Bump actions/setup-java from 4 to 5

Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4 to 5.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/ISSUE_TEMPLATE/bug_report.yaml

@@ -1,6 +1,6 @@
 name: 🐞 Bug Report
 description: Something isn't working, broken, not expected behavior
-labels: [bug]
+labels: [ bug ]
 body:
   - type: markdown
     attributes:
@@ -12,10 +12,6 @@ body:
       description: What behavior is observed?
     validations:
       required: true
-  - type: textarea
-    attributes:
-      label: What did you expect?
-      description: What behavior is expected?
   - type: textarea
     attributes:
       label: Steps to reproduce
@@ -36,7 +32,7 @@ body:
     attributes:
       label: Server log
       description: The error, stacktrace or link the complete log. You can use the links above for long versions.
-      placeholder: https://hastebin.com/ / https://gist.github.com/
+      placeholder: https://www.toptal.com/developers/hastebin / https://gist.github.com/
   - type: input
     attributes:
       label: Plugin version
@@ -59,9 +55,11 @@ body:
       label: Relevance
       description: Check list for previous tickets
       options:
-        - label: I tried the latest build (build refers to development builds not necessary a release version)
+        - label: |
+            I tried the [latest build](https://ci.codemc.io/job/Games647/job/FastLogin/) 
+            (build refers to development builds not necessary a release version; i.e. v1.10 is out of date)
           required: true
         - label: |
             I checked for existing tickets -
-            If there are, please vote them with a thumps reaction and not create new ones
+            If there are, please vote them with a thumbs reaction and not create new ones
           required: true

.github/ISSUE_TEMPLATE/enhancement_request.md

@@ -1,25 +0,0 @@
----
-name: 💡 Enhancement request
-about: New feature or change request
-title: ''
-labels: 'enhancement'
-assignees: ''
-
----
-
-[//]: # (Lines in this format are considered as comments and will not be displayed.)
-[//]: # (Before reporting make sure you're running the **latest build** of the plugin and checked for existing issues!)
-
-[//]: # (This ticket is about suggestions for a feature or particular enhancement)
-
-### Is your feature request related to a problem? Please describe.
-[//]: # (A clear and concise description of what the problem is. Ex. I'm always frustrated when [...])
-
-### Describe the solution you'd like
-[//]: # (A clear and concise description of what you want to happen.)
-
-### Describe alternatives you've considered
-[//]: # (A clear and concise description of any alternative solutions or features you've considered.)
-
-### Additional context
-[//]: # (Add any other context or screenshots about the feature request here.)

.github/ISSUE_TEMPLATE/enhancement_request.yaml

@@ -0,0 +1,43 @@
+name: 💡 Enhancement request
+description: New feature or change request
+labels: [ enhancement ]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        This ticket is about suggestions for a feature or particular enhancement. 
+        Feedback about this form is appreciated.
+  - type: textarea
+    attributes:
+      label: Is your feature request related to a problem? Please describe.
+      description: A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Describe the solution you'd like
+      description: A clear and concise description of what you want to happen.
+  - type: textarea
+    attributes:
+      label: Describe alternatives you've considered
+      description: A clear and concise description of any alternative solutions or features you've considered.
+  - type: dropdown
+    attributes:
+      label: Platform
+      description: Server software - choose your proxy software if you have multiple servers
+      options:
+        - Spigot
+        - BungeeCord
+        - Velocity
+        - All / Shared
+    validations:
+      required: true
+  - type: checkboxes
+    attributes:
+      label: Relevance
+      description: Check list for previous tickets
+      options:
+        - label: |
+            I checked for existing tickets -
+            If there are, please vote them with a thumbs reaction and not create new ones
+          required: true

.github/dependabot.yml

@@ -10,7 +10,23 @@ updates:
       interval: "monthly"
 
   # Maven project
-  - package-ecosystem: maven
+  - package-ecosystem: "maven"
     directory: "/"
     schedule:
-      interval: weekly
+      interval: "monthly"
+
+    groups:
+      production-dependencies:
+        dependency-type: "production"
+      development-dependencies:
+        dependency-type: "development"
+        exclude-patterns:
+          # Create single PR for these
+          # Plugin require special evaluation about their compatibility
+          - "com.lenis0012.bukkit:loginsecurity"
+          - "com.comphenix.protocol:ProtocolLib"
+
+    ignore:
+      # HikariCP dropped Java 8 support with 5.0
+      - dependency-name: "com.zaxxer:HikariCP"
+        update-types: ["version-update:semver-major"]

.github/pull_request_template.md

@@ -1,8 +1,11 @@
 [//]: # (Lines in this format are considered as comments and will not be displayed.)
+
 [//]: # (If your work is in progress, please consider making a draft pull request.)
 
 ### Summary of your change
+
 [//]: # (Example: motivation, enhancement)
 
 ### Related issue
+
 [//]: # (Reference it using '#NUMBER'. Ex: Fixes/Related #...)

.github/release.yml

@@ -0,0 +1,25 @@
+# Configure how the release notes are generated for GitHub releases
+
+changelog:
+  # List of authors (like bots) and labels to exclude from pull requests
+  exclude:
+    labels:
+      - ignore-for-release
+  categories:
+    - title: 🛠 Breaking Changes 
+      labels:
+        - Semver-Major
+        - breaking-change
+    - title: 🎉 Exciting New Features 
+      labels:
+        - Semver-Minor
+        - enhancement
+    - title: 🐞 Bugfixes
+      labels:
+        - bug
+    - title: 👒 Dependencies
+      labels:
+        - dependencies
+    - title: Other Changes
+      labels:
+        - "*"

.github/workflows/codeql-analysis.yml

@@ -4,63 +4,61 @@
 name: "CodeQL"
 
 on:
-    # Scan only for push on the primary branch for now
-    push:
-        branches: [ main ]
-    pull_request:
-        branches: [ main ]
+  workflow_run:
+    workflows: ["Maven Build"]
+    branches: [main]
+    types:
+      - completed
 
 jobs:
-    # job i
-    analyze:
+  # job i
+  analyze:
 
-        # Display name
-        name: Analyze
+    # Display name
+    name: Analyze
 
-        # Environment
-        runs-on: ubuntu-latest
+    # Environment
+    runs-on: ubuntu-latest
 
-        permissions:
-            actions: read
-            contents: read
-            security-events: write
+    timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
 
-        strategy:
-            fail-fast: false
-            matrix:
-                # Languages to scan
-                language: [ 'java' ]
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
 
-        steps:
-            -   name: Checkout repository
-                uses: actions/checkout@v3
+    permissions:
+      # Only allow write for security, then all others default to read only
+      security-events: write
 
-            # Setup Java
-            -   name: Set up JDK
-                uses: actions/setup-java@v3
-                with:
-                    distribution: 'temurin'
-                    java-version: 18
-                    cache: 'maven'
+    strategy:
+      fail-fast: true
+      matrix:
+        # Languages to scan
+        language: [ 'java' ]
 
-            # Initializes the CodeQL tools for scanning.
-            -   name: Initialize CodeQL
-                uses: github/codeql-action/init@v2
-                with:
-                    languages: ${{ matrix.language }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
 
-            # Cache build process too like in the maven config
-            -   uses: actions/cache@v3.0.4
-                with:
-                    path: ~/.m2/repository
-                    key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
-                    restore-keys: |
-                        ${{ runner.os }}-maven-
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
 
-            # Auto build attempts to build any compiled languages  (C/C++, C#, or Java).
-            # If this step fails, then you should remove it and run the build manually (see below)
-            -   name: Autobuild
-                uses: github/codeql-action/autobuild@v2
+      # Setup Java
+      - name: Set up JDK
+        uses: actions/setup-java@v5
+        with:
+          distribution: 'temurin'
+          java-version-file: '.java-version'
+          cache: 'maven'
 
-            -   name: Perform CodeQL Analysis
-                uses: github/codeql-action/analyze@v2
+      # Manually start the autobuild process, because autobuild always selects Java 8 as build toolchain, but
+      # we are doing cross-crompiling from a newer Java version
+      - name: Build with Maven
+        # Extracted from autobuild
+        run: mvn package -f "pom.xml" --batch-mode -V -e -Dfindbugs.skip -Dcheckstyle.skip -Dpmd.skip=true -Dspotbugs.skip -Denforcer.skip -Dmaven.javadoc.skip -DskipTests -Dmaven.test.skip.exec -Dlicense.skip=true -Drat.skip=true -Dspotless.check.skip=true -t /home/runner/.m2/toolchains.xml
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{matrix.language}}"

.github/workflows/maven.yml

@@ -2,41 +2,66 @@
 # including making pull requests review easier
 
 # Human-readable name in the actions tab
-name: Java CI
+name: Maven Build
 
 # Build on every pull request regardless of the branch
 # Wiki: https://help.github.com/en/actions/reference/events-that-trigger-workflows
 on:
-    push:
-        branches:
-            - main
-    pull_request:
-        branches:
-            - main
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
 
 jobs:
-    # job id
-    build_and_test:
+  # job id
+  build_and_test:
 
-        # Environment image - always use the newest OS
-        runs-on: ubuntu-latest
+    # Environment image - always use the newest OS
+    runs-on: ubuntu-latest
+    permissions:
+      # With at least one permission given, all default to read
+      contents: read
 
-        # Run steps
-        steps:
-            # Pull changes
-            -   uses: actions/checkout@v3
+    # Run steps
+    steps:
+      # Pull changes
+      - uses: actions/checkout@v4
 
-            # Setup Java
-            -   name: Set up JDK
-                uses: actions/setup-java@v3
-                with:
-                    distribution: 'temurin'
-                    java-version: 18
-                    cache: 'maven'
+      # Setup Java
+      - name: Set up JDK
+        uses: actions/setup-java@v5
+        with:
+          distribution: 'temurin'
+          java-version-file: '.java-version'
+          cache: 'maven'
 
-            # Build and test (included in package)
-            -   name: Build with Maven and test
-                # Run non-interactive, package (with compile+test),
-                # ignore snapshot updates, because they are likely to have breaking changes, enforce checksums to validate
-                # possible errors in dependencies
-                run: mvn test --batch-mode --threads 2.0C --no-snapshot-updates --strict-checksums --file pom.xml
+      # Build and test (included in package)
+      - name: Build with Maven and test
+        # Run non-interactive, package (with compile+test),
+        # ignore snapshot updates, because they are likely to have breaking changes, enforce checksums
+        run: mvn test --batch-mode --threads 2.0C --no-snapshot-updates --strict-checksums --file pom.xml
+
+  dependency:
+    runs-on: ubuntu-latest
+    permissions:
+      # Write only necessary for dependency submission all others then default to read
+      contents: write
+
+    # Run steps
+    steps:
+      # Pull changes
+      - uses: actions/checkout@v4
+
+      # Setup Java
+      - name: Set up JDK
+        uses: actions/setup-java@v5
+        with:
+          distribution: 'temurin'
+          java-version-file: '.java-version'
+          cache: 'maven'
+
+      - name: Submit Dependency Snapshot
+        if: ${{ github.event_name == 'push' }}
+        uses: advanced-security/maven-dependency-submission-action@v5.0.0

.java-version

@@ -0,0 +1,2 @@
+# Latest GitHub Action java release that is installed on the runners
+21

LICENSE

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2015-2022 games647 and contributors
+Copyright (c) 2015-2024 games647 and contributors
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -19,4 +19,3 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
-

README.md

@@ -1,5 +1,7 @@
 # FastLogin
 
+![A shield-shaped emblem with a bold lightning bolt on the left, resembling Minecraft blocks. To the right, "FastLogin" is written in teal, with the tagline: "Automatically detect and login premium Minecraft players"](https://github.com/user-attachments/assets/0788ef69-029b-465e-83a2-b8e7bccc6295 "FastLogin project logo.avif")
+
 Checks if a Minecraft player has a paid account (premium). If so, they can skip offline authentication (auth plugins).
 So they don't need to enter passwords. This is also called auto login (auto-login).
 
@@ -8,14 +10,11 @@ So they don't need to enter passwords. This is also called auto login (auto-logi
 * Detect paid accounts from others
 * Automatically login paid accounts (premium)
 * Support various of auth plugins
-* Cauldron support
-* Forge/Sponge message support
 * Premium UUID support
 * Forward skins
 * Detect username changed and will update the existing database record
-* BungeeCord support
+* BungeeCord/Velocity support
 * Auto register new premium players
-* Plugin: ProtocolSupport is supported and can be used as an alternative to ProtocolLib
 * No client modifications needed
 * Good performance by using async operations
 * Locale messages
@@ -33,7 +32,11 @@ Development builds contain the latest changes from the Source-Code. They are ble
 but also include features, enhancements and bug fixes that are not yet in a released version. If you click on the left
 side on `Changes`, you can see iterative change sets leading to a specific build.
 
-You can download them from here: https://ci.codemc.org/job/Games647/job/FastLogin/
+~~You can download them from here: [CodeMC(Jenkins)](https://ci.codemc.org/job/Games647/job/FastLogin/)~~
+
+Currently broken due changed usernames. Download it from [here](https://github.com/TuxCoding/FastLogin/releases)
+
+
 
 ***
 
@@ -46,6 +49,7 @@ You can download them from here: https://ci.codemc.org/job/Games647/job/FastLogi
 
     fastlogin.bukkit.command.premium
     fastlogin.bukkit.command.cracked
+
     fastlogin.command.premium.other
     fastlogin.command.cracked.other
 
@@ -60,13 +64,15 @@ Possible values: `Premium`, `Cracked`, `Unknown`
 
 ## Requirements
 
-* Java 17+
+* Java: 21+ recommended for improved multi-threading code by FastLogin
+  * Spigot: 8+
+  * BungeeCord and Velocity: 17+
 * Server software in offlinemode:
   * Spigot (or a fork e.g. Paper) 1.8.8+
     * Protocol plugin:
-      * [ProtocolLib 5.0+](https://www.spigotmc.org/resources/protocollib.1997/) or
+      * [ProtocolLib 5.3+ with development build above 720](https://www.spigotmc.org/resources/protocollib.1997/) or
       * [ProtocolSupport](https://www.spigotmc.org/resources/protocolsupport.7201/)
-  * Latest BungeeCord (or a fork e.g. Waterfall)
+  * Latest BungeeCord (or a fork e.g. Waterfall) or Velocity proxy
 * An auth plugin.
 
