mirror of
https://github.com/GravitLauncher/Launcher
synced 2024-11-15 11:39:11 +03:00
[FEATURE][EXPERIMENTAL] SecurityReport
This commit is contained in:
parent
8dddb08255
commit
c57cb90700
12 changed files with 174 additions and 49 deletions
|
@ -7,20 +7,6 @@
|
||||||
import pro.gravit.utils.helper.SecurityHelper;
|
import pro.gravit.utils.helper.SecurityHelper;
|
||||||
|
|
||||||
public class AdvancedProtectHandler extends ProtectHandler implements SecureProtectHandler {
|
public class AdvancedProtectHandler extends ProtectHandler implements SecureProtectHandler {
|
||||||
@Override
|
|
||||||
public String generateSecureToken(AuthResponse.AuthContext context) {
|
|
||||||
return SecurityHelper.randomStringToken();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public String generateClientSecureToken() {
|
|
||||||
return SecurityHelper.randomStringToken();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean verifyClientSecureToken(String token, String secureKey) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean allowGetAccessToken(AuthResponse.AuthContext context) {
|
public boolean allowGetAccessToken(AuthResponse.AuthContext context) {
|
||||||
|
|
|
@ -4,20 +4,6 @@
|
||||||
import pro.gravit.utils.helper.SecurityHelper;
|
import pro.gravit.utils.helper.SecurityHelper;
|
||||||
|
|
||||||
public class NoProtectHandler extends ProtectHandler {
|
public class NoProtectHandler extends ProtectHandler {
|
||||||
@Override
|
|
||||||
public String generateSecureToken(AuthResponse.AuthContext context) {
|
|
||||||
return SecurityHelper.randomStringToken();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public String generateClientSecureToken() {
|
|
||||||
return SecurityHelper.randomStringToken();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean verifyClientSecureToken(String token, String secureKey) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean allowGetAccessToken(AuthResponse.AuthContext context) {
|
public boolean allowGetAccessToken(AuthResponse.AuthContext context) {
|
||||||
|
|
|
@ -17,12 +17,6 @@ public static void registerHandlers() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public abstract String generateSecureToken(AuthResponse.AuthContext context); //Генерация токена для передачи его в LauncherGuardInterface
|
|
||||||
|
|
||||||
public abstract String generateClientSecureToken();
|
|
||||||
|
|
||||||
public abstract boolean verifyClientSecureToken(String token, String secureKey);
|
|
||||||
|
|
||||||
public abstract boolean allowGetAccessToken(AuthResponse.AuthContext context);
|
public abstract boolean allowGetAccessToken(AuthResponse.AuthContext context);
|
||||||
|
|
||||||
public abstract void checkLaunchServerLicense(); //Выдает SecurityException при ошибке проверки лицензии
|
public abstract void checkLaunchServerLicense(); //Выдает SecurityException при ошибке проверки лицензии
|
||||||
|
|
|
@ -6,21 +6,6 @@
|
||||||
public class StdProtectHandler extends ProtectHandler {
|
public class StdProtectHandler extends ProtectHandler {
|
||||||
public final boolean checkSecure = true;
|
public final boolean checkSecure = true;
|
||||||
|
|
||||||
@Override
|
|
||||||
public String generateSecureToken(AuthResponse.AuthContext context) {
|
|
||||||
return SecurityHelper.randomStringToken();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public String generateClientSecureToken() {
|
|
||||||
return SecurityHelper.randomStringToken();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean verifyClientSecureToken(String token, String secureKey) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean allowGetAccessToken(AuthResponse.AuthContext context) {
|
public boolean allowGetAccessToken(AuthResponse.AuthContext context) {
|
||||||
