Merge pull request #459 from Kamilkime/main

Fix name change detection, allow FastLogin to respect AuthMe registration limits

bukkit/pom.xml

@@ -41,6 +41,10 @@
                             <pattern>com.google.gson</pattern>
                             <shadedPattern>fastlogin.gson</shadedPattern>
                         </relocation>
+                        <relocation>
+                            <pattern>io.papermc.lib</pattern>
+                            <shadedPattern>fastlogin.paperlib</shadedPattern>
+                        </relocation>
                     </relocations>
                 </configuration>
                 <executions>
@@ -56,14 +60,10 @@
     </build>
 
     <repositories>
-        <!-- Bukkit-Server-API -->
+        <!-- PaperSpigot API and PaperLib -->
         <repository>
-            <id>spigot-repo</id>
+            <id>papermc</id>
-            <url>https://hub.spigotmc.org/nexus/content/repositories/snapshots/</url>
+            <url>https://papermc.io/repo/repository/maven-public/</url>
-            <!-- Disable snapshot release policy to speed up, when finding a artifact -->
-            <releases>
-                <enabled>false</enabled>
-            </releases>
         </repository>
 
         <!-- ProtocolLib -->
@@ -108,14 +108,22 @@
             <version>${project.version}</version>
         </dependency>
 
-        <!--Server API-->
+        <!-- PaperSpigot API for correcting usercache usage -->
         <dependency>
-            <groupId>org.spigotmc</groupId>
+            <groupId>com.destroystokyo.paper</groupId>
-            <artifactId>spigot-api</artifactId>
+            <artifactId>paper-api</artifactId>
             <version>1.15.2-R0.1-SNAPSHOT</version>
             <scope>provided</scope>
         </dependency>
 
+        <!-- PaperLib for checking if server uses PaperSpigot -->
+        <dependency>
+            <groupId>io.papermc</groupId>
+            <artifactId>paperlib</artifactId>
+            <version>1.0.6</version>
+            <scope>compile</scope>
+        </dependency>
+
         <!--Library for listening and sending Minecraft packets-->
         <dependency>
             <groupId>com.comphenix.protocol</groupId>

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/FastLoginBukkit.java

@@ -3,6 +3,7 @@ package com.github.games647.fastlogin.bukkit;
 import com.github.games647.fastlogin.bukkit.command.CrackedCommand;
 import com.github.games647.fastlogin.bukkit.command.PremiumCommand;
 import com.github.games647.fastlogin.bukkit.listener.ConnectionListener;
+import com.github.games647.fastlogin.bukkit.listener.PaperPreLoginListener;
 import com.github.games647.fastlogin.bukkit.listener.protocollib.ProtocolLibListener;
 import com.github.games647.fastlogin.bukkit.listener.protocollib.SkinApplyListener;
 import com.github.games647.fastlogin.bukkit.listener.protocolsupport.ProtocolSupportListener;
@@ -11,6 +12,12 @@ import com.github.games647.fastlogin.core.CommonUtil;
 import com.github.games647.fastlogin.core.PremiumStatus;
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.PlatformPlugin;
+import io.papermc.lib.PaperLib;
+import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
+import org.bukkit.plugin.PluginManager;
+import org.bukkit.plugin.java.JavaPlugin;
+import org.slf4j.Logger;
 
 import java.net.InetSocketAddress;
 import java.nio.file.Path;
@@ -19,12 +26,6 @@ import java.util.UUID;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
 
-import org.bukkit.command.CommandSender;
-import org.bukkit.entity.Player;
-import org.bukkit.plugin.PluginManager;
-import org.bukkit.plugin.java.JavaPlugin;
-import org.slf4j.Logger;
-
 /**
  * This plugin checks if a player has a paid account and if so tries to skip offline mode authentication.
  */
@@ -75,7 +76,11 @@ public class FastLoginBukkit extends JavaPlugin implements PlatformPlugin<Comman
                 pluginManager.registerEvents(new ProtocolSupportListener(this, core.getRateLimiter()), this);
             } else if (pluginManager.isPluginEnabled("ProtocolLib")) {
                 ProtocolLibListener.register(this, core.getRateLimiter());
-                pluginManager.registerEvents(new SkinApplyListener(this), this);
+
+                //if server is using paper - we need to set the skin at pre login anyway, so no need for this listener
+                if (!PaperLib.isPaper() && getConfig().getBoolean("forwardSkin")) {
+                    pluginManager.registerEvents(new SkinApplyListener(this), this);
+                }
             } else {
                 logger.warn("Either ProtocolLib or ProtocolSupport have to be installed if you don't use BungeeCord");
             }
@@ -86,6 +91,11 @@ public class FastLoginBukkit extends JavaPlugin implements PlatformPlugin<Comman
 
         pluginManager.registerEvents(new ConnectionListener(this), this);
 