 ### Supported auth plugins
@@ -85,7 +91,6 @@ Possible values: `Premium`, `Cracked`, `Unknown`
 #### BungeeCord/Waterfall
 
 * [BungeeAuth](https://www.spigotmc.org/resources/bungeeauth.493/)
-* [BungeeAuthenticator](https://www.spigotmc.org/resources/bungeecordauthenticator.87669/)
 
 ## Network requests
 
@@ -101,8 +106,8 @@ This plugin performs network requests to:
 ### Spigot/Paper
 
 1. Download and install ProtocolLib/ProtocolSupport
-2. Download and install FastLogin (or `FastLoginBukkit` for newer versions)
-3. Set your server in offline mode by setting the value `onlinemode` in your server.properties to false
+2. Download and install `FastLoginBukkit`
+3. Set your server in offline mode by setting the value `onlinemode` in your server.properties to `false`
 
 ### BungeeCord/Waterfall or Velocity
 
@@ -112,13 +117,13 @@ Install the plugin on both platforms, that is proxy (BungeeCord or Velocity) and
    * This is often found in `spigot.yml` or `paper.yml`
 2. Restart the backend server
 3. Now there is `allowed-proxies.txt` file in the FastLogin folder of the restarted server
-    * BungeeCord: Put your `stats-id` from the BungeeCord config into this file
+    * BungeeCord: Put your `stats`-id from the BungeeCord config into this file
     * Velocity: On plugin startup the plugin generates a `proxyId.txt` inside the plugins folder of the proxy
 4. Activate ip forwarding in your proxy config
 5. Check your database settings in the config of FastLogin on your proxy
     * The proxies only ship with a limited set of drivers where Spigot supports more. Therefore, these are supported:
-    * BungeeCord: `com.mysql.jdbc.Driver` for MySQL/MariaDB
-    * Velocity: `fastlogin.mariadb.jdbc.Driver` for MySQL/MariaDB
+    * BungeeCord: `mysql` for MySQL/MariaDB
+    * Velocity: `mariadb` for MySQL/MariaDB
     * Note the embedded file storage SQLite is not available
     * MySQL/MariaDB requires an external database server running. Check your server provider if there is one available
    or install one.

bukkit/pom.xml

@@ -4,7 +4,7 @@
 
     The MIT License (MIT)
 
-    Copyright (c) 2015-2022 games647 and contributors
+    Copyright (c) 2015-2024 games647 and contributors
 
     Permission is hereby granted, free of charge, to any person obtaining a copy
     of this software and associated documentation files (the "Software"), to deal
@@ -25,12 +25,12 @@
     SOFTWARE.
 
 -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
     <properties>
-        <nettyVersion>4.1.77.Final</nettyVersion>
+        <maven.compiler.release>8</maven.compiler.release>
     </properties>
 
     <parent>
@@ -50,11 +50,15 @@
         <plugins>
             <plugin>
                 <artifactId>maven-shade-plugin</artifactId>
-                <version>3.3.0</version>
+                <version>3.6.0</version>
                 <configuration>
                     <createDependencyReducedPom>false</createDependencyReducedPom>
                     <shadedArtifactAttached>false</shadedArtifactAttached>
                     <relocations>
+                        <relocation>
+                            <pattern>org.yaml.snakeyaml</pattern>
+                            <shadedPattern>fastlogin.yaml</shadedPattern>
+                        </relocation>
                         <relocation>
                             <pattern>com.zaxxer.hikari</pattern>
                             <shadedPattern>fastlogin.hikari</shadedPattern>
@@ -86,14 +90,14 @@
                     <!-- Rename the service file too to let SLF4J api find our own relocated jdk logger -->
                     <!-- Located in META-INF/services -->
                     <transformers>
-                        <transformer implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer"/>
+                        <transformer
+                                implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer"/>
                     </transformers>
                     <minimizeJar>true</minimizeJar>
                     <filters>
                         <filter>
                             <artifact>*:*</artifact>
                             <excludes>
-                                <exclude>META-INF/MANIFEST.MF</exclude>
                                 <exclude>**/module-info.class</exclude>
                             </excludes>
                         </filter>
@@ -112,10 +116,10 @@
     </build>
 
     <repositories>
-        <!-- PaperSpigot API and PaperLib -->
+        <!-- PaperSpigot API, PaperLib, datafixupper and bungeecord-chat -->
         <repository>
             <id>papermc</id>
-            <url>https://papermc.io/repo/repository/maven-public/</url>
+            <url>https://repo.papermc.io/repository/maven-public/</url>
         </repository>
 
         <!-- ProtocolLib -->
@@ -164,7 +168,7 @@
         <dependency>
             <groupId>io.papermc.paper</groupId>
             <artifactId>paper-api</artifactId>
-            <version>1.19-R0.1-SNAPSHOT</version>
+            <version>1.21.6-R0.1-SNAPSHOT</version>
             <scope>provided</scope>
             <!-- Use our own newer api version -->
             <exclusions>
@@ -172,20 +176,25 @@
                     <groupId>org.slf4j</groupId>
                     <artifactId>slf4j-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.ow2.asm</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.apache.maven</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.apache.logging.log4j</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
 
-        <!-- PaperLib for checking if server uses PaperSpigot -->
-        <dependency>
-            <groupId>io.papermc</groupId>
-            <artifactId>paperlib</artifactId>
-            <version>1.0.7</version>
-        </dependency>
-
         <dependency>
             <groupId>com.mojang</groupId>
             <artifactId>datafixerupper</artifactId>
-            <version>5.0.28</version>
+            <version>7.1.15</version>
             <scope>provided</scope>
             <exclusions>
                 <exclusion>
@@ -199,7 +208,7 @@
         <dependency>
             <groupId>com.comphenix.protocol</groupId>
             <artifactId>ProtocolLib</artifactId>
-            <version>5.0.0-SNAPSHOT</version>
+            <version>5.3.0</version>
             <scope>provided</scope>
             <exclusions>
                 <exclusion>
@@ -228,15 +237,11 @@
         <dependency>
             <groupId>org.geysermc.floodgate</groupId>
             <artifactId>api</artifactId>
-            <version>2.2.0-SNAPSHOT</version>
+            <version>${floodgate.version}</version>
             <scope>provided</scope>
             <exclusions>
                 <exclusion>
-                    <groupId>io.netty</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.geysermc.cumulus</groupId>
+                    <groupId>*</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
             </exclusions>
@@ -244,7 +249,7 @@
 
         <!-- Bedrock player bridge -->
         <dependency>
-            <groupId>org.geysermc</groupId>
+            <groupId>org.geysermc.geyser</groupId>
             <artifactId>core</artifactId>
             <version>${geyser.version}</version>
             <scope>provided</scope>
@@ -258,17 +263,23 @@
 
         <!-- We need the API, but it was excluded above -->
         <dependency>
-            <groupId>org.geysermc</groupId>
-            <artifactId>geyser-api</artifactId>
+            <groupId>org.geysermc.geyser</groupId>
+            <artifactId>api</artifactId>
             <version>${geyser.version}</version>
             <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
 
         <!--Provide premium placeholders-->
         <dependency>
             <groupId>me.clip</groupId>
             <artifactId>placeholderapi</artifactId>
-            <version>2.11.2</version>
+            <version>2.11.6</version>
             <scope>provided</scope>
             <optional>true</optional>
             <exclusions>
@@ -283,7 +294,7 @@
         <dependency>
             <groupId>fr.xephi</groupId>
             <artifactId>authme</artifactId>
-            <version>5.6.0-beta2</version>
+            <version>5.6.0</version>
             <scope>provided</scope>
             <optional>true</optional>
             <exclusions>
@@ -297,7 +308,7 @@
         <dependency>
             <groupId>com.lenis0012.bukkit</groupId>
             <artifactId>loginsecurity</artifactId>
-            <version>3.1</version>
+            <version>3.3.0</version>
             <scope>provided</scope>
             <optional>true</optional>
             <exclusions>
@@ -337,6 +348,22 @@
             </exclusions>
         </dependency>
 
+        <dependency>
+            <groupId>com.github.zigazajc007</groupId>
+            <artifactId>Passky</artifactId>
+            <version>v3.0.0</version>
+            <scope>provided</scope>
+            <optional>true</optional>
+
+            <!-- Exclude dependencies to prevent potential version conflicts-->
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
         <!--No maven repository :(-->
         <dependency>
             <groupId>de.st_ddt.crazy</groupId>
@@ -368,29 +395,7 @@
         <dependency>
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcprov-jdk18on</artifactId>
-            <version>1.71</version>
-            <scope>test</scope>
-        </dependency>
-
-        <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-transport</artifactId>
-            <version>${nettyVersion}</version>
-            <scope>test</scope>
-        </dependency>        
-        
-        <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-codec</artifactId>
-            <version>${nettyVersion}</version>
-            <scope>test</scope>
-        </dependency>
-
-        <!-- Provided by the spigot, required for testing ProtocolLib -->
-        <dependency>
-            <groupId>commons-lang</groupId>
-            <artifactId>commons-lang</artifactId>
-            <version>2.6</version>
+            <version>1.80</version>
             <scope>test</scope>
         </dependency>
     </dependencies>

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/BukkitLoginSession.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,16 +27,15 @@ package com.github.games647.fastlogin.bukkit;
 
 import com.github.games647.craftapi.model.skin.SkinProperty;
 import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.LoginSession;
+import com.github.games647.fastlogin.core.storage.StoredProfile;
+import org.jetbrains.annotations.Nullable;
 
 import java.util.Optional;
 
-import javax.annotation.Nullable;
-
 /**
  * Represents a client connecting to the server.
- *
+ * <p>
  * This session is invalid if the player disconnects or the login was successful
  */
 public class BukkitLoginSession extends LoginSession {
@@ -48,7 +47,6 @@ public class BukkitLoginSession extends LoginSession {
     private final ClientPublicKey clientPublicKey;
 
     private boolean verified;
-
     private SkinProperty skinProperty;
 
     public BukkitLoginSession(String username, byte[] verifyToken, ClientPublicKey publicKey, boolean registered,
@@ -76,7 +74,7 @@ public class BukkitLoginSession extends LoginSession {
 
     /**
      * Gets the verify-token the server sent to the client.
-     *
+     * <p>
      * Empty if it's a BungeeCord connection
      *
      * @return verify token from the server
@@ -110,7 +108,7 @@ public class BukkitLoginSession extends LoginSession {
      *
      * @param verified whether the player has valid session
      */
-    public synchronized void setVerified(boolean verified) {
+    public synchronized void setVerifiedPremium(boolean verified) {
         this.verified = verified;
     }
 
@@ -119,7 +117,7 @@ public class BukkitLoginSession extends LoginSession {
      *
      * @return whether the player has a valid session
      */
-    public synchronized boolean isVerified() {
+    public synchronized boolean isVerifiedPremium() {
         return verified;
     }
 }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/BukkitScheduler.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,14 +25,13 @@
  */
 package com.github.games647.fastlogin.bukkit;
 
-import com.github.games647.fastlogin.core.AsyncScheduler;
-
-import java.util.concurrent.Executor;
-
+import com.github.games647.fastlogin.core.scheduler.AsyncScheduler;
 import org.bukkit.Bukkit;
 import org.bukkit.plugin.Plugin;
 import org.slf4j.Logger;
 
+import java.util.concurrent.Executor;
+
 public class BukkitScheduler extends AsyncScheduler {
 
     private final Executor syncExecutor;
@@ -40,7 +39,7 @@ public class BukkitScheduler extends AsyncScheduler {
     public BukkitScheduler(Plugin plugin, Logger logger) {
         super(logger, command -> Bukkit.getScheduler().runTaskAsynchronously(plugin, command));
 
-        syncExecutor = r -> Bukkit.getScheduler().runTask(plugin, r);
+        syncExecutor = task -> Bukkit.getScheduler().runTask(plugin, task);
     }
 
     public Executor getSyncExecutor() {

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/BungeeManager.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -31,6 +31,11 @@ import com.github.games647.fastlogin.core.message.LoginActionMessage;
 import com.github.games647.fastlogin.core.message.NamespaceKey;
 import com.google.common.io.ByteArrayDataOutput;
 import com.google.common.io.ByteStreams;
+import io.papermc.paper.configuration.ServerConfiguration;
+import org.bukkit.Bukkit;
+import org.bukkit.Server;
+import org.bukkit.entity.Player;
+import org.bukkit.plugin.messaging.PluginMessageRecipient;
 
 import java.io.IOException;
 import java.lang.reflect.Field;
@@ -44,11 +49,6 @@ import java.util.Set;
 import java.util.UUID;
 import java.util.stream.Stream;
 
-import org.bukkit.Bukkit;
-import org.bukkit.Server;
-import org.bukkit.entity.Player;
-import org.bukkit.plugin.messaging.PluginMessageRecipient;
-
 import static com.github.games647.fastlogin.core.message.ChangePremiumMessage.CHANGE_CHANNEL;
 import static com.github.games647.fastlogin.core.message.SuccessMessage.SUCCESS_CHANNEL;
 import static java.util.stream.Collectors.toSet;
@@ -94,6 +94,10 @@ public class BungeeManager {
 
         if (enabled) {
             proxyIds = loadBungeeCordIds();
+            if (proxyIds.isEmpty()) {
+                plugin.getLog().info("No valid IDs found. Minecraft proxy support cannot work in the current state");
+            }
+
             registerPluginChannels();
             plugin.getLog().info("Found enabled proxy configuration");
             plugin.getLog().info("Remember to follow the proxy guide to complete your setup");
@@ -130,6 +134,13 @@ public class BungeeManager {
     }
 
     private boolean detectProxy() {
+        try {
+            ServerConfiguration.class.getDeclaredMethod("isProxyEnabled");
+            return Bukkit.getServerConfig().isProxyEnabled();
+        } catch (NoClassDefFoundError | NoSuchMethodException noSuchClassMethodEx) {
+            // Ignore continue below
+        }
+
         try {
             if (isProxySupported("org.spigotmc.SpigotConfig", "bungee")) {
                 return true;