return (context.authType == AuthResponse.ConnectTypes.CLIENT) && (!checkSecure || context.client.isSecure);
|
return (context.authType == AuthResponse.ConnectTypes.CLIENT) && (!checkSecure || context.client.isSecure);
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
package pro.gravit.launchserver.auth.protect.interfaces;
|
package pro.gravit.launchserver.auth.protect.interfaces;
|
||||||
|
|
||||||
import pro.gravit.launcher.events.request.GetSecureLevelInfoRequestEvent;
|
import pro.gravit.launcher.events.request.GetSecureLevelInfoRequestEvent;
|
||||||
|
import pro.gravit.launcher.events.request.SecurityReportRequestEvent;
|
||||||
import pro.gravit.launchserver.socket.Client;
|
import pro.gravit.launchserver.socket.Client;
|
||||||
|
import pro.gravit.launchserver.socket.response.secure.SecurityReportResponse;
|
||||||
import pro.gravit.utils.helper.SecurityHelper;
|
import pro.gravit.utils.helper.SecurityHelper;
|
||||||
|
|
||||||
import java.security.SignatureException;
|
import java.security.SignatureException;
|
||||||
|
@ -20,4 +22,8 @@ default void verifySecureLevelKey(byte[] publicKey, byte[] signature) throws Inv
|
||||||
}
|
}
|
||||||
GetSecureLevelInfoRequestEvent onGetSecureLevelInfo(GetSecureLevelInfoRequestEvent event);
|
GetSecureLevelInfoRequestEvent onGetSecureLevelInfo(GetSecureLevelInfoRequestEvent event);
|
||||||
boolean allowGetSecureLevelInfo(Client client);
|
boolean allowGetSecureLevelInfo(Client client);
|
||||||
|
default SecurityReportRequestEvent onSecurityReport(SecurityReportResponse report, Client client)
|
||||||
|
{
|
||||||
|
return new SecurityReportRequestEvent();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
package pro.gravit.launchserver.modules.events.security;
|
||||||
|
|
||||||
|
import pro.gravit.launcher.events.request.SecurityReportRequestEvent;
|
||||||
|
import pro.gravit.launcher.modules.LauncherModule;
|
||||||
|
import pro.gravit.launchserver.socket.Client;
|
||||||
|
import pro.gravit.launchserver.socket.response.secure.SecurityReportResponse;
|
||||||
|
|
||||||
|
public class SecurityReportModuleEvent extends LauncherModule.Event {
|
||||||
|
public final SecurityReportRequestEvent event;
|
||||||
|
public final SecurityReportResponse response;
|
||||||
|
public final Client client;
|
||||||
|
|
||||||
|
public SecurityReportModuleEvent(SecurityReportRequestEvent event, SecurityReportResponse response, Client client) {
|
||||||
|
this.event = event;
|
||||||
|
this.response = response;
|
||||||
|
this.client = client;
|
||||||
|
}
|
||||||
|
}
|
|
@ -19,4 +19,9 @@ public void init(LauncherInitContext initContext) {
|
||||||
public void testEvent(InitPhase event) {
|
public void testEvent(InitPhase event) {
|
||||||
//LogHelper.debug("[LaunchServerCore] Event LaunchServerInitPhase passed");
|
//LogHelper.debug("[LaunchServerCore] Event LaunchServerInitPhase passed");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public <T extends Event> boolean registerEvent(EventHandler<T> handle, Class<T> tClass) {
|
||||||
|
return super.registerEvent(handle, tClass);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -22,6 +22,7 @@
|
||||||
import pro.gravit.launchserver.socket.response.profile.ProfileByUUIDResponse;
|
import pro.gravit.launchserver.socket.response.profile.ProfileByUUIDResponse;
|
||||||
import pro.gravit.launchserver.socket.response.profile.ProfileByUsername;
|
import pro.gravit.launchserver.socket.response.profile.ProfileByUsername;
|
||||||
import pro.gravit.launchserver.socket.response.secure.GetSecureLevelInfoResponse;
|
import pro.gravit.launchserver.socket.response.secure.GetSecureLevelInfoResponse;
|
||||||
|
import pro.gravit.launchserver.socket.response.secure.SecurityReportResponse;
|
||||||
import pro.gravit.launchserver.socket.response.secure.VerifySecureLevelKeyResponse;
|
