From d3751732b06dab6ec64f2d27f1e96f05b7d8a32e Mon Sep 17 00:00:00 2001 From: Gravita Date: Sun, 23 May 2021 03:22:04 +0700 Subject: [PATCH] [FEATURE] AuthCoreProvider: OAuth Support Part 2 --- .../auth/core/AuthCoreProvider.java | 2 +- .../auth/core/MySQLCoreProvider.java | 2 +- .../auth/core/RejectAuthCoreProvider.java | 2 +- .../launchserver/auth/core/UserSession.java | 7 ++++++ .../interfaces/provider/AuthSupportExit.java | 9 ++++++++ .../AuthSupportGetSessionsFromUser.java | 11 +++++++++ .../launchserver/manangers/AuthManager.java | 11 ++++++--- .../gravit/launchserver/socket/Client.java | 1 + .../socket/response/auth/AuthResponse.java | 11 +++++++-- .../response/auth/RestoreSessionResponse.java | 4 ++++ .../events/request/AuthRequestEvent.java | 23 +++++++++++++++++++ modules | 2 +- 12 files changed, 76 insertions(+), 9 deletions(-) create mode 100644 LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/UserSession.java create mode 100644 LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/interfaces/provider/AuthSupportExit.java create mode 100644 LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/interfaces/provider/AuthSupportGetSessionsFromUser.java diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AuthCoreProvider.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AuthCoreProvider.java index 2cb66f72..ba345985 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AuthCoreProvider.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/AuthCoreProvider.java @@ -42,7 +42,7 @@ public static void registerProviders() { } public abstract User getUserByUsername(String username); public abstract User getUserByUUID(UUID uuid); - public abstract User getUserByOAuthAccessToken(String accessToken) throws OAuthAccessTokenExpired; + public abstract UserSession getUserSessionByOAuthAccessToken(String accessToken) throws OAuthAccessTokenExpired; public abstract AuthManager.AuthReport refreshAccessToken(String refreshToken, AuthResponse.AuthContext context /* may be null */); public abstract void verifyAuth(AuthResponse.AuthContext context) throws AuthException; public abstract PasswordVerifyReport verifyPassword(User user, AuthRequest.AuthPasswordInterface password); diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/MySQLCoreProvider.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/MySQLCoreProvider.java index 5f838918..e9f11048 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/MySQLCoreProvider.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/MySQLCoreProvider.java @@ -59,7 +59,7 @@ public User getUserByUUID(UUID uuid) { } @Override - public User getUserByOAuthAccessToken(String accessToken) { + public UserSession getUserSessionByOAuthAccessToken(String accessToken) throws OAuthAccessTokenExpired { return null; } diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/RejectAuthCoreProvider.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/RejectAuthCoreProvider.java index bbe46169..6f211353 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/RejectAuthCoreProvider.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/RejectAuthCoreProvider.java @@ -21,7 +21,7 @@ public User getUserByUUID(UUID uuid) { } @Override - public User getUserByOAuthAccessToken(String accessToken) { + public UserSession getUserSessionByOAuthAccessToken(String accessToken) throws OAuthAccessTokenExpired { return null; } diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/UserSession.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/UserSession.java new file mode 100644 index 00000000..a59270b6 --- /dev/null +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/UserSession.java @@ -0,0 +1,7 @@ +package pro.gravit.launchserver.auth.core; + +public interface UserSession { + String getID(); + User getUser(); + long getExpireIn(); +} diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/interfaces/provider/AuthSupportExit.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/interfaces/provider/AuthSupportExit.java new file mode 100644 index 00000000..7d2544c1 --- /dev/null +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/interfaces/provider/AuthSupportExit.java @@ -0,0 +1,9 @@ +package pro.gravit.launchserver.auth.core.interfaces.provider; + +import pro.gravit.launchserver.auth.core.User; +import pro.gravit.launchserver.auth.core.UserSession; + +public interface AuthSupportExit { + boolean deleteSession(UserSession session); + boolean exitUser(User user); +} diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/interfaces/provider/AuthSupportGetSessionsFromUser.