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/FastLoginBukkit.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,33 +25,24 @@
  */
 package com.github.games647.fastlogin.bukkit;
 
+import com.comphenix.protocol.ProtocolLibrary;
 import com.github.games647.fastlogin.bukkit.command.CrackedCommand;
 import com.github.games647.fastlogin.bukkit.command.PremiumCommand;
+import com.github.games647.fastlogin.bukkit.command.DeleteCommand;
 import com.github.games647.fastlogin.bukkit.listener.ConnectionListener;
 import com.github.games647.fastlogin.bukkit.listener.PaperCacheListener;
-import com.github.games647.fastlogin.bukkit.listener.protocollib.ManualNameChange;
 import com.github.games647.fastlogin.bukkit.listener.protocollib.ProtocolLibListener;
 import com.github.games647.fastlogin.bukkit.listener.protocollib.SkinApplyListener;
 import com.github.games647.fastlogin.bukkit.listener.protocolsupport.ProtocolSupportListener;
 import com.github.games647.fastlogin.bukkit.task.DelayedAuthHook;
 import com.github.games647.fastlogin.core.CommonUtil;
 import com.github.games647.fastlogin.core.PremiumStatus;
+import com.github.games647.fastlogin.core.antibot.AntiBotService;
 import com.github.games647.fastlogin.core.hooks.bedrock.BedrockService;
 import com.github.games647.fastlogin.core.hooks.bedrock.FloodgateService;
 import com.github.games647.fastlogin.core.hooks.bedrock.GeyserService;
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.PlatformPlugin;
-
-import io.papermc.lib.PaperLib;
-
-import java.net.InetSocketAddress;
-import java.nio.file.Path;
-import java.util.Map;
-import java.util.Optional;
-import java.util.UUID;
-import java.util.concurrent.ConcurrentHashMap;
-import java.util.concurrent.ConcurrentMap;
-
 import org.bukkit.Bukkit;
 import org.bukkit.command.CommandSender;
 import org.bukkit.entity.Player;
@@ -59,15 +50,28 @@ import org.bukkit.plugin.PluginManager;
 import org.bukkit.plugin.java.JavaPlugin;
 import org.geysermc.floodgate.api.FloodgateApi;
 import org.geysermc.geyser.GeyserImpl;
+import org.jetbrains.annotations.NotNull;
 import org.slf4j.Logger;
 
+import java.net.InetSocketAddress;
+import java.nio.file.Path;
+import java.time.Duration;
+import java.util.Map;
+import java.util.Optional;
+import java.util.UUID;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+
 /**
  * This plugin checks if a player has a paid account and if so tries to skip offline mode authentication.
  */
 public class FastLoginBukkit extends JavaPlugin implements PlatformPlugin<CommandSender> {
 
     //1 minutes should be enough as a timeout for bad internet connection (Server, Client and Mojang)
-    private final ConcurrentMap<String, BukkitLoginSession> loginSession = CommonUtil.buildCache(1, -1);
+    private final ConcurrentMap<String, BukkitLoginSession> loginSession = CommonUtil.buildCache(
+            Duration.ofMinutes(1), -1
+    );
+
     private final Map<UUID, PremiumStatus> premiumPlayers = new ConcurrentHashMap<>();
     private final Logger logger;
 
@@ -113,17 +117,14 @@ public class FastLoginBukkit extends JavaPlugin implements PlatformPlugin<Comman
                 return;
             }
 
+            AntiBotService antiBotService = core.getAntiBotService();
             if (pluginManager.isPluginEnabled("ProtocolSupport")) {
-                pluginManager.registerEvents(new ProtocolSupportListener(this, core.getAntiBot()), this);
+                pluginManager.registerEvents(new ProtocolSupportListener(this, antiBotService), this);
             } else if (pluginManager.isPluginEnabled("ProtocolLib")) {
-                ProtocolLibListener.register(this, core.getAntiBot(), core.getConfig().getBoolean("verifyClientKeys"));
-
-                if (isPluginInstalled("floodgate")) {
-                    printFloodgateWarning();
-                }
+                ProtocolLibListener.register(this, antiBotService, core.getConfig().getBoolean("verifyClientKeys"));
 
                 //if server is using paper - we need to set the skin at pre login anyway, so no need for this listener
-                if (!PaperLib.isPaper() && getConfig().getBoolean("forwardSkin")) {
+                if (!isPaper() && getConfig().getBoolean("forwardSkin")) {
                     pluginManager.registerEvents(new SkinApplyListener(this), this);
                 }
             } else {
@@ -139,35 +140,23 @@ public class FastLoginBukkit extends JavaPlugin implements PlatformPlugin<Comman
         pluginManager.registerEvents(new ConnectionListener(this), this);
 
         //if server is using paper - we need to add one more listener to correct the user cache usage
-        if (PaperLib.isPaper()) {
+        if (isPaper()) {
             pluginManager.registerEvents(new PaperCacheListener(this), this);
         }
 
-        //register commands using a unique name
-        Optional.ofNullable(getCommand("premium")).ifPresent(c -> c.setExecutor(new PremiumCommand(this)));
-        Optional.ofNullable(getCommand("cracked")).ifPresent(c -> c.setExecutor(new CrackedCommand(this)));
+        registerCommands();
 
         if (pluginManager.isPluginEnabled("PlaceholderAPI")) {
             premiumPlaceholder = new PremiumPlaceholder(this);
             premiumPlaceholder.register();
         }
-
-        dependencyWarnings();
     }
 
-    private void printFloodgateWarning() {
-        if (getConfig().getBoolean("floodgatePrefixWorkaround")) {
-            ManualNameChange.register(this, floodgateService);
-            logger.info("Floodgate prefix injection workaround has been enabled.");
-            logger.info("If you have problems joining the server, try disabling it in the configuration.");
-        } else {
-            logger.warn("We have detected that you are running FastLogin alongside Floodgate and ProtocolLib.");
-            logger.warn("Currently there is an issue with FastLogin that prevents Floodgate name prefixes from "
-                    + "showing up when it is together used with ProtocolLib.");
-            logger.warn("If you would like to use Floodgate name prefixes, you can enable an experimental "
-                    + "workaround by changing the value 'floodgatePrefixWorkaround' to true in config.yml.");
-            logger.warn("For more information visit https://github.com/games647/FastLogin/issues/493");
-        }
+    private void registerCommands() {
+        //register commands using a unique name
+        Optional.ofNullable(getCommand("premium")).ifPresent(c -> c.setExecutor(new PremiumCommand(this)));
+        Optional.ofNullable(getCommand("cracked")).ifPresent(c -> c.setExecutor(new CrackedCommand(this)));
+        Optional.ofNullable(getCommand("fldelete")).ifPresent(c -> c.setExecutor(new DeleteCommand(this)));
     }
 
     private boolean initializeFloodgate() {
@@ -207,9 +196,9 @@ public class FastLoginBukkit extends JavaPlugin implements PlatformPlugin<Comman
             }
         }
 
-        // if (isPluginInstalled("ProtocolLib")) {
-            // ProtocolLibrary.getProtocolManager().getAsynchronousManager().unregisterAsyncHandlers(this);
-        // }
+        if (getServer().getPluginManager().isPluginEnabled("ProtocolLib")) {
+            ProtocolLibrary.getProtocolManager().getAsynchronousManager().unregisterAsyncHandlers(this);
+        }
     }
 
     public FastLoginCore<Player, CommandSender, FastLoginBukkit> getCore() {
@@ -251,12 +240,28 @@ public class FastLoginBukkit extends JavaPlugin implements PlatformPlugin<Comman
 
     /**
      * Fetches the premium status of an online player.
+     * {@snippet :
+     * // Bukkit's players object after successful authentication i.e. PlayerJoinEvent
+     * // except for proxies like BungeeCord and Velocity where the details are sent delayed (1-2 seconds)
+     * Player player;
+     * PremiumStatus status = JavaPlugin.getPlugin(FastLoginBukkit.class).getStatus(player.getUniqueId());
+     * switch (status) {
+     *     case CRACKED:
+     *         // player is offline
+     *         break;
+     *     case PREMIUM:
+     *         // account is premium and player passed the verification
+     *         break;
+     *     case UNKNOWN:
+     *         // no record about this player
+     * }
+     * }
      *
      * @param onlinePlayer player that is currently online player (play state)
      * @return the online status or unknown if an error happened, the player isn't online or BungeeCord doesn't send
      * us the status message yet (This means you cannot check the login status on the PlayerJoinEvent).
      */
-    public PremiumStatus getStatus(UUID onlinePlayer) {
+    public @NotNull PremiumStatus getStatus(@NotNull UUID onlinePlayer) {
         return premiumPlayers.getOrDefault(onlinePlayer, PremiumStatus.UNKNOWN);
     }
 
@@ -326,17 +331,16 @@ public class FastLoginBukkit extends JavaPlugin implements PlatformPlugin<Comman
         return geyserService;
     }
 
-    /**
-     * Send warning messages to log if incompatible plugins are used
-     */
-    private void dependencyWarnings() {
-        if (isPluginInstalled("floodgate-bukkit")) {
-            logger.warn("We have detected that you are running Floodgate 1.0 which is not supported by the Bukkit "
-                    + "version of FastLogin.");
-            logger.warn("If you would like to use FastLogin with Floodgate, you can download development builds of "
-                    + "Floodgate 2.0 from https://ci.opencollab.dev/job/GeyserMC/job/Floodgate/job/dev%252F2.0/");
-            logger.warn("Don't forget to update Geyser to a supported version as well from "
-                    + "https://ci.opencollab.dev/job/GeyserMC/job/Geyser/job/floodgate-2.0/");
+    private boolean isPaper() {
+        return isClassAvailable("com.destroystokyo.paper.PaperConfig").isPresent()
+                || isClassAvailable("io.papermc.paper.configuration.Configuration").isPresent();
+    }
+
+    private Optional<Class<?>> isClassAvailable(String clazzName) {
+        try {
+            return Optional.of(Class.forName(clazzName));
+        } catch (ClassNotFoundException e) {
+            return Optional.empty();
         }
     }
 }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/InetUtils.java

@@ -0,0 +1,63 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2024 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit;
+
+import java.net.InetAddress;
+
+public final class InetUtils {
+
+    private InetUtils() {
+        // Utility
+    }
+
+    /**
+     * Verifies if the given IP address is from the local network
+     *
+     * @param address IP address
+     * @return true if address is from local network or even from the device itself (loopback)
+     */
+    public static boolean isLocalAddress(InetAddress address) {
+        // Loopback addresses like 127.0.* (IPv4) or [::1] (IPv6)
+        return address.isLoopbackAddress()
+                // Example: 10.0.0.0, 172.16.0.0, 192.168.0.0, fec0::/10 (deprecated)
+                // Ref: https://en.wikipedia.org/wiki/IP_address#Private_addresses
+                || address.isSiteLocalAddress()
+                // Example: 169.254.0.0/16, fe80::/10
+                // Ref: https://en.wikipedia.org/wiki/IP_address#Address_autoconfiguration
+                || address.isLinkLocalAddress()
+                // non deprecated unique site-local that java doesn't check yet -> fc00::/7
+                || isIPv6UniqueSiteLocal(address);
+    }
+
+    private static boolean isIPv6UniqueSiteLocal(InetAddress address) {
+        // ref: https://en.wikipedia.org/wiki/Unique_local_address
+
+        // currently undefined but could be used in the near future fc00::/8
+        return (address.getAddress()[0] & 0xFF) == 0xFC
+                // in use for unique site-local fd00::/8
+                || (address.getAddress()[0] & 0xFF) == 0xFD;
+    }
+}

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/PremiumPlaceholder.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,14 +25,13 @@
  */
 package com.github.games647.fastlogin.bukkit;
 
-import java.util.Collections;
-import java.util.List;
-
 import me.clip.placeholderapi.expansion.PlaceholderExpansion;
-
 import org.bukkit.OfflinePlayer;
 import org.jetbrains.annotations.NotNull;
 
+import java.util.Collections;
+import java.util.List;
+
 public class PremiumPlaceholder extends PlaceholderExpansion {
 
     private static final String PLACEHOLDER_VARIABLE = "status";
@@ -75,11 +74,13 @@ public class PremiumPlaceholder extends PlaceholderExpansion {
 
     @Override
     public @NotNull String getAuthor() {
+        //noinspection deprecation
         return String.join(", ", plugin.getDescription().getAuthors());
     }
 
     @Override
     public @NotNull String getVersion() {
+        //noinspection deprecation
         return plugin.getDescription().getVersion();
     }
 }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/command/CrackedCommand.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,10 +27,10 @@ package com.github.games647.fastlogin.bukkit.command;
 
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.bukkit.event.BukkitFastLoginPremiumToggleEvent;
-import com.github.games647.fastlogin.core.StoredProfile;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import org.bukkit.command.Command;
 import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
 import org.jetbrains.annotations.NotNull;
 
 import static com.github.games647.fastlogin.core.shared.event.FastLoginPremiumToggleEvent.PremiumToggleReason;
@@ -58,21 +58,31 @@ public class CrackedCommand extends ToggleCommand {
             return;
         }
 
+        Player player = (Player) sender;
         if (forwardCrackedCommand(sender, sender.getName())) {
             return;
         }
 
         // todo: load async if
         StoredProfile profile = plugin.getCore().getStorage().loadProfile(sender.getName());
-        if (profile.isPremium()) {
+        if (profile.isOnlinemodePreferred()) {
             plugin.getCore().sendLocaleMessage("remove-premium", sender);
 