+        //if server is using paper - we need to add one more listener to correct the usercache usage
+        if (PaperLib.isPaper()) {
+            pluginManager.registerEvents(new PaperPreLoginListener(this), this);
+        }
+
         //register commands using a unique name
         getCommand("premium").setExecutor(new PremiumCommand(this));
         getCommand("cracked").setExecutor(new CrackedCommand(this));

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/AuthMeHook.java

@@ -3,15 +3,18 @@ package com.github.games647.fastlogin.bukkit.hook;
 import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
-
 import fr.xephi.authme.api.v3.AuthMeApi;
 import fr.xephi.authme.events.RestoreSessionEvent;
-
+import fr.xephi.authme.process.Management;
+import fr.xephi.authme.process.register.executors.ApiPasswordRegisterParams;
+import fr.xephi.authme.process.register.executors.RegistrationMethod;
 import org.bukkit.entity.Player;
 import org.bukkit.event.EventHandler;
 import org.bukkit.event.EventPriority;
 import org.bukkit.event.Listener;
 
+import java.lang.reflect.Field;
+
 /**
  * GitHub: https://github.com/Xephi/AuthMeReloaded/
  * <p>
@@ -25,8 +28,22 @@ public class AuthMeHook implements AuthPlugin<Player>, Listener {
 
     private final FastLoginBukkit plugin;
 
+    private final AuthMeApi authmeAPI;
+    private Management authmeManagement;
+
     public AuthMeHook(FastLoginBukkit plugin) {
         this.plugin = plugin;
+        this.authmeAPI = AuthMeApi.getInstance();
+
+        if (plugin.getConfig().getBoolean("respectIpLimit", false)) {
+            try {
+                Field managementField = this.authmeAPI.getClass().getDeclaredField("management");
+                managementField.setAccessible(true);
+                this.authmeManagement = (Management) managementField.get(this.authmeAPI);
+            } catch (NoSuchFieldException | IllegalAccessException exception) {
+                this.authmeManagement = null;
+            }
+        }
     }
 
     @EventHandler(priority = EventPriority.HIGHEST, ignoreCancelled = true)
@@ -41,25 +58,32 @@ public class AuthMeHook implements AuthPlugin<Player>, Listener {
 
     @Override
     public boolean forceLogin(Player player) {
-        if (AuthMeApi.getInstance().isAuthenticated(player)) {
+        if (authmeAPI.isAuthenticated(player)) {
             plugin.getLog().warn(ALREADY_AUTHENTICATED, player);
             return false;
         }
 
         //skips registration and login
-        AuthMeApi.getInstance().forceLogin(player);
+        authmeAPI.forceLogin(player);
         return true;
     }
 
     @Override
     public boolean isRegistered(String playerName) {
-        return AuthMeApi.getInstance().isRegistered(playerName);
+        return authmeAPI.isRegistered(playerName);
     }
 
     @Override
+    //this automatically login the player too
     public boolean forceRegister(Player player, String password) {
-        //this automatically login the player too
+        //if we have the management - we can trigger register with IP limit checks
-        AuthMeApi.getInstance().forceRegister(player, password);
+        if (authmeManagement != null) {
+            authmeManagement.performRegister(RegistrationMethod.PASSWORD_REGISTRATION,
+                    ApiPasswordRegisterParams.of(player, password, true));
+        } else {
+            authmeAPI.forceRegister(player, password);
+        }
+
         return true;
     }
 }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/PaperPreLoginListener.java

@@ -0,0 +1,41 @@
+package com.github.games647.fastlogin.bukkit.listener;
+
+import com.destroystokyo.paper.profile.ProfileProperty;
+import com.github.games647.craftapi.model.skin.Textures;
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import org.bukkit.event.EventHandler;
+import org.bukkit.event.EventPriority;
+import org.bukkit.event.Listener;
+import org.bukkit.event.player.AsyncPlayerPreLoginEvent;
+import org.bukkit.event.player.AsyncPlayerPreLoginEvent.Result;
+
+public class PaperPreLoginListener implements Listener {
+
+    private final FastLoginBukkit plugin;
+
+    public PaperPreLoginListener(final FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @EventHandler(priority = EventPriority.HIGHEST)
+    //if paper is used - player skin must be set at pre login, otherwise usercache is used
+    //using usercache makes premium name change basically impossible
+    public void onAsyncPlayerPreLogin(AsyncPlayerPreLoginEvent event) {
+        if (event.getLoginResult() != Result.ALLOWED) {
+            return;
+        }
+
+        // event gives us only IP, not the port, so we need to loop through all the sessions
+        for (BukkitLoginSession session : plugin.getLoginSessions().values()) {
+            if (!event.getName().equals(session.getUsername())) {
+                continue;
+            }
+
+            session.getSkin().ifPresent(skin -> event.getPlayerProfile().setProperty(new ProfileProperty(Textures.KEY,
+                    skin.getValue(), skin.getSignature())));
+            break;
+        }
+    }
+
+}