import pro.gravit.launchserver.socket.response.secure.VerifySecureLevelKeyResponse;
|
||||||
import pro.gravit.launchserver.socket.response.update.LauncherResponse;
|
import pro.gravit.launchserver.socket.response.update.LauncherResponse;
|
||||||
import pro.gravit.launchserver.socket.response.update.UpdateListResponse;
|
import pro.gravit.launchserver.socket.response.update.UpdateListResponse;
|
||||||
|
@ -129,6 +130,7 @@ public static void registerResponses() {
|
||||||
providers.register("exit", ExitResponse.class);
|
providers.register("exit", ExitResponse.class);
|
||||||
providers.register("getSecureLevelInfo", GetSecureLevelInfoResponse.class);
|
providers.register("getSecureLevelInfo", GetSecureLevelInfoResponse.class);
|
||||||
providers.register("verifySecureLevelKey", VerifySecureLevelKeyResponse.class);
|
providers.register("verifySecureLevelKey", VerifySecureLevelKeyResponse.class);
|
||||||
|
providers.register("securityReport", SecurityReportResponse.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
public void sendObject(ChannelHandlerContext ctx, Object obj) {
|
public void sendObject(ChannelHandlerContext ctx, Object obj) {
|
||||||
|
|
|
@ -0,0 +1,32 @@
|
||||||
|
package pro.gravit.launchserver.socket.response.secure;
|
||||||
|
|
||||||
|
import io.netty.channel.ChannelHandlerContext;
|
||||||
|
import pro.gravit.launcher.events.request.SecurityReportRequestEvent;
|
||||||
|
import pro.gravit.launchserver.auth.protect.interfaces.SecureProtectHandler;
|
||||||
|
import pro.gravit.launchserver.modules.events.security.SecurityReportModuleEvent;
|
||||||
|
import pro.gravit.launchserver.socket.Client;
|
||||||
|
import pro.gravit.launchserver.socket.response.SimpleResponse;
|
||||||
|
|
||||||
|
public class SecurityReportResponse extends SimpleResponse {
|
||||||
|
public String reportType;
|
||||||
|
public String smallData;
|
||||||
|
public String largeData;
|
||||||
|
public byte[] smallBytes;
|
||||||
|
public byte[] largeBytes;
|
||||||
|
@Override
|
||||||
|
public String getType() {
|
||||||
|
return "securityReport";
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void execute(ChannelHandlerContext ctx, Client client) throws Exception {
|
||||||
|
if(!(server.config.protectHandler instanceof SecureProtectHandler))
|
||||||
|
{
|
||||||
|
sendError("Method not allowed");
|
||||||
|
}
|
||||||
|
SecureProtectHandler secureProtectHandler = (SecureProtectHandler) server.config.protectHandler;
|
||||||
|
SecurityReportRequestEvent event = secureProtectHandler.onSecurityReport(this, client);
|
||||||
|
server.modulesManager.invokeEvent(new SecurityReportModuleEvent(event, this, client));
|
||||||
|
sendResult(event);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,36 @@
|
||||||
|
package pro.gravit.launcher.events.request;
|
||||||
|
|
||||||
|
import pro.gravit.launcher.events.RequestEvent;
|
||||||
|
|
||||||
|
public class SecurityReportRequestEvent extends RequestEvent {
|
||||||
|
public SecurityReportRequestEvent(ReportAction action) {
|
||||||
|
this.action = action;
|
||||||
|
this.otherAction = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public SecurityReportRequestEvent(String otherAction) {
|
||||||
|
this.action = ReportAction.OTHER;
|
||||||
|
this.otherAction = otherAction;
|
||||||
|
}
|
||||||
|
|
||||||
|
public SecurityReportRequestEvent() {
|
||||||
|
this.action = ReportAction.NONE;
|
||||||
|
this.otherAction = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public enum ReportAction
|
||||||
|
{
|
||||||
|
NONE,
|
||||||
|
LOGOUT,
|
||||||
|
EXIT,
|
||||||
|
CRASH,
|
||||||
|
OTHER
|
||||||
|
}
|
||||||
|
public final ReportAction action;
|
||||||
|
public final String otherAction;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getType() {
|
||||||
|
return "securityReport";