-            profile.setPremium(false);
+            profile.setOnlinemodePreferred(false);
             profile.setId(null);
             plugin.getScheduler().runAsync(() -> {
                 plugin.getCore().getStorage().save(profile);
                 plugin.getServer().getPluginManager().callEvent(
-                        new BukkitFastLoginPremiumToggleEvent(profile, PremiumToggleReason.COMMAND_OTHER));
+                        new BukkitFastLoginPremiumToggleEvent(sender, profile, PremiumToggleReason.COMMAND_OTHER)
+                );
+
+                plugin.getScheduler().getSyncExecutor().execute(() -> {
+                    if (plugin.getCore().getConfig().getBoolean("kick-toggle", true)) {
+                        player.kickPlayer(plugin.getCore().getMessage("remove-premium"));
+                    } else {
+                        plugin.getCore().sendLocaleMessage("add-premium", sender);
+                    }
+                });
             });
         } else {
             plugin.getCore().sendLocaleMessage("not-premium", sender);
@@ -96,16 +106,16 @@ public class CrackedCommand extends ToggleCommand {
         }
 
         //existing player is already cracked
-        if (profile.isSaved() && !profile.isPremium()) {
+        if (profile.isExistingPlayer() && !profile.isOnlinemodePreferred()) {
             plugin.getCore().sendLocaleMessage("not-premium-other", sender);
         } else {
             plugin.getCore().sendLocaleMessage("remove-premium", sender);
 
-            profile.setPremium(false);
+            profile.setOnlinemodePreferred(false);
             plugin.getScheduler().runAsync(() -> {
                 plugin.getCore().getStorage().save(profile);
                 plugin.getServer().getPluginManager().callEvent(
-                        new BukkitFastLoginPremiumToggleEvent(profile, PremiumToggleReason.COMMAND_OTHER));
+                        new BukkitFastLoginPremiumToggleEvent(sender, profile, PremiumToggleReason.COMMAND_OTHER));
             });
         }
     }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/command/DeleteCommand.java

@@ -0,0 +1,94 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2024 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.command;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.bukkit.Bukkit;
+import org.bukkit.command.Command;
+import org.bukkit.command.CommandSender;
+import org.bukkit.command.ConsoleCommandSender;
+import org.bukkit.command.TabExecutor;
+import org.bukkit.entity.Player;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+
+public class DeleteCommand implements TabExecutor {
+    private final FastLoginBukkit plugin;
+
+    public DeleteCommand(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    /**
+     * Handles the command to delete profiles.
+     */
+    @Override
+    public boolean onCommand(CommandSender sender, Command command, String label, String[] args) {
+
+        if (!sender.hasPermission(command.getPermission())) {
+            plugin.getCore().sendLocaleMessage("no-permission", sender);
+            return true;
+        }
+
+        if (plugin.getBungeeManager().isEnabled()) {
+            sender.sendMessage("Error: Cannot delete profile entries when using BungeeCord!");
+            return false;
+        }
+
+        if (args.length < 1) {
+            sender.sendMessage("Error: Must supply username to delete!");
+            return false;
+        }
+
+        Bukkit.getScheduler().runTaskAsynchronously(plugin, () -> {
+            int count = plugin.getCore().getStorage().deleteProfile(args[0]);
+            if (!(sender instanceof ConsoleCommandSender)) {
+                Bukkit.getScheduler().runTask(plugin, () -> {
+                    if (count == 0) {
+                        sender.sendMessage("Error: No profile entries found!");
+                    } else {
+                        sender.sendMessage("Deleted " + count + " matching profile entries");
+                    }
+                });
+            }
+        });
+
+        return true;
+    }
+
+    @Override
+    public List<String> onTabComplete(CommandSender sender, Command command, String alias, String[] args) {
+        List<String> list = new ArrayList<>();
+        for (Player p : Bukkit.getOnlinePlayers()) {
+            if (p.getName().toLowerCase().startsWith(args[0])) {
+                list.add(p.getName());
+            }
+        }
+        return null;
+    }
+}

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/command/PremiumCommand.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,16 +27,15 @@ package com.github.games647.fastlogin.bukkit.command;
 
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.bukkit.event.BukkitFastLoginPremiumToggleEvent;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.event.FastLoginPremiumToggleEvent.PremiumToggleReason;
-
-import java.util.UUID;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import org.bukkit.command.Command;
 import org.bukkit.command.CommandSender;
 import org.bukkit.entity.Player;
 import org.jetbrains.annotations.NotNull;
 
+import java.util.UUID;
+
 /**
  * Let users activate fast login by command. This only be accessible if
  * the user has access to its account. So we can make sure that not another
@@ -69,7 +68,8 @@ public class PremiumCommand extends ToggleCommand {
             return;
         }
 
-        UUID id = ((Player) sender).getUniqueId();
+        Player player = (Player) sender;
+        UUID id = player.getUniqueId();
         if (plugin.getConfig().getBoolean("premium-warning") && !plugin.getCore().getPendingConfirms().contains(id)) {
             sender.sendMessage(plugin.getCore().getMessage("premium-warning"));
             plugin.getCore().getPendingConfirms().add(id);
@@ -79,18 +79,25 @@ public class PremiumCommand extends ToggleCommand {
         plugin.getCore().getPendingConfirms().remove(id);
         //todo: load async
         StoredProfile profile = plugin.getCore().getStorage().loadProfile(sender.getName());
-        if (profile.isPremium()) {
+        if (profile.isOnlinemodePreferred()) {
             plugin.getCore().sendLocaleMessage("already-exists", sender);
         } else {
             //todo: resolve uuid
-            profile.setPremium(true);
+            profile.setOnlinemodePreferred(true);
             plugin.getScheduler().runAsync(() -> {
                 plugin.getCore().getStorage().save(profile);
                 plugin.getServer().getPluginManager().callEvent(
-                        new BukkitFastLoginPremiumToggleEvent(profile, PremiumToggleReason.COMMAND_SELF));
-            });
+                        new BukkitFastLoginPremiumToggleEvent(sender, profile, PremiumToggleReason.COMMAND_SELF)
+                );
 
-            plugin.getCore().sendLocaleMessage("add-premium", sender);
+                plugin.getScheduler().getSyncExecutor().execute(() -> {
+                    if (plugin.getCore().getConfig().getBoolean("kick-toggle", true)) {
+                        player.kickPlayer(plugin.getCore().getMessage("remove-premium"));
+                    } else {
+                        plugin.getCore().sendLocaleMessage("add-premium", sender);
+                    }
+                });
+            });
         }
     }
 
@@ -110,15 +117,16 @@ public class PremiumCommand extends ToggleCommand {
             return;
         }
 
-        if (profile.isPremium()) {
+        if (profile.isOnlinemodePreferred()) {
             plugin.getCore().sendLocaleMessage("already-exists-other", sender);
         } else {
             //todo: resolve uuid
-            profile.setPremium(true);
+            profile.setOnlinemodePreferred(true);
             plugin.getScheduler().runAsync(() -> {
                 plugin.getCore().getStorage().save(profile);
                 plugin.getServer().getPluginManager().callEvent(
-                        new BukkitFastLoginPremiumToggleEvent(profile, PremiumToggleReason.COMMAND_OTHER));
+                        new BukkitFastLoginPremiumToggleEvent(sender, profile, PremiumToggleReason.COMMAND_OTHER)
+                );
             });
 
             plugin.getCore().sendLocaleMessage("add-premium-other", sender);

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/command/ToggleCommand.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -28,9 +28,6 @@ package com.github.games647.fastlogin.bukkit.command;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.core.message.ChangePremiumMessage;
 import com.github.games647.fastlogin.core.message.ChannelMessage;
-
-import java.util.Optional;
-
 import org.bukkit.Bukkit;
 import org.bukkit.command.Command;
 import org.bukkit.command.CommandExecutor;
@@ -38,6 +35,8 @@ import org.bukkit.command.CommandSender;
 import org.bukkit.entity.Player;
 import org.bukkit.plugin.messaging.PluginMessageRecipient;
 
+import java.util.Optional;
+
 public abstract class ToggleCommand implements CommandExecutor {
 
     protected final FastLoginBukkit plugin;

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/event/BukkitFastLoginAutoLoginEvent.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,10 +25,9 @@
  */
 package com.github.games647.fastlogin.bukkit.event;
 
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.LoginSession;
 import com.github.games647.fastlogin.core.shared.event.FastLoginAutoLoginEvent;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import org.bukkit.event.Cancellable;
 import org.bukkit.event.Event;
 import org.bukkit.event.HandlerList;

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/event/BukkitFastLoginPreLoginEvent.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,10 +25,9 @@
  */
 package com.github.games647.fastlogin.bukkit.event;
 
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.LoginSource;
 import com.github.games647.fastlogin.core.shared.event.FastLoginPreLoginEvent;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import org.bukkit.event.Event;
 import org.bukkit.event.HandlerList;
 import org.jetbrains.annotations.NotNull;

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/event/BukkitFastLoginPremiumToggleEvent.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,9 +25,9 @@
  */
 package com.github.games647.fastlogin.bukkit.event;
 
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.event.FastLoginPremiumToggleEvent;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
+import org.bukkit.command.CommandSender;
 import org.bukkit.event.Event;
 import org.bukkit.event.HandlerList;
 import org.jetbrains.annotations.NotNull;
@@ -35,11 +35,15 @@ import org.jetbrains.annotations.NotNull;
 public class BukkitFastLoginPremiumToggleEvent extends Event implements FastLoginPremiumToggleEvent {
 
     private static final HandlerList HANDLERS = new HandlerList();
+
+    private final CommandSender invoker;
     private final StoredProfile profile;
     private final PremiumToggleReason reason;
 
-    public BukkitFastLoginPremiumToggleEvent(StoredProfile profile, PremiumToggleReason reason) {
+    public BukkitFastLoginPremiumToggleEvent(CommandSender invoker, StoredProfile profile, PremiumToggleReason reason) {
         super(true);
+
+        this.invoker = invoker;
         this.profile = profile;
         this.reason = reason;
     }
@@ -49,6 +53,13 @@ public class BukkitFastLoginPremiumToggleEvent extends Event implements FastLogi
         return profile;
     }
 
+    /**
+     * @return who triggered this change. This could be a Player for itself or others (Admin) or the console.
+     */
+    public CommandSender getInvoker() {
+        return invoker;
+    }
+
     @Override
     public PremiumToggleReason getReason() {
         return reason;

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/AuthMeHook.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -28,28 +28,26 @@ package com.github.games647.fastlogin.bukkit.hook;
 import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
-
 import fr.xephi.authme.api.v3.AuthMeApi;
 import fr.xephi.authme.events.RestoreSessionEvent;
 import fr.xephi.authme.process.Management;
 import fr.xephi.authme.process.register.executors.ApiPasswordRegisterParams;
 import fr.xephi.authme.process.register.executors.RegistrationMethod;
-
-import java.lang.reflect.Field;
-
 import org.bukkit.entity.Player;
 import org.bukkit.event.EventHandler;
 import org.bukkit.event.EventPriority;
 import org.bukkit.event.Listener;
 
+import java.lang.reflect.Field;
+
 /**
  * GitHub: <a href="https://github.com/Xephi/AuthMeReloaded/">...</a>
  * <p>
  * Project page:
  * <p>
- * Bukkit: <a href="https://dev.bukkit.org/bukkit-plugins/authme-reloaded/">...</a>
+ * <a href="https://dev.bukkit.org/bukkit-plugins/authme-reloaded/">Bukkit</a>
  * <p>
- * Spigot: <a href="https://www.spigotmc.org/resources/authme-reloaded.6269/">...</a>
+ * <a href="https://www.spigotmc.org/resources/authme-reloaded.6269/">Spigot</a>
  */
 public class AuthMeHook implements AuthPlugin<Player>, Listener {
 
@@ -62,7 +60,7 @@ public class AuthMeHook implements AuthPlugin<Player>, Listener {
         this.plugin = plugin;
         this.authmeAPI = AuthMeApi.getInstance();
 
-        if (plugin.getConfig().getBoolean("respectIpLimit", false)) {
+        if (plugin.getCore().getConfig().getBoolean("respectIpLimit", false)) {
             try {
                 Field managementField = this.authmeAPI.getClass().getDeclaredField("management");
                 managementField.setAccessible(true);
@@ -78,7 +76,7 @@ public class AuthMeHook implements AuthPlugin<Player>, Listener {
         Player player = restoreSessionEvent.getPlayer();
 
         BukkitLoginSession session = plugin.getSession(player.spigot().getRawAddress());
-        if (session != null && session.isVerified()) {
+        if (session != null && session.isVerifiedPremium()) {
             restoreSessionEvent.setCancelled(true);
         }
     }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/CrazyLoginHook.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,26 +29,24 @@ import com.comphenix.protocol.reflect.accessors.Accessors;
 import com.comphenix.protocol.reflect.accessors.FieldAccessor;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
-
 import de.st_ddt.crazylogin.CrazyLogin;
 import de.st_ddt.crazylogin.data.LoginPlayerData;
 import de.st_ddt.crazylogin.databases.CrazyLoginDataDatabase;
 import de.st_ddt.crazylogin.listener.PlayerListener;
 import de.st_ddt.crazylogin.metadata.Authenticated;
+import org.bukkit.Bukkit;
+import org.bukkit.entity.Player;
 
 import java.util.Optional;
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.Future;
 
-import org.bukkit.Bukkit;
-import org.bukkit.entity.Player;
-
 /**
  * GitHub: <a href="https://github.com/ST-DDT/CrazyLogin">...</a>
  * <p>
  * Project page:
  * <p>
- * Bukkit: <a href="https://dev.bukkit.org/server-mods/crazylogin/">...</a>
+ * <a href="https://dev.bukkit.org/server-mods/crazylogin/">Bukkit</a>
  */
 public class CrazyLoginHook implements AuthPlugin<Player> {
 

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/LogItHook.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,16 +27,14 @@ package com.github.games647.fastlogin.bukkit.hook;
 
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
-
 import io.github.lucaseasedup.logit.CancelledState;
 import io.github.lucaseasedup.logit.LogItCore;
 import io.github.lucaseasedup.logit.account.Account;
 import io.github.lucaseasedup.logit.session.SessionManager;
+import org.bukkit.entity.Player;
 
 import java.time.Instant;
 
