

@ -19,4 +19,9 @@ public void init(LauncherInitContext initContext) {
public void testEvent(InitPhase event) { public void testEvent(InitPhase event) {
//LogHelper.debug("[LaunchServerCore] Event LaunchServerInitPhase passed"); //LogHelper.debug("[LaunchServerCore] Event LaunchServerInitPhase passed");
} }
@Override
public <T extends Event> boolean registerEvent(EventHandler<T> handle, Class<T> tClass) {
return super.registerEvent(handle, tClass);
}
} }

View file

@ -22,6 +22,7 @@
import pro.gravit.launchserver.socket.response.profile.ProfileByUUIDResponse; import pro.gravit.launchserver.socket.response.profile.ProfileByUUIDResponse;
import pro.gravit.launchserver.socket.response.profile.ProfileByUsername; import pro.gravit.launchserver.socket.response.profile.ProfileByUsername;
import pro.gravit.launchserver.socket.response.secure.GetSecureLevelInfoResponse; import pro.gravit.launchserver.socket.response.secure.GetSecureLevelInfoResponse;
import pro.gravit.launchserver.socket.response.secure.SecurityReportResponse;
import pro.gravit.launchserver.socket.response.secure.VerifySecureLevelKeyResponse; import pro.gravit.launchserver.socket.response.secure.VerifySecureLevelKeyResponse;
import pro.gravit.launchserver.socket.response.update.LauncherResponse; import pro.gravit.launchserver.socket.response.update.LauncherResponse;
import pro.gravit.launchserver.socket.response.update.UpdateListResponse; import pro.gravit.launchserver.socket.response.update.UpdateListResponse;
@ -129,6 +130,7 @@ public static void registerResponses() {
providers.register("exit", ExitResponse.class); providers.register("exit", ExitResponse.class);
providers.register("getSecureLevelInfo", GetSecureLevelInfoResponse.class); providers.register("getSecureLevelInfo", GetSecureLevelInfoResponse.class);
providers.register("verifySecureLevelKey", VerifySecureLevelKeyResponse.class); providers.register("verifySecureLevelKey", VerifySecureLevelKeyResponse.class);
providers.register("securityReport", SecurityReportResponse.class);
} }
public void sendObject(ChannelHandlerContext ctx, Object obj) { public void sendObject(ChannelHandlerContext ctx, Object obj) {

View file

@ -0,0 +1,32 @@
package pro.gravit.launchserver.socket.response.secure;
import io.netty.channel.ChannelHandlerContext;
import pro.gravit.launcher.events.request.SecurityReportRequestEvent;
import pro.gravit.launchserver.auth.protect.interfaces.SecureProtectHandler;
import pro.gravit.launchserver.modules.events.security.SecurityReportModuleEvent;
import pro.gravit.launchserver.socket.Client;
import pro.gravit.launchserver.socket.response.SimpleResponse;
public class SecurityReportResponse extends SimpleResponse {
public String reportType;
public String smallData;
public String largeData;
public byte[] smallBytes;
public byte[] largeBytes;
@Override
public String getType() {
return "securityReport";
}
@Override
public void execute(ChannelHandlerContext ctx, Client client) throws Exception {
if(!(server.config.protectHandler instanceof SecureProtectHandler))
{
sendError("Method not allowed");
}
SecureProtectHandler secureProtectHandler = (SecureProtectHandler) server.config.protectHandler;
SecurityReportRequestEvent event = secureProtectHandler.onSecurityReport(this, client);
server.modulesManager.invokeEvent(new SecurityReportModuleEvent(event, this, client));
sendResult(event);
}
}

View file

@ -0,0 +1,36 @@
package pro.gravit.launcher.events.request;
import pro.gravit.launcher.events.RequestEvent;
public class SecurityReportRequestEvent extends RequestEvent {
public SecurityReportRequestEvent(ReportAction action) {
this.action = action;
this.otherAction = null;
}
public SecurityReportRequestEvent(String otherAction) {
this.action = ReportAction.OTHER;
this.otherAction = otherAction;
}
public SecurityReportRequestEvent() {
this.action = ReportAction.NONE;
this.otherAction = null;
}
public enum ReportAction
{
NONE,
LOGOUT,
EXIT,
CRASH,
OTHER
}
public final ReportAction action;
public final String otherAction;
@Override
public String getType() {
return "securityReport";
}
}

View file

@ -0,0 +1,74 @@
package pro.gravit.launcher.request.secure;
import pro.gravit.launcher.events.request.SecurityReportRequestEvent;
import pro.gravit.launcher.request.Request;
public final class SecurityReportRequest extends Request<SecurityReportRequestEvent> {
public final String reportType;
public final String smallData;
public final String largeData;
public final byte[] smallBytes;
public final byte[] largeBytes;
public SecurityReportRequest(String reportType, String smallData, String largeData, byte[] smallBytes, byte[] largeBytes) {
this.reportType = reportType;
this.smallData = smallData;
this.largeData = largeData;
this.smallBytes = smallBytes;
this.largeBytes = largeBytes;
}
public SecurityReportRequest(String reportType, String smallData, String largeData, byte[] smallBytes) {
this.reportType = reportType;
this.smallData = smallData;
this.largeData = largeData;
this.smallBytes = smallBytes;
this.largeBytes = null;
}
public SecurityReportRequest(String reportType, String smallData, String largeData) {
this.reportType = reportType;
this.smallData = smallData;
this.largeData = largeData;
this.smallBytes = null;
this.largeBytes = null;
}
public SecurityReportRequest(String reportType, String smallData, byte[] smallBytes) {
this.reportType = reportType;
this.smallData = smallData;
this.largeData = null;
this.smallBytes = smallBytes;
this.largeBytes = null;
}
public SecurityReportRequest(String reportType, byte[] smallBytes, byte[] largeBytes) {
this.reportType = reportType;
this.smallData = null;
this.largeData = null;
this.smallBytes = smallBytes;
this.largeBytes = largeBytes;
}
public SecurityReportRequest(String reportType, byte[] smallBytes) {
this.reportType = reportType;
this.smallData = null;
this.largeData = null;
this.smallBytes = smallBytes;
this.largeBytes = null;
}
public SecurityReportRequest(String reportType, String smallData) {
this.reportType = reportType;
this.smallData = smallData;
this.largeData = null;
this.smallBytes = null;
this.largeBytes = null;
}
public SecurityReportRequest(String reportType) {
this.reportType = reportType;
this.smallData = null;
this.largeData = null;
this.smallBytes = null;
this.largeBytes = null;
}
@Override
public String getType() {
return "securityReport";
}
}

View file

@ -109,6 +109,7 @@ public void registerResults() {
results.register("exit", ExitRequestEvent.class); results.register("exit", ExitRequestEvent.class);
results.register("getSecureLevelInfo", GetSecureLevelInfoRequestEvent.class); results.register("getSecureLevelInfo", GetSecureLevelInfoRequestEvent.class);
results.register("verifySecureLevelKey", VerifySecureLevelKeyRequestEvent.class); results.register("verifySecureLevelKey", VerifySecureLevelKeyRequestEvent.class);
results.register("securityReport", SecurityReportRequestEvent.class);
} }
public void waitIfNotConnected() { public void waitIfNotConnected() {