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/SkinApplyListener.java

@@ -9,9 +9,6 @@ import com.comphenix.protocol.wrappers.WrappedSignedProperty;
 import com.github.games647.craftapi.model.skin.Textures;
 import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
-
-import java.lang.reflect.InvocationTargetException;
-
 import org.bukkit.entity.Player;
 import org.bukkit.event.EventHandler;
 import org.bukkit.event.EventPriority;
@@ -19,6 +16,8 @@ import org.bukkit.event.Listener;
 import org.bukkit.event.player.PlayerLoginEvent;
 import org.bukkit.event.player.PlayerLoginEvent.Result;
 
+import java.lang.reflect.InvocationTargetException;
+
 public class SkinApplyListener implements Listener {
 
     private static final Class<?> GAME_PROFILE = MinecraftReflection.getGameProfileClass();
@@ -39,14 +38,12 @@ public class SkinApplyListener implements Listener {
 
         Player player = loginEvent.getPlayer();
 
-        if (plugin.getConfig().getBoolean("forwardSkin")) {
+        //go through every session, because player.getAddress is null
-            //go through every session, because player.getAddress is null
+        //loginEvent.getAddress is just a InetAddress not InetSocketAddress, so not unique enough
-            //loginEvent.getAddress is just a InetAddress not InetSocketAddress, so not unique enough
+        for (BukkitLoginSession session : plugin.getLoginSessions().values()) {
-            for (BukkitLoginSession session : plugin.getLoginSessions().values()) {
+            if (session.getUsername().equals(player.getName())) {
-                if (session.getUsername().equals(player.getName())) {
+                session.getSkin().ifPresent(skin -> applySkin(player, skin.getValue(), skin.getSignature()));
-                    session.getSkin().ifPresent(skin -> applySkin(player, skin.getValue(), skin.getSignature()));
+                break;
-                    break;
-                }
             }
         }
     }

core/src/main/resources/config.yml

@@ -36,6 +36,15 @@ anti-bot:
 # For more information: https://github.com/games647/FastLogin#why-do-players-have-to-invoke-a-command
 autoRegister: false
 
+# Should FastLogin respect per IP limit of registrations (e.g. in AuthMe)
+# Because most auth plugins do their stuff async - FastLogin will still think the player was registered
+# To work best - you also need to enable auto-register-unknown
+#
+# If set to true - FastLogin will always attempt to register the player, even if the limit is exceeded
+# It is up to the auth plugin to handle the excessive registration
+# https://github.com/games647/FastLogin/issues/458
+respectIpLimit: false
+
 # This is extra configuration option to the feature above. If we request a premium authentication from a player who
 # isn't actual premium but used a premium username, the player will disconnect with the reason "invalid session" or
 # "bad login".
@@ -127,6 +136,10 @@ nameChangeCheck: false
 # the skin data is included in the Auth-Verification-Response sent by Mojang. If you want to use for other
 # players like cracked player, you have to use other plugins.
 #
+# If you use PaperSpigot - FastLogin will always try to set the skin, even if forwardSkin is set to false
+# It is needed to allow premium name change to work correctly
+# https://github.com/games647/FastLogin/issues/457
+#
 # If you want to use skins for your cracked player, you need an additional plugin like
 # ChangeSkin, SkinRestorer, ...
 forwardSkin: true

core/src/main/resources/messages.yml

@@ -53,10 +53,10 @@ player-unknown: '&4Player not in the database'
 # The user skipped the authentication, because it was a premium player
 auto-login: '&2Auto logged in'
 
-# The user was auto registered on the first join. The user account will be registered to protect it from cracked players
+# FastLogin attempted to auto register user. The user account is registered to protect it from cracked players
+# If FastLogin is respecting auth plugin IP limit - the registration may have failed, however the message is still displayed
 # The password can be used if the mojang servers are down and you still want your premium users to login (PLANNED)
-auto-register: '&2Auto registered with password: %password
+auto-register: '&2Tried auto registering with password: &7%password&2. You may want change it?'
-You may want change it?'
 
 # GameProfile is not able to toggle the premium state of other players
 no-permission: '&4Not enough permissions'