-import org.bukkit.entity.Player;
-
 /**
  * GitHub: <a href="https://github.com/XziomekX/LogIt">...</a>
  * <p>

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/LoginSecurityHook.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -32,7 +32,6 @@ import com.lenis0012.bukkit.loginsecurity.session.AuthService;
 import com.lenis0012.bukkit.loginsecurity.session.PlayerSession;
 import com.lenis0012.bukkit.loginsecurity.session.action.LoginAction;
 import com.lenis0012.bukkit.loginsecurity.session.action.RegisterAction;
-
 import org.bukkit.entity.Player;
 
 /**
@@ -40,9 +39,9 @@ import org.bukkit.entity.Player;
  * <p>
  * Project page:
  * <p>
- * Bukkit: <a href="https://dev.bukkit.org/bukkit-plugins/loginsecurity/">...</a>
+ * <a href="https://dev.bukkit.org/bukkit-plugins/loginsecurity/">Bukkit</a>
  * <p>
- * Spigot: <a href="https://www.spigotmc.org/resources/loginsecurity.19362/">...</a>
+ * <a href="https://www.spigotmc.org/resources/loginsecurity.19362/">Spigot</a>
  */
 public class LoginSecurityHook implements AuthPlugin<Player> {
 

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/PasskyHook.java

@@ -0,0 +1,68 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2024 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.hook;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+import com.rabbitcomapny.api.Identifier;
+import com.rabbitcomapny.api.LoginResult;
+import com.rabbitcomapny.api.PasskyAPI;
+import com.rabbitcomapny.api.RegisterResult;
+import org.bukkit.entity.Player;
+
+public class PasskyHook implements AuthPlugin<Player> {
+
+    private final FastLoginBukkit plugin;
+
+    public PasskyHook(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @Override
+    public boolean forceLogin(Player player) {
+        LoginResult result = PasskyAPI.forceLogin(new Identifier(player), true);
+        if (!result.success) {
+            plugin.getLog().error("Failed to force login {} via Passky: {}", player.getName(), result.status);
+        }
+
+        return result.success;
+    }
+
+    @Override
+    public boolean forceRegister(Player player, String password) {
+        RegisterResult result = PasskyAPI.forceRegister(new Identifier(player), password, true);
+        if (!result.success) {
+            plugin.getLog().error("Failed to register {} via Passky: {}", player.getName(), result.status);
+        }
+
+        return result.success;
+    }
+
+    @Override
+    public boolean isRegistered(String playerName) {
+        return PasskyAPI.isRegistered(new Identifier(playerName));
+    }
+}

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/UltraAuthHook.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,21 +27,20 @@ package com.github.games647.fastlogin.bukkit.hook;
 
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
-
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.Future;
-
 import org.bukkit.Bukkit;
 import org.bukkit.entity.Player;
 import ultraauth.api.UltraAuthAPI;
 import ultraauth.managers.PlayerManager;
 
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.Future;
+
 /**
  * Project page:
  * <p>
- * Bukkit: <a href="https://dev.bukkit.org/bukkit-plugins/ultraauth-aa/">...</a>
+ * <a href="https://dev.bukkit.org/bukkit-plugins/ultraauth-aa/">Bukkit</a>
  * <p>
- * Spigot: <a href="https://www.spigotmc.org/resources/ultraauth.17044/">...</a>
+ * <a href="https://www.spigotmc.org/resources/ultraauth.17044/">Spigot</a>
  */
 public class UltraAuthHook implements AuthPlugin<Player> {
 

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/XAuthHook.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,22 +27,20 @@ package com.github.games647.fastlogin.bukkit.hook;
 
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
-
 import de.luricos.bukkit.xAuth.xAuth;
 import de.luricos.bukkit.xAuth.xAuthPlayer;
+import org.bukkit.Bukkit;
+import org.bukkit.entity.Player;
 
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.Future;
 
-import org.bukkit.Bukkit;
-import org.bukkit.entity.Player;
-
 /**
  * GitHub: <a href="https://github.com/LycanDevelopment/xAuth/">...</a>
  * <p>
  * Project page:
  * <p>
- * Bukkit: <a href="https://dev.bukkit.org/bukkit-plugins/xauth/">...</a>
+ * <a href="https://dev.bukkit.org/bukkit-plugins/xauth/">Bukkit</a>
  */
 public class XAuthHook implements AuthPlugin<Player> {
 

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BungeeListener.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -34,18 +34,16 @@ import com.github.games647.fastlogin.core.message.LoginActionMessage;
 import com.github.games647.fastlogin.core.message.LoginActionMessage.Type;
 import com.google.common.io.ByteArrayDataInput;
 import com.google.common.io.ByteStreams;
-
-import java.net.InetSocketAddress;
-import java.util.UUID;
-
 import org.bukkit.Bukkit;
 import org.bukkit.entity.Player;
 import org.bukkit.plugin.messaging.PluginMessageListener;
 import org.jetbrains.annotations.NotNull;
 
+import java.util.UUID;
+
 /**
  * Responsible for receiving messages from a BungeeCord instance.
- *
+ * <p>
  * This class also receives the plugin message from the bungeecord version of this plugin in order to get notified if
  * the connection is in online mode.
  */
@@ -93,24 +91,23 @@ public class BungeeListener implements PluginMessageListener {
         String playerName = message.getPlayerName();
         Type type = message.getType();
 
-        InetSocketAddress address = player.getAddress();
         plugin.getLog().info("Player info {} command for {} from proxy", type, playerName);
         if (type == Type.LOGIN) {
-            onLoginMessage(player, playerName, address);
+            onLoginMessage(player, playerName);
         } else if (type == Type.REGISTER) {
-            onRegisterMessage(player, playerName, address);
+            onRegisterMessage(player, playerName);
         } else if (type == Type.CRACKED) {
             //we don't start a force login task here so update it manually
             plugin.getPremiumPlayers().put(player.getUniqueId(), PremiumStatus.CRACKED);
         }
     }
 
-    private void onLoginMessage(Player player, String playerName, InetSocketAddress address) {
+    private void onLoginMessage(Player player, String playerName) {
         BukkitLoginSession playerSession = new BukkitLoginSession(playerName, true);
         startLoginTaskIfReady(player, playerSession);
     }
 
-    private void onRegisterMessage(Player player, String playerName, InetSocketAddress address) {
+    private void onRegisterMessage(Player player, String playerName) {
         Bukkit.getScheduler().runTaskAsynchronously(plugin, () -> {
             AuthPlugin<Player> authPlugin = plugin.getCore().getAuthPluginHook();
             try {
@@ -126,7 +123,7 @@ public class BungeeListener implements PluginMessageListener {
     }
 
     private void startLoginTaskIfReady(Player player, BukkitLoginSession session) {
-        session.setVerified(true);
+        session.setVerifiedPremium(true);
         plugin.putSession(player.spigot().getRawAddress(), session);
 
         // only start a new login task if the join event fired earlier. This event then didn't

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/ConnectionListener.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -30,7 +30,6 @@ import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.bukkit.task.FloodgateAuthTask;
 import com.github.games647.fastlogin.bukkit.task.ForceLoginTask;
 import com.github.games647.fastlogin.core.hooks.bedrock.FloodgateService;
-
 import org.bukkit.Bukkit;
 import org.bukkit.entity.Player;
 import org.bukkit.event.EventHandler;
@@ -91,6 +90,7 @@ public class ConnectionListener implements Listener {
                 if (floodgatePlayer != null) {
                     Runnable floodgateAuthTask = new FloodgateAuthTask(plugin.getCore(), player, floodgatePlayer);
                     Bukkit.getScheduler().runTaskAsynchronously(plugin, floodgateAuthTask);
+                    plugin.getBungeeManager().markJoinEventFired(player);
                     return;
                 }
             }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/PaperCacheListener.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,6 @@ import com.destroystokyo.paper.profile.ProfileProperty;
 import com.github.games647.craftapi.model.skin.Textures;
 import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
-
 import org.bukkit.event.EventHandler;
 import org.bukkit.event.EventPriority;
 import org.bukkit.event.Listener;

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/EncryptionUtil.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -32,8 +32,16 @@ import com.google.common.hash.Hashing;
 import com.google.common.io.Resources;
 import com.google.common.primitives.Longs;
 
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
 import java.io.IOException;
 import java.math.BigInteger;
+import java.net.URL;
+import java.nio.ByteBuffer;
 import java.nio.charset.StandardCharsets;
 import java.security.InvalidKeyException;
 import java.security.KeyFactory;
@@ -45,21 +53,14 @@ import java.security.PublicKey;
 import java.security.Signature;
 import java.security.SignatureException;
 import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
 import java.security.spec.X509EncodedKeySpec;
 import java.time.Instant;
 import java.util.Arrays;
 import java.util.Base64;
 import java.util.Base64.Encoder;
 import java.util.Random;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-
-import lombok.val;
+import java.util.UUID;
 
 /**
  * Encryption and decryption minecraft util for connection between servers
@@ -70,13 +71,15 @@ final class EncryptionUtil {
     public static final int VERIFY_TOKEN_LENGTH = 4;
     public static final String KEY_PAIR_ALGORITHM = "RSA";
 
-    private static final int RSA_LENGTH = 1_024;
+    private static final int RSA_LENGTH = 2_048;
 
     private static final PublicKey MOJANG_SESSION_KEY;
     private static final int LINE_LENGTH = 76;
     private static final Encoder KEY_ENCODER = Base64.getMimeEncoder(
             LINE_LENGTH, "\n".getBytes(StandardCharsets.UTF_8)
     );
+    private static final int MILLISECOND_SIZE = 8;
+    private static final int UUID_SIZE = 2 * MILLISECOND_SIZE;
 
     static {
         try {
@@ -146,7 +149,7 @@ final class EncryptionUtil {
         return new SecretKeySpec(decrypt(privateKey, sharedKey), "AES");
     }
 
-    public static boolean verifyClientKey(ClientPublicKey clientKey, Instant verifyTimestamp)
+    public static boolean verifyClientKey(ClientPublicKey clientKey, Instant verifyTimestamp, UUID premiumId)
             throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
         if (clientKey.isExpired(verifyTimestamp)) {
             return false;
@@ -155,10 +158,27 @@ final class EncryptionUtil {
         Signature verifier = Signature.getInstance("SHA1withRSA");
         // key of the signer
         verifier.initVerify(MOJANG_SESSION_KEY);
-        verifier.update(toSignable(clientKey).getBytes(StandardCharsets.US_ASCII));
+        verifier.update(toSignable(clientKey, premiumId));
         return verifier.verify(clientKey.signature());
     }
 
+    private static byte[] toSignable(ClientPublicKey clientPublicKey, UUID ownerPremiumId) {
+        if (ownerPremiumId == null) {
+            long expiry = clientPublicKey.expiry().toEpochMilli();
+            String encoded = KEY_ENCODER.encodeToString(clientPublicKey.key().getEncoded());
+            return (expiry + "-----BEGIN RSA PUBLIC KEY-----\n" + encoded + "\n-----END RSA PUBLIC KEY-----\n")
+                    .getBytes(StandardCharsets.US_ASCII);
+        }
+
+        byte[] keyData = clientPublicKey.key().getEncoded();
+        return ByteBuffer.allocate(keyData.length + UUID_SIZE + MILLISECOND_SIZE)
+                .putLong(ownerPremiumId.getMostSignificantBits())
+                .putLong(ownerPremiumId.getLeastSignificantBits())
+                .putLong(clientPublicKey.expiry().toEpochMilli())
+                .put(keyData)
+                .array();
+    }
+
     public static boolean verifyNonce(byte[] expected, PrivateKey decryptionKey, byte[] encryptedNonce)
             throws NoSuchPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException,
             BadPaddingException, InvalidKeyException {
@@ -179,19 +199,13 @@ final class EncryptionUtil {
 
     private static PublicKey loadMojangSessionKey()
             throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
-        val keyUrl = FastLoginBukkit.class.getClassLoader().getResource("yggdrasil_session_pubkey.der");
-        val keyData = Resources.toByteArray(keyUrl);
-        val keySpec = new X509EncodedKeySpec(keyData);
+        URL keyUrl = FastLoginBukkit.class.getClassLoader().getResource("yggdrasil_session_pubkey.der");
+        byte[] keyData = Resources.toByteArray(keyUrl);
+        KeySpec keySpec = new X509EncodedKeySpec(keyData);
 
         return KeyFactory.getInstance("RSA").generatePublic(keySpec);
     }
 
-    private static String toSignable(ClientPublicKey clientPublicKey) {
-        long expiry = clientPublicKey.expiry().toEpochMilli();
-        String encoded = KEY_ENCODER.encodeToString(clientPublicKey.key().getEncoded());
-        return expiry + "-----BEGIN RSA PUBLIC KEY-----\n" + encoded + "\n-----END RSA PUBLIC KEY-----\n";
-    }
-
     private static byte[] decrypt(PrivateKey key, byte[] data)
             throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException,
             IllegalBlockSizeException, BadPaddingException {