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/interfaces/provider/AuthSupportGetSessionsFromUser.java new file mode 100644 index 00000000..d50f2990 --- /dev/null +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/interfaces/provider/AuthSupportGetSessionsFromUser.java @@ -0,0 +1,11 @@ +package pro.gravit.launchserver.auth.core.interfaces.provider; + +import pro.gravit.launchserver.auth.core.User; +import pro.gravit.launchserver.auth.core.UserSession; + +import java.util.List; + +public interface AuthSupportGetSessionsFromUser { + List getSessionsByUser(User user); + void clearSessionsByUser(User user); +} diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/AuthManager.java b/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/AuthManager.java index e363bf2a..6a372ed9 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/AuthManager.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/AuthManager.java @@ -86,6 +86,10 @@ public static AuthReport ofOAuthWithMinecraft(String minecraftAccessToken, Strin public static AuthReport ofMinecraftAccessToken(String minecraftAccessToken) { return new AuthReport(minecraftAccessToken, null, null, 0); } + + public boolean isUsingOAuth() { + return oauthAccessToken != null || oauthRefreshToken != null; + } } /** @@ -127,7 +131,7 @@ private String authWithProviderAndHandler(AuthResponse.AuthContext context, Auth uuid = context.pair.handler.usernameToUUID(aresult.username); accessToken = null; } - internalAuth(context.client, context.authType, context.pair, username, uuid, aresult.permissions); + internalAuth(context.client, context.authType, context.pair, username, uuid, aresult.permissions, false); return accessToken; } @@ -149,7 +153,7 @@ private AuthReport authWithCore(AuthResponse.AuthContext context, AuthRequest.Au throw new AuthException("Internal Auth Error"); } context.client.coreObject = user; - internalAuth(context.client, context.authType, context.pair, user.getUsername(), uuid, user.getPermissions()); + internalAuth(context.client, context.authType, context.pair, user.getUsername(), uuid, user.getPermissions(), result.isUsingOAuth()); return result; } else { @@ -168,7 +172,7 @@ private AuthReport authWithCore(AuthResponse.AuthContext context, AuthRequest.Au /** * Writing authorization information to the Client object */ - public void internalAuth(Client client, AuthResponse.ConnectTypes authType, AuthProviderPair pair, String username, UUID uuid, ClientPermissions permissions) { + public void internalAuth(Client client, AuthResponse.ConnectTypes authType, AuthProviderPair pair, String username, UUID uuid, ClientPermissions permissions, boolean oauth) { client.isAuth = true; client.permissions = permissions; client.auth_id = pair.name; @@ -176,6 +180,7 @@ public void internalAuth(Client client, AuthResponse.ConnectTypes authType, Auth client.username = username; client.type = authType; client.uuid = uuid; + client.useOAuth = oauth; if(pair.isUseCore() && client.coreObject == null) { client.coreObject = pair.core.getUserByUUID(uuid); } diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/socket/Client.java b/LaunchServer/src/main/java/pro/gravit/launchserver/socket/Client.java index 6d052f94..9bcd6be5 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/socket/Client.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/socket/Client.java @@ -15,6 +15,7 @@ public class Client { public UUID session; + public boolean useOAuth; public String auth_id; public long timestamp; public AuthResponse.ConnectTypes type; diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/auth/AuthResponse.java b/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/auth/AuthResponse.java index afa5cabe..b28434d2 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/auth/AuthResponse.