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,74 @@
|
||||||
|
package pro.gravit.launcher.request.secure;
|
||||||
|
|
||||||
|
import pro.gravit.launcher.events.request.SecurityReportRequestEvent;
|
||||||
|
import pro.gravit.launcher.request.Request;
|
||||||
|
|
||||||
|
public final class SecurityReportRequest extends Request<SecurityReportRequestEvent> {
|
||||||
|
public final String reportType;
|
||||||
|
public final String smallData;
|
||||||
|
public final String largeData;
|
||||||
|
public final byte[] smallBytes;
|
||||||
|
public final byte[] largeBytes;
|
||||||
|
|
||||||
|
public SecurityReportRequest(String reportType, String smallData, String largeData, byte[] smallBytes, byte[] largeBytes) {
|
||||||
|
this.reportType = reportType;
|
||||||
|
this.smallData = smallData;
|
||||||
|
this.largeData = largeData;
|
||||||
|
this.smallBytes = smallBytes;
|
||||||
|
this.largeBytes = largeBytes;
|
||||||
|
}
|
||||||
|
public SecurityReportRequest(String reportType, String smallData, String largeData, byte[] smallBytes) {
|
||||||
|
this.reportType = reportType;
|
||||||
|
this.smallData = smallData;
|
||||||
|
this.largeData = largeData;
|
||||||
|
this.smallBytes = smallBytes;
|
||||||
|
this.largeBytes = null;
|
||||||
|
}
|
||||||
|
public SecurityReportRequest(String reportType, String smallData, String largeData) {
|
||||||
|
this.reportType = reportType;
|
||||||
|
this.smallData = smallData;
|
||||||
|
this.largeData = largeData;
|
||||||
|
this.smallBytes = null;
|
||||||
|
this.largeBytes = null;
|
||||||
|
}
|
||||||
|
public SecurityReportRequest(String reportType, String smallData, byte[] smallBytes) {
|
||||||
|
this.reportType = reportType;
|
||||||
|
this.smallData = smallData;
|
||||||
|
this.largeData = null;
|
||||||
|
this.smallBytes = smallBytes;
|
||||||
|
this.largeBytes = null;
|
||||||
|
}
|
||||||
|
public SecurityReportRequest(String reportType, byte[] smallBytes, byte[] largeBytes) {
|
||||||
|
this.reportType = reportType;
|
||||||
|
this.smallData = null;
|
||||||
|
this.largeData = null;
|
||||||
|
this.smallBytes = smallBytes;
|
||||||
|
this.largeBytes = largeBytes;
|
||||||
|
}
|
||||||
|
public SecurityReportRequest(String reportType, byte[] smallBytes) {
|
||||||
|
this.reportType = reportType;
|
||||||
|
this.smallData = null;
|
||||||
|
this.largeData = null;
|
||||||
|
this.smallBytes = smallBytes;
|
||||||
|
this.largeBytes = null;
|
||||||
|
}
|
||||||
|
public SecurityReportRequest(String reportType, String smallData) {
|
||||||
|
this.reportType = reportType;
|
||||||
|
this.smallData = smallData;
|
||||||
|
this.largeData = null;
|
||||||
|
this.smallBytes = null;
|
||||||
|
this.largeBytes = null;
|
||||||
|
}
|
||||||
|
public SecurityReportRequest(String reportType) {
|
||||||
|
this.reportType = reportType;
|
||||||
|
this.smallData = null;
|
||||||
|
this.largeData = null;
|
||||||
|
this.smallBytes = null;
|
||||||
|
this.largeBytes = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getType() {
|
||||||
|
return "securityReport";
|
||||||
|
}
|
||||||
|
}
|
|
@ -109,6 +109,7 @@ public void registerResults() {
|
||||||
results.register("exit", ExitRequestEvent.class);
|
results.register("exit", ExitRequestEvent.class);
|
||||||
results.register("getSecureLevelInfo", GetSecureLevelInfoRequestEvent.class);
|
results.register("getSecureLevelInfo", GetSecureLevelInfoRequestEvent.class);
|
||||||
results.register("verifySecureLevelKey", VerifySecureLevelKeyRequestEvent.class);
|
results.register("verifySecureLevelKey", VerifySecureLevelKeyRequestEvent.class);
|
||||||
|
results.register("securityReport", SecurityReportRequestEvent.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
public void waitIfNotConnected() {
|
public void waitIfNotConnected() {
|
||||||
|
|
Loading…
Reference in a new issue