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ManualNameChange.java

@@ -1,101 +0,0 @@
-/*
- * SPDX-License-Identifier: MIT
- *
- * The MIT License (MIT)
- *
- * Copyright (c) 2015-2022 games647 and contributors
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in all
- * copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-package com.github.games647.fastlogin.bukkit.listener.protocollib;
-
-import com.comphenix.protocol.events.PacketAdapter;
-import com.comphenix.protocol.events.PacketContainer;
-import com.comphenix.protocol.events.PacketEvent;
-import com.comphenix.protocol.wrappers.WrappedGameProfile;
-import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
-import com.github.games647.fastlogin.core.hooks.bedrock.FloodgateService;
-
-import java.util.UUID;
-
-import org.geysermc.floodgate.api.FloodgateApi;
-
-import static com.comphenix.protocol.PacketType.Login.Client.START;
-
-/**
- * Manually inject Floodgate player name prefixes.
- * <br>
- * This is used as a workaround, because Floodgate fails to inject
- * the prefixes when it's used together with ProtocolLib and FastLogin.
- * <br>
- * For more information visit: <a href="https://github.com/games647/FastLogin/issues/493">...</a>
- */
-public class ManualNameChange extends PacketAdapter {
-
-    private final FloodgateService floodgate;
-
-    public ManualNameChange(FastLoginBukkit plugin, FloodgateService floodgate) {
-        super(params()
-                .plugin(plugin)
-                .types(START));
-
-        this.plugin = plugin;
-        this.floodgate = floodgate;
-    }
-
-    public static void register(FastLoginBukkit plugin, FloodgateService floodgate) {
-        // they will be created with a static builder, because otherwise it will throw a NoClassDefFoundError
-        // ProtocolLibrary.getProtocolManager()
-        //         .getAsynchronousManager()
-        //         .registerAsyncHandler(new ManualNameChange(plugin, floodgate))
-        //         .start();
-    }
-
-    @Override
-    public void onPacketReceiving(PacketEvent packetEvent) {
-        PacketContainer packet = packetEvent.getPacket();
-        String username = readUsername(packet);
-
-        if (floodgate.getBedrockPlayer(username) == null) {
-            //not a Floodgate player, no need to add a prefix
-            return;
-        }
-
-        packet.setMeta("original_name", username);
-        String prefixedName = FloodgateApi.getInstance().getPlayerPrefix() + username;
-        setUsername(packet, prefixedName);
-    }
-
-    private void setUsername(PacketContainer packet, String name) {
-        if (packet.getGameProfiles().size() > 0) {
-            WrappedGameProfile updatedProfile = new WrappedGameProfile(UUID.randomUUID(), name);
-            packet.getGameProfiles().write(0, updatedProfile);
-        } else {
-            packet.getStrings().write(0, name);
-        }
-    }
-
-    private String readUsername(PacketContainer packet) {
-        if (packet.getGameProfiles().size() > 0) {
-            return packet.getGameProfiles().read(0).getName();
-        } else {
-            return packet.getStrings().read(0);
-        }
-    }
-}

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/NameCheckTask.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,23 +25,23 @@
  */
 package com.github.games647.fastlogin.bukkit.listener.protocollib;
 
+import com.comphenix.protocol.ProtocolLibrary;
 import com.comphenix.protocol.events.PacketEvent;
 import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.bukkit.event.BukkitFastLoginPreLoginEvent;
 import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.JoinManagement;
 import com.github.games647.fastlogin.core.shared.event.FastLoginPreLoginEvent;
+import com.github.games647.fastlogin.core.storage.StoredProfile;
+import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
 
 import java.security.PublicKey;
 import java.util.Random;
 
-import org.bukkit.command.CommandSender;
-import org.bukkit.entity.Player;
-
 public class NameCheckTask extends JoinManagement<Player, CommandSender, ProtocolLibLoginSource>
-        implements Runnable {
+    implements Runnable {
 
     private final FastLoginBukkit plugin;
     private final PacketEvent packetEvent;
@@ -69,11 +69,11 @@ public class NameCheckTask extends JoinManagement<Player, CommandSender, Protoco
 
     @Override
     public void run() {
-        // try {
-        super.onLogin(username, new ProtocolLibLoginSource(player, random, serverKey, clientKey));
-        // } finally {
-        // ProtocolLibrary.getProtocolManager().getAsynchronousManager().signalPacketTransmission(packetEvent);
-        // }
+        try {
+            super.onLogin(username, new ProtocolLibLoginSource(player, random, serverKey, clientKey));
+        } finally {
+            ProtocolLibrary.getProtocolManager().getAsynchronousManager().signalPacketTransmission(packetEvent);
+        }
     }
 
     @Override
@@ -97,7 +97,7 @@ public class NameCheckTask extends JoinManagement<Player, CommandSender, Protoco
         }
 
         String ip = player.getAddress().getAddress().getHostAddress();
-        core.getPendingLogin().put(ip + username, new Object());
+        core.addLoginAttempt(ip, username);
 
         byte[] verify = source.getVerifyToken();
         ClientPublicKey clientKey = source.getClientKey();
@@ -105,9 +105,9 @@ public class NameCheckTask extends JoinManagement<Player, CommandSender, Protoco
         BukkitLoginSession playerSession = new BukkitLoginSession(username, verify, clientKey, registered, profile);
         plugin.putSession(player.getAddress(), playerSession);
         //cancel only if the player has a paid account otherwise login as normal offline player
-        // synchronized (packetEvent.getAsyncMarker().getProcessingLock()) {
-        packetEvent.setCancelled(true);
-        // }
+        synchronized (packetEvent.getAsyncMarker().getProcessingLock()) {
+            packetEvent.setCancelled(true);
+        }
     }
 
     @Override

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ProtocolLibListener.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -30,9 +30,14 @@ import com.comphenix.protocol.ProtocolLibrary;
 import com.comphenix.protocol.events.PacketAdapter;
 import com.comphenix.protocol.events.PacketContainer;
 import com.comphenix.protocol.events.PacketEvent;
+import com.comphenix.protocol.injector.netty.channel.NettyChannelInjector;
+import com.comphenix.protocol.injector.temporary.TemporaryPlayerFactory;
+import com.comphenix.protocol.reflect.FieldAccessException;
 import com.comphenix.protocol.reflect.FuzzyReflection;
+import com.comphenix.protocol.reflect.accessors.Accessors;
 import com.comphenix.protocol.utility.MinecraftVersion;
 import com.comphenix.protocol.wrappers.BukkitConverters;
+import com.comphenix.protocol.wrappers.Converters;
 import com.comphenix.protocol.wrappers.WrappedGameProfile;
 import com.comphenix.protocol.wrappers.WrappedProfilePublicKey.WrappedProfileKeyData;
 import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
@@ -41,7 +46,16 @@ import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPu
 import com.github.games647.fastlogin.core.antibot.AntiBotService;
 import com.github.games647.fastlogin.core.antibot.AntiBotService.Action;
 import com.mojang.datafixers.util.Either;
+import io.netty.channel.Channel;
+import io.netty.channel.ChannelHandler;
+import io.netty.util.AttributeKey;
+import org.bukkit.entity.Player;
+import org.geysermc.floodgate.api.player.FloodgatePlayer;
+import org.jetbrains.annotations.NotNull;
 
+import javax.crypto.BadPaddingException;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
 import java.net.InetSocketAddress;
 import java.security.InvalidKeyException;
 import java.security.KeyPair;
@@ -50,24 +64,15 @@ import java.security.PublicKey;
 import java.security.SecureRandom;
 import java.security.SignatureException;
 import java.time.Instant;
-import java.util.Objects;
 import java.util.Optional;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-
-import lombok.var;
-import org.bukkit.entity.Player;
-import org.jetbrains.annotations.Nullable;
+import java.util.UUID;
+import java.util.function.Function;
 
 import static com.comphenix.protocol.PacketType.Login.Client.ENCRYPTION_BEGIN;
 import static com.comphenix.protocol.PacketType.Login.Client.START;
 
 public class ProtocolLibListener extends PacketAdapter {
 
-    public static final String SOURCE_META_KEY = "source";
-
     private final FastLoginBukkit plugin;
 
     //just create a new once on plugin enable. This used for verify token generation
@@ -77,14 +82,12 @@ public class ProtocolLibListener extends PacketAdapter {
 
     private final boolean verifyClientKeys;
 
-    @Nullable
-    private PacketContainer lastStartPacket;
-
     public ProtocolLibListener(FastLoginBukkit plugin, AntiBotService antiBotService, boolean verifyClientKeys) {
         //run async in order to not block the server, because we are making api calls to Mojang
         super(params()
                 .plugin(plugin)
-                .types(START, ENCRYPTION_BEGIN));
+                .types(START, ENCRYPTION_BEGIN)
+                .optionAsync());
 
         this.plugin = plugin;
         this.antiBotService = antiBotService;
@@ -95,73 +98,77 @@ public class ProtocolLibListener extends PacketAdapter {
         // they will be created with a static builder, because otherwise it will throw a NoClassDefFoundError
         // TODO: make synchronous processing, but do web or database requests async
         ProtocolLibrary.getProtocolManager()
-                .addPacketListener(new ProtocolLibListener(plugin, antiBotService, verifyClientKeys));
+                .getAsynchronousManager()
+                .registerAsyncHandler(new ProtocolLibListener(plugin, antiBotService, verifyClientKeys))
+                .start();
     }
 
     @Override
     public void onPacketReceiving(PacketEvent packetEvent) {
-        PacketContainer packet = packetEvent.getPacket();
-        plugin.getLog().info("New packet {} from {}; Cancellation: {}, Meta: {}",
-                packetEvent.getPacketType(), packetEvent.getPlayer(), packetEvent.isCancelled(),
-                packet.getMeta(SOURCE_META_KEY)
-        );
-
-        if (packetEvent.getPacketType() == START) {
-            if (lastStartPacket != null) {
-                plugin.getLog().info("Start-packet equality (Last/New): {}/{}, {}",
-                        lastStartPacket.getHandle().hashCode(), packet.getHandle().hashCode(),
-                        Objects.equals(lastStartPacket.getHandle(), packet.getHandle())
-                );
-
-                plugin.getLog().info("Content: {}, {}", lastStartPacket.getHandle(), packet.getHandle());
-            }
-
-            lastStartPacket = packet;
-        }
-
         if (packetEvent.isCancelled()
                 || plugin.getCore().getAuthPluginHook() == null
                 || !plugin.isServerFullyStarted()) {
             return;
         }
 
-        if (isFastLoginPacket(packetEvent)) {
-            // this is our own packet
-            return;
-        }
-
         Player sender = packetEvent.getPlayer();
-        PacketType packetType = packetEvent.getPacketType();
-        if (packetType == START) {
-            // PacketContainer packet = packet;
+        PacketType packetType = getOverriddenType(packetEvent.getPacketType());
 
-            InetSocketAddress address = sender.getAddress();
-            String username = getUsername(packet);
+        plugin.getLog().info("New incoming packet {} from {}", packetType, sender.getName());
+        try {
+            if (packetType == START) {
+                if (plugin.getFloodgateService() != null) {
+                    boolean success = processFloodgateTasks(packetEvent);
+                    if (!success) {
+                        // don't continue execution if the player was kicked by Floodgate
+                        return;
+                    }
+                }
 
-            Action action = antiBotService.onIncomingConnection(address, username);
-            switch (action) {
-                case Ignore:
-                    // just ignore
-                    return;
-                case Block:
-                    String message = plugin.getCore().getMessage("kick-antibot");
-                    sender.kickPlayer(message);
-                    break;
-                case Continue:
-                default:
-                    //player.getName() won't work at this state
-                    onLoginStart(packetEvent, sender, username);
-                    break;
+                PacketContainer packet = packetEvent.getPacket();
+
+                InetSocketAddress address = sender.getAddress();
+                String username = getUsername(packet);
+
+                Action action = antiBotService.onIncomingConnection(address, username);
+                switch (action) {
+                    case Ignore:
+                        // just ignore
+                        return;
+                    case Block:
+                        String message = plugin.getCore().getMessage("kick-antibot");
+                        sender.kickPlayer(message);
+                        break;
+                    case Continue:
+                    default:
+                        //player.getName() won't work at this state
+                        onLoginStart(packetEvent, sender, username);
+                        break;
+                }
+            } else if (packetType == ENCRYPTION_BEGIN) {
+                onEncryptionBegin(packetEvent, sender);
+            } else {
+                plugin.getLog().warn("Unknown packet type received {}", packetType);
             }
-        } else {
-            onEncryptionBegin(packetEvent, sender);
+        } catch (FieldAccessException fieldAccessEx) {
+            plugin.getLog().error("Failed to parse packet {}", packetEvent.getPacketType(), fieldAccessEx);
         }
     }
 
-    private boolean isFastLoginPacket(PacketEvent packetEvent) {
-        return packetEvent.getPacket().getMeta(SOURCE_META_KEY)
-                .map(val -> val.equals(plugin.getName()))
-                .orElse(false);
+    private @NotNull PacketType getOverriddenType(PacketType packetType) {
+        if (packetType.isDynamic()) {
+            String vanillaName = packetType.getPacketClass().getName();
+            plugin.getLog().info("Overriding packet type for unregistered packet type to fix ProtocolLib bug");
+            if (vanillaName.endsWith("ServerboundHelloPacket")) {
+                return START;
+            }
+
+            if (vanillaName.endsWith("ServerboundKeyPacket")) {
+                return ENCRYPTION_BEGIN;
+            }
+        }
+
+        return packetType;
     }
 
     private void onEncryptionBegin(PacketEvent packetEvent, Player sender) {
@@ -174,13 +181,12 @@ public class ProtocolLibListener extends PacketAdapter {
         } else {
             byte[] expectedVerifyToken = session.getVerifyToken();
             if (verifyNonce(sender, packetEvent.getPacket(), session.getClientPublicKey(), expectedVerifyToken)) {
-                // packetEvent.getAsyncMarker().incrementProcessingDelay();
+                packetEvent.getAsyncMarker().incrementProcessingDelay();
 
                 Runnable verifyTask = new VerifyResponseTask(
                         plugin, packetEvent, sender, session, sharedSecret, keyPair
                 );
-                verifyTask.run();
-                // plugin.getScheduler().runAsync(verifyTask);
+                plugin.getScheduler().runAsync(verifyTask);
             } else {
                 sender.kickPlayer(plugin.getCore().getMessage("invalid-verify-token"));
             }
@@ -190,7 +196,8 @@ public class ProtocolLibListener extends PacketAdapter {
     private boolean verifyNonce(Player sender, PacketContainer packet,
                                 ClientPublicKey clientPublicKey, byte[] expectedToken) {
         try {
-            if (MinecraftVersion.atOrAbove(new MinecraftVersion(1, 19, 0))) {
+            if (new MinecraftVersion(1, 19, 0).atOrAbove()
+                    && !new MinecraftVersion(1, 19, 3).atOrAbove()) {
                 Either<byte[], ?> either = packet.getSpecificModifier(Either.class).read(0);
                 if (clientPublicKey == null) {
                     Optional<byte[]> left = either.left();
@@ -232,48 +239,50 @@ public class ProtocolLibListener extends PacketAdapter {
         //remove old data every time on a new login in order to keep the session only for one person
         plugin.removeSession(player.getAddress());
 