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/auth/AuthResponse.java @@ -12,6 +12,7 @@ import pro.gravit.launchserver.auth.provider.AuthProvider; import pro.gravit.launchserver.auth.provider.AuthProviderDAOResult; import pro.gravit.launchserver.auth.provider.AuthProviderResult; +import pro.gravit.launchserver.manangers.AuthManager; import pro.gravit.launchserver.socket.Client; import pro.gravit.launchserver.socket.response.SimpleResponse; import pro.gravit.launchserver.socket.response.profile.ProfileByUUIDResponse; @@ -59,15 +60,20 @@ public void execute(ChannelHandlerContext ctx, Client clientData) throws Excepti server.authManager.check(context); password = server.authManager.decryptPassword(password); server.authHookManager.preHook.hook(context, clientData); - result.accessToken = server.authManager.auth(context, password); + context.report = server.authManager.auth(context, password); server.authHookManager.postHook.hook(context, clientData); - if (getSession) { + if(context.report.isUsingOAuth()) { + result.oauth = new AuthRequestEvent.OAuthRequestEvent(context.report.oauthAccessToken, context.report.oauthRefreshToken, context.report.oauthExpire); + } else if (getSession) { if (clientData.session == null) { clientData.session = UUID.randomUUID(); //server.sessionManager.addClient(clientData); } result.session = clientData.session; } + if(context.report.minecraftAccessToken != null) { + result.accessToken = context.report.minecraftAccessToken; + } result.playerProfile = ProfileByUUIDResponse.getProfile(clientData.uuid, clientData.username, client, clientData.auth.textureProvider); sendResult(result); } catch (AuthException | HookException e) { @@ -89,6 +95,7 @@ public static class AuthContext { public final ConnectTypes authType; public final Client client; public final AuthProviderPair pair; + public AuthManager.AuthReport report; @Deprecated public int password_length; //Use AuthProvider for get password diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/auth/RestoreSessionResponse.java b/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/auth/RestoreSessionResponse.java index a31705bf..3b6274d0 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/auth/RestoreSessionResponse.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/auth/RestoreSessionResponse.java @@ -39,6 +39,10 @@ public void execute(ChannelHandlerContext ctx, Client client) throws Exception { sendError("Session invalid"); return; } + if(rClient[0].useOAuth) { + sendError("This session using OAuth. Session restoration not safety"); + return; + } WebSocketFrameHandler frameHandler = ctx.pipeline().get(WebSocketFrameHandler.class); frameHandler.setClient(rClient[0]); if (needUserInfo) { diff --git a/LauncherAPI/src/main/java/pro/gravit/launcher/events/request/AuthRequestEvent.java b/LauncherAPI/src/main/java/pro/gravit/launcher/events/request/AuthRequestEvent.java index b6f8e926..6c5ff6cb 100644 --- a/LauncherAPI/src/main/java/pro/gravit/launcher/events/request/AuthRequestEvent.java +++ b/LauncherAPI/src/main/java/pro/gravit/launcher/events/request/AuthRequestEvent.java @@ -23,6 +23,8 @@ public class AuthRequestEvent extends RequestEvent { public String protectToken; @LauncherNetworkAPI public UUID session; + @LauncherNetworkAPI + public OAuthRequestEvent oauth; public AuthRequestEvent() { } @@ -48,6 +50,27 @@ public AuthRequestEvent(ClientPermissions permissions, PlayerProfile playerProfi this.session = session; } + public AuthRequestEvent(ClientPermissions permissions, PlayerProfile playerProfile, String accessToken, String protectToken, UUID session, OAuthRequestEvent oauth) { + this.permissions = permissions; + this.playerProfile = playerProfile; + this.accessToken = accessToken; + this.protectToken = protectToken; + this.session = session; + this.oauth = oauth; + } + + public static class OAuthRequestEvent { + public final String accessToken; + public final String refreshToken; + public final long expire; + + public OAuthRequestEvent(String accessToken, String refreshToken, long expire) { + this.accessToken = accessToken; + this.refreshToken = refreshToken; + this.expire = expire; + } + } + @Override public String getType() { return "auth"; diff --git a/modules b/modules index 91fad5ac..7efafab8 160000 --- a/modules +++ b/modules @@ -1 +1 @@ -Subproject commit 91fad5ac1c650f1a8cd21486b455c666bf143d81 +Subproject commit 7efafab83a169da634a28b9f0aadb14f512c8f58