-        if (packetEvent.getPacket().getMeta("original_name").isPresent()) {
-            //username has been injected by ManualNameChange.java
-            username = (String) packetEvent.getPacket().getMeta("original_name").get();
-        }
-
         PacketContainer packet = packetEvent.getPacket();
-        var profileKey = packet.getOptionals(BukkitConverters.getWrappedPublicKeyDataConverter())
-                .optionRead(0);
+        Optional<ClientPublicKey> clientKey;
+        if (new MinecraftVersion(1, 19, 3).atOrAbove()) {
+            // public key is sent separate
+            clientKey = Optional.empty();
+        } else {
+            Optional<Optional<WrappedProfileKeyData>> profileKey = packet.getOptionals(
+                            BukkitConverters.getWrappedPublicKeyDataConverter()
+                    ).optionRead(0);
 
-        var clientKey = profileKey.flatMap(opt -> opt).flatMap(this::verifyPublicKey);
-        if (verifyClientKeys && !clientKey.isPresent()) {
-            // missing or incorrect
-            // expired always not allowed
-            player.kickPlayer(plugin.getCore().getMessage("invalid-public-key"));
-            plugin.getLog().warn("Invalid public key from player {}", username);
-            return;
+            clientKey = profileKey.flatMap(Function.identity()).flatMap(data -> {
+                Instant expires = data.getExpireTime();
+                PublicKey key = data.getKey();
+                byte[] signature = data.getSignature();
+                return Optional.of(ClientPublicKey.of(expires, key, signature));
+            });
+
+            // start reading from index 1, because 0 is already used by the public key
+            Optional<UUID> sessionUUID = packet.getOptionals(Converters.passthrough(UUID.class)).readSafely(1);
+            if (verifyClientKeys && sessionUUID.isPresent() && clientKey.isPresent()
+                    && verifyPublicKey(clientKey.get(), sessionUUID.get())) {
+                // missing or incorrect
+                // expired always not allowed
+                player.kickPlayer(plugin.getCore().getMessage("invalid-public-key"));
+                plugin.getLog().warn("Invalid public key from player {}", username);
+                return;
+            }
         }
 
         plugin.getLog().trace("GameProfile {} with {} connecting", sessionKey, username);
 
-        // packetEvent.getAsyncMarker().incrementProcessingDelay();
+        packetEvent.getAsyncMarker().incrementProcessingDelay();
         Runnable nameCheckTask = new NameCheckTask(
                 plugin, random, player, packetEvent, username, clientKey.orElse(null), keyPair.getPublic()
         );
-        // plugin.getScheduler().runAsync(nameCheckTask);
-        nameCheckTask.run();
+        plugin.getScheduler().runAsync(nameCheckTask);
     }
 
-    private Optional<ClientPublicKey> verifyPublicKey(WrappedProfileKeyData profileKey) {
-        Instant expires = profileKey.getExpireTime();
-        PublicKey key = profileKey.getKey();
-        byte[] signature = profileKey.getSignature();
-        ClientPublicKey clientKey = ClientPublicKey.of(expires, key, signature);
+    private boolean verifyPublicKey(ClientPublicKey clientKey, UUID sessionPremiumUUID) {
         try {
-            if (EncryptionUtil.verifyClientKey(clientKey, Instant.now())) {
-                return Optional.of(clientKey);
-            }
+            return EncryptionUtil.verifyClientKey(clientKey, Instant.now(), sessionPremiumUUID);
         } catch (SignatureException | InvalidKeyException | NoSuchAlgorithmException ex) {
-            return Optional.empty();
+            return false;
         }
-
-        return Optional.empty();
     }
 
     private String getUsername(PacketContainer packet) {
@@ -285,4 +294,57 @@ public class ProtocolLibListener extends PacketAdapter {
         //player.getName() won't work at this state
         return profile.getName();
     }
+
+    private FloodgatePlayer getFloodgatePlayer(Player player) {
+        Channel channel = getChannel(player);
+        AttributeKey<FloodgatePlayer> floodgateAttribute = AttributeKey.valueOf("floodgate-player");
+        return channel.attr(floodgateAttribute).get();
+    }
+
+    private static Channel getChannel(Player player) {
+        NettyChannelInjector injector = (NettyChannelInjector) Accessors.getMethodAccessorOrNull(
+                        TemporaryPlayerFactory.class, "getInjectorFromPlayer", Player.class
+                ).invoke(null, player);
+        return FuzzyReflection.getFieldValue(injector, Channel.class, true);
+    }
+
+    /**
+     * Reimplementation of the tasks injected Floodgate in ProtocolLib that are not run due to a bug
+     * @see <a href="https://github.com/GeyserMC/Floodgate/issues/143">Issue Floodgate#143</a>
+     * @see <a href="https://github.com/GeyserMC/Floodgate/blob/5d5713ed9e9eeab0f4abdaa9cf5cd8619dc1909b/spigot/src/main/java/org/geysermc/floodgate/addon/data/SpigotDataHandler.java#L121-L175">Floodgate/SpigotDataHandler</a>
+     * @param packetEvent the PacketEvent that won't be processed by Floodgate
+     * @return false if the player was kicked
+     */
+    private boolean processFloodgateTasks(PacketEvent packetEvent) {
+        PacketContainer packet = packetEvent.getPacket();
+        Player player = packetEvent.getPlayer();
+        FloodgatePlayer floodgatePlayer = getFloodgatePlayer(player);
+        if (floodgatePlayer == null) {
+            return true;
+        }
+
+        // kick the player, if necessary
+        Channel channel = getChannel(packetEvent.getPlayer());
+        AttributeKey<String> kickMessageAttribute = AttributeKey.valueOf("floodgate-kick-message");
+        String kickMessage = channel.attr(kickMessageAttribute).get();
+        if (kickMessage != null) {
+            player.kickPlayer(kickMessage);
+            return false;
+        }
+
+        // add prefix
+        String username = floodgatePlayer.getCorrectUsername();
+        if (packet.getGameProfiles().size() > 0) {
+            packet.getGameProfiles().write(0,
+                    new WrappedGameProfile(floodgatePlayer.getCorrectUniqueId(), username));
+        } else {
+            packet.getStrings().write(0, username);
+        }
+
+        // remove real Floodgate data handler
+        ChannelHandler floodgateHandler = channel.pipeline().get("floodgate_data_handler");
+        channel.pipeline().remove(floodgateHandler);
+
+        return true;
+    }
 }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ProtocolLibLoginSource.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -32,14 +32,13 @@ import com.comphenix.protocol.reflect.StructureModifier;
 import com.comphenix.protocol.wrappers.WrappedChatComponent;
 import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
 import com.github.games647.fastlogin.core.shared.LoginSource;
+import org.bukkit.entity.Player;
 
 import java.net.InetSocketAddress;
 import java.security.PublicKey;
 import java.util.Arrays;
 import java.util.Random;
 
-import org.bukkit.entity.Player;
-
 import static com.comphenix.protocol.PacketType.Login.Server.DISCONNECT;
 import static com.comphenix.protocol.PacketType.Login.Server.ENCRYPTION_BEGIN;
 
@@ -52,7 +51,6 @@ class ProtocolLibLoginSource implements LoginSource {
     private final ClientPublicKey clientKey;
     private final PublicKey publicKey;
 
-    private final String serverId = "";
     private byte[] verifyToken;
 
     ProtocolLibLoginSource(Player player, Random random, PublicKey serverPublicKey, ClientPublicKey clientKey) {
@@ -73,7 +71,7 @@ class ProtocolLibLoginSource implements LoginSource {
          */
         PacketContainer newPacket = new PacketContainer(ENCRYPTION_BEGIN);
 
-        newPacket.getStrings().write(0, serverId);
+        newPacket.getStrings().write(0, "");
         StructureModifier<PublicKey> keyModifier = newPacket.getSpecificModifier(PublicKey.class);
         int verifyField = 0;
         if (keyModifier.getFields().isEmpty()) {
@@ -85,6 +83,8 @@ class ProtocolLibLoginSource implements LoginSource {
         }
 
         newPacket.getByteArrays().write(verifyField, verifyToken);
+        // shouldAuthenticate, but why does this field even exist?
+        newPacket.getBooleans().writeSafely(0, true);
 
         //serverId is an empty string
         ProtocolLibrary.getProtocolManager().sendServerPacket(player, newPacket);
@@ -116,10 +116,6 @@ class ProtocolLibLoginSource implements LoginSource {
         return clientKey;
     }
 
-    public String getServerId() {
-        return serverId;
-    }
-
     public byte[] getVerifyToken() {
         return verifyToken.clone();
     }
@@ -129,7 +125,6 @@ class ProtocolLibLoginSource implements LoginSource {
         return this.getClass().getSimpleName() + '{'
             + "player=" + player
             + ", random=" + random
-            + ", serverId='" + serverId + '\''
             + ", verifyToken=" + Arrays.toString(verifyToken)
             + '}';
     }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/SkinApplyListener.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -30,7 +30,6 @@ import com.comphenix.protocol.wrappers.WrappedSignedProperty;
 import com.github.games647.craftapi.model.skin.Textures;
 import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
-
 import org.bukkit.entity.Player;
 import org.bukkit.event.EventHandler;
 import org.bukkit.event.EventPriority;

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -28,14 +28,18 @@ package com.github.games647.fastlogin.bukkit.listener.protocollib;
 import com.comphenix.protocol.ProtocolLibrary;
 import com.comphenix.protocol.events.PacketContainer;
 import com.comphenix.protocol.events.PacketEvent;
+import com.comphenix.protocol.injector.netty.channel.NettyChannelInjector;
+import com.comphenix.protocol.injector.packet.PacketRegistry;
 import com.comphenix.protocol.injector.temporary.TemporaryPlayerFactory;
 import com.comphenix.protocol.reflect.EquivalentConverter;
 import com.comphenix.protocol.reflect.FuzzyReflection;
 import com.comphenix.protocol.reflect.accessors.Accessors;
+import com.comphenix.protocol.reflect.accessors.ConstructorAccessor;
 import com.comphenix.protocol.reflect.accessors.FieldAccessor;
 import com.comphenix.protocol.utility.MinecraftReflection;
 import com.comphenix.protocol.utility.MinecraftVersion;
 import com.comphenix.protocol.wrappers.BukkitConverters;
+import com.comphenix.protocol.wrappers.Converters;
 import com.comphenix.protocol.wrappers.WrappedChatComponent;
 import com.comphenix.protocol.wrappers.WrappedGameProfile;
 import com.comphenix.protocol.wrappers.WrappedProfilePublicKey.WrappedProfileKeyData;
@@ -44,8 +48,12 @@ import com.github.games647.craftapi.model.skin.SkinProperty;
 import com.github.games647.craftapi.resolver.MojangResolver;
 import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.InetUtils;
 import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
+import org.bukkit.entity.Player;
 
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
 import java.io.IOException;
 import java.lang.reflect.Method;
 import java.net.InetAddress;
@@ -58,25 +66,19 @@ import java.util.Arrays;
 import java.util.Optional;
 import java.util.UUID;
 
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-
-import lombok.val;
-import org.bukkit.entity.Player;
-
 import static com.comphenix.protocol.PacketType.Login.Client.START;
 import static com.comphenix.protocol.PacketType.Login.Server.DISCONNECT;
 
 public class VerifyResponseTask implements Runnable {
 
     private static final String ENCRYPTION_CLASS_NAME = "MinecraftEncryption";
-    private static final Class<?> ENCRYPTION_CLASS;
-
-    static {
-        ENCRYPTION_CLASS = MinecraftReflection.getMinecraftClass(
-                "util." + ENCRYPTION_CLASS_NAME, ENCRYPTION_CLASS_NAME
-        );
-    }
+    private static final String ADDRESS_VERIFY_WARNING = "This indicates the use of reverse-proxy like HAProxy, "
+            + "TCPShield, BungeeCord, Velocity, etc. "
+            + "By default (configurable in the config) this plugin requests Mojang to verify the connecting IP "
+            + "to this server with the one used to log into Minecraft to prevent MITM attacks. In "
+            + "order to work this security feature, the actual client IP needs to be forwarding "
+            + "(keyword IP forwarding). This process will also be useful for other server "
+            + "features like IP banning, so that it doesn't ban the proxy IP.";
 
     private final FastLoginBukkit plugin;
     private final PacketEvent packetEvent;
@@ -89,6 +91,8 @@ public class VerifyResponseTask implements Runnable {
     private final byte[] sharedSecret;
 
     private static Method encryptMethod;
+    private static Method encryptKeyMethod;
+
     private static Method cipherMethod;
 
     public VerifyResponseTask(FastLoginBukkit plugin, PacketEvent packetEvent,
@@ -108,11 +112,11 @@ public class VerifyResponseTask implements Runnable {
             verifyResponse(session);
         } finally {
             //this is a fake packet; it shouldn't be sent to the server
-            // synchronized (packetEvent.getAsyncMarker().getProcessingLock()) {
-            packetEvent.setCancelled(true);
-            // }
+            synchronized (packetEvent.getAsyncMarker().getProcessingLock()) {
+                packetEvent.setCancelled(true);
+            }
 
-            // ProtocolLibrary.getProtocolManager().getAsynchronousManager().signalPacketTransmission(packetEvent);
+            ProtocolLibrary.getProtocolManager().getAsynchronousManager().signalPacketTransmission(packetEvent);
         }
     }
 
@@ -150,9 +154,26 @@ public class VerifyResponseTask implements Runnable {
                 //user tried to fake an authentication
                 disconnect(
                         "invalid-session",
-                        "GameProfile {} ({}) tried to log in with an invalid session. ServerId: {}",
-                        session.getRequestUsername(), socketAddress, serverId
+                        "Session server rejected incoming connection for GameProfile {} ({}). Possible reasons are "
+                                + "1) Client IP address contacting Mojang and server during server join were different "
+                                + "(Do you use a reverse proxy? -> Enable IP forwarding, "
+                                + "or disable the feature in the config). "
+                                + "2) Player is offline, but tried to bypass the authentication "
+                                + "3) Client uses an outdated username for connecting (Fix: Restart client)",
+                        requestedUsername, address
                 );
+
+                if (InetUtils.isLocalAddress(address)) {
+                    plugin.getLog().warn(
+                            "The incoming request for player {} uses a local IP address",
+                            requestedUsername
+                    );
+                } else {
+                    plugin.getLog().warn("If you think this is an error, please verify that the incoming "
+                            + "IP address {} is not associated with a server hosting company.", address);
+                }
+
+                plugin.getLog().warn(ADDRESS_VERIFY_WARNING);
             }
         } catch (IOException ioEx) {
             disconnect("error-kick", "Failed to connect to session server", ioEx);
@@ -174,10 +195,10 @@ public class VerifyResponseTask implements Runnable {
 
         session.setVerifiedUsername(realUsername);
         session.setUuid(verification.getId());
-        session.setVerified(true);
+        session.setVerifiedPremium(true);
 
         setPremiumUUID(session.getUuid());
-        receiveFakeStartPacket(realUsername, session.getClientPublicKey());
+        receiveFakeStartPacket(realUsername, session.getClientPublicKey(), session.getUuid());
     }
 
     private void setPremiumUUID(UUID premiumUUID) {
@@ -197,34 +218,36 @@ public class VerifyResponseTask implements Runnable {
 
     //try to get the networkManager from ProtocolLib
     private Object getNetworkManager() throws ClassNotFoundException {
-        Object injectorContainer = TemporaryPlayerFactory.getInjectorFromPlayer(player);
+        NettyChannelInjector injectorContainer = (NettyChannelInjector) Accessors.getMethodAccessorOrNull(
+                TemporaryPlayerFactory.class, "getInjectorFromPlayer", Player.class
+        ).invoke(null, player);
 
-        // ChannelInjector
-        Class<?> injectorClass = Class.forName("com.comphenix.protocol.injector.netty.Injector");
-        Object rawInjector = FuzzyReflection.getFieldValue(injectorContainer, injectorClass, true);
-
-        Class<?> rawInjectorClass = rawInjector.getClass();
-        FieldAccessor accessor = Accessors.getFieldAccessorOrNull(rawInjectorClass, "networkManager", Object.class);
-        return accessor.get(rawInjector);
+        FieldAccessor accessor = Accessors.getFieldAccessorOrNull(
+                NettyChannelInjector.class, "networkManager", Object.class
+        );
+        return accessor.get(injectorContainer);
     }
 
     private boolean enableEncryption(SecretKey loginKey) throws IllegalArgumentException {
         plugin.getLog().info("Enabling onlinemode encryption for {}", player.getAddress());
         // Initialize method reflections
-        if (encryptMethod == null) {
+        if (encryptKeyMethod == null || encryptMethod == null) {
             Class<?> networkManagerClass = MinecraftReflection.getNetworkManagerClass();
-
             try {
                 // Try to get the old (pre MC 1.16.4) encryption method
-                encryptMethod = FuzzyReflection.fromClass(networkManagerClass)
+                encryptKeyMethod = FuzzyReflection.fromClass(networkManagerClass)
                         .getMethodByParameters("a", SecretKey.class);
             } catch (IllegalArgumentException exception) {
                 // Get the new encryption method
                 encryptMethod = FuzzyReflection.fromClass(networkManagerClass)
                         .getMethodByParameters("a", Cipher.class, Cipher.class);
 
+                Class<?> encryptionClass = MinecraftReflection.getMinecraftClass(
+                        "util." + ENCRYPTION_CLASS_NAME, ENCRYPTION_CLASS_NAME
+                );
+
                 // Get the needed Cipher helper method (used to generate ciphers from login key)
-                cipherMethod = FuzzyReflection.fromClass(ENCRYPTION_CLASS)
+                cipherMethod = FuzzyReflection.fromClass(encryptionClass)
                         .getMethodByParameters("a", int.class, Key.class);
             }
         }
@@ -233,9 +256,9 @@ public class VerifyResponseTask implements Runnable {
             Object networkManager = this.getNetworkManager();
 
             // If cipherMethod is null - use old encryption (pre MC 1.16.4), otherwise use the new cipher one
-            if (cipherMethod == null) {
+            if (encryptKeyMethod != null) {
                 // Encrypt/decrypt packet flow, this behaviour is expected by the client
-                encryptMethod.invoke(networkManager, loginKey);
+                encryptKeyMethod.invoke(networkManager, loginKey);
             } else {
                 // Create ciphers from login key
                 Object decryptionCipher = cipherMethod.invoke(null, Cipher.DECRYPT_MODE, loginKey);
@@ -268,15 +291,22 @@ public class VerifyResponseTask implements Runnable {
     }
 
     //fake a new login packet in order to let the server handle all the other stuff
-    private void receiveFakeStartPacket(String username, ClientPublicKey clientKey) {
-        //see StartPacketListener for packet information
-        PacketContainer startPacket = new PacketContainer(START);
-
-        if (MinecraftVersion.atOrAbove(new MinecraftVersion(1, 19, 0))) {
+    private void receiveFakeStartPacket(String username, ClientPublicKey clientKey, UUID uuid) {
+        PacketContainer startPacket;
+        if (new MinecraftVersion(1, 20, 2).atOrAbove()) {
+            startPacket = new PacketContainer(START);
+            startPacket.getStrings().write(0, username);
+            startPacket.getUUIDs().write(0, uuid);
+        } else if (new MinecraftVersion(1, 19, 3).atOrAbove()) {
+            startPacket = new PacketContainer(START);
+            startPacket.getStrings().write(0, username);
+            startPacket.getOptionals(Converters.passthrough(UUID.class)).write(0, Optional.of(uuid));
+        } else if (new MinecraftVersion(1, 19, 0).atOrAbove()) {
+            startPacket = new PacketContainer(START);
             startPacket.getStrings().write(0, username);
 
             EquivalentConverter<WrappedProfileKeyData> converter = BukkitConverters.getWrappedPublicKeyDataConverter();
-            val wrappedKey = Optional.ofNullable(clientKey).map(key ->
+            Optional<WrappedProfileKeyData> wrappedKey = Optional.ofNullable(clientKey).map(key ->
                     new WrappedProfileKeyData(clientKey.expiry(), clientKey.key(), clientKey.signature())
             );
 
@@ -284,12 +314,14 @@ public class VerifyResponseTask implements Runnable {
         } else {
             //uuid is ignored by the packet definition
             WrappedGameProfile fakeProfile = new WrappedGameProfile(UUID.randomUUID(), username);
-            startPacket.getGameProfiles().write(0, fakeProfile);
+
+            Class<?> profileHandleType = fakeProfile.getHandleType();
+            Class<?> packetHandleType = PacketRegistry.getPacketClassFromType(START);
+            ConstructorAccessor startCons = Accessors.getConstructorAccessorOrNull(packetHandleType, profileHandleType);
+            startPacket = new PacketContainer(START, startCons.invoke(fakeProfile.getHandle()));
         }
 
         //we don't want to handle our own packets so ignore filters
-        startPacket.setMeta(ProtocolLibListener.SOURCE_META_KEY, plugin.getName());
-        ProtocolLibrary.getProtocolManager().receiveClientPacket(player, startPacket, true);
-        plugin.getLog().info("Sending new fake login start packet to {}-{}", player, username);
+        ProtocolLibrary.getProtocolManager().receiveClientPacket(player, startPacket, false);
     }
 }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/packet/ClientPublicKey.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,18 +27,47 @@ package com.github.games647.fastlogin.bukkit.listener.protocollib.packet;
 
 import java.security.PublicKey;
 import java.time.Instant;
+import java.util.Base64;
+import java.util.StringJoiner;
 
-import lombok.Value;
-import lombok.experimental.Accessors;
-
-@Accessors(fluent = true)
-@Value(staticConstructor = "of")
 public class ClientPublicKey {
-    Instant expiry;
-    PublicKey key;
-    byte[] signature;
+
+    private final Instant expiry;
+    private final PublicKey key;
+    private final byte[] signature;
+
+    public Instant expiry() {
+        return expiry;
+    }
+
+    public PublicKey key() {
+        return key;
+    }
+
+    public byte[] signature() {
+        return signature;
+    }
+
+    public ClientPublicKey(Instant expiry, PublicKey key, byte[] signature) {
+        this.expiry = expiry;
+        this.key = key;
+        this.signature = signature;
+    }
+
+    public static ClientPublicKey of(Instant expiry, PublicKey key, byte[] signature) {
+        return new ClientPublicKey(expiry, key, signature);
+    }
 
     public boolean isExpired(Instant verifyTimestamp) {
         return !verifyTimestamp.isBefore(expiry);
     }
+
+    @Override
+    public String toString() {
+        return new StringJoiner(", ", ClientPublicKey.class.getSimpleName() + '[', "]")
+                .add("expiry=" + expiry)
+                .add("key=" + Base64.getEncoder().encodeToString(key.getEncoded()))
+                .add("signature=" + Base64.getEncoder().encodeToString(signature))
+                .toString();
+    }
 }

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocolsupport/ProtocolLoginSource.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -26,11 +26,10 @@
 package com.github.games647.fastlogin.bukkit.listener.protocolsupport;
 
 import com.github.games647.fastlogin.core.shared.LoginSource;
+import protocolsupport.api.events.PlayerLoginStartEvent;
 
 import java.net.InetSocketAddress;
 
-import protocolsupport.api.events.PlayerLoginStartEvent;
-
 public class ProtocolLoginSource implements LoginSource {
 
     private final PlayerLoginStartEvent loginStartEvent;

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocolsupport/ProtocolSupportListener.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,15 +29,11 @@ import com.github.games647.craftapi.UUIDAdapter;
 import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.bukkit.event.BukkitFastLoginPreLoginEvent;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.antibot.AntiBotService;
 import com.github.games647.fastlogin.core.antibot.AntiBotService.Action;
 import com.github.games647.fastlogin.core.shared.JoinManagement;
 import com.github.games647.fastlogin.core.shared.event.FastLoginPreLoginEvent;
-
-import java.net.InetSocketAddress;
-import java.util.Optional;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import org.bukkit.command.CommandSender;
 import org.bukkit.entity.Player;
 import org.bukkit.event.EventHandler;
@@ -46,6 +42,9 @@ import protocolsupport.api.events.ConnectionCloseEvent;
 import protocolsupport.api.events.PlayerLoginStartEvent;
 import protocolsupport.api.events.PlayerProfileCompleteEvent;
 
+import java.net.InetSocketAddress;
+import java.util.Optional;
+
 public class ProtocolSupportListener extends JoinManagement<Player, CommandSender, ProtocolLoginSource>
         implements Listener {
 
@@ -102,7 +101,7 @@ public class ProtocolSupportListener extends JoinManagement<Player, CommandSende
         BukkitLoginSession session = plugin.getSession(address);
 
         if (session != null && profileCompleteEvent.getConnection().getProfile().isOnlineMode()) {
-            session.setVerified(true);
+            session.setVerifiedPremium(true);
 
             if (!plugin.getConfig().getBoolean("premiumUuid")) {
                 String username = Optional.ofNullable(profileCompleteEvent.getForcedName())
@@ -126,7 +125,7 @@ public class ProtocolSupportListener extends JoinManagement<Player, CommandSende
         source.enableOnlinemode();
 
         String ip = source.getAddress().getAddress().getHostAddress();
-        plugin.getCore().getPendingLogin().put(ip + username, new Object());
+        plugin.getCore().addLoginAttempt(ip, username);
 
         BukkitLoginSession playerSession = new BukkitLoginSession(username, registered, profile);
         plugin.putSession(source.getAddress(), playerSession);

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/task/DelayedAuthHook.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -32,16 +32,16 @@ import com.github.games647.fastlogin.bukkit.hook.LogItHook;
 import com.github.games647.fastlogin.bukkit.hook.LoginSecurityHook;
 import com.github.games647.fastlogin.bukkit.hook.UltraAuthHook;
 import com.github.games647.fastlogin.bukkit.hook.XAuthHook;
+import com.github.games647.fastlogin.bukkit.hook.PasskyHook;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+import org.bukkit.Bukkit;
+import org.bukkit.entity.Player;
+import org.bukkit.event.Listener;
 
 import java.lang.reflect.Constructor;
 import java.util.Arrays;
 import java.util.List;
 
-import org.bukkit.Bukkit;
-import org.bukkit.entity.Player;
-import org.bukkit.event.Listener;
-
 public class DelayedAuthHook implements Runnable {
 
     private final FastLoginBukkit plugin;
@@ -95,7 +95,7 @@ public class DelayedAuthHook implements Runnable {
         try {
             List<Class<? extends AuthPlugin<Player>>> hooks = Arrays.asList(AuthMeHook.class,
                     CrazyLoginHook.class, LogItHook.class, LoginSecurityHook.class, UltraAuthHook.class,
-                    XAuthHook.class);
+                    XAuthHook.class, PasskyHook.class);
 
             for (Class<? extends AuthPlugin<Player>> clazz : hooks) {
                 String pluginName = clazz.getSimpleName();

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/task/FloodgateAuthTask.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,15 +29,14 @@ import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.FloodgateManagement;
-
-import java.net.InetSocketAddress;
-import java.util.UUID;
-
 import org.bukkit.Bukkit;
 import org.bukkit.command.CommandSender;
 import org.bukkit.entity.Player;
 import org.geysermc.floodgate.api.player.FloodgatePlayer;
 
+import java.net.InetSocketAddress;
+import java.util.UUID;
+
 public class FloodgateAuthTask extends FloodgateManagement<Player, CommandSender, BukkitLoginSession, FastLoginBukkit> {
 
     public FloodgateAuthTask(FastLoginCore<Player, CommandSender, FastLoginBukkit> core, Player player,
@@ -50,7 +49,7 @@ public class FloodgateAuthTask extends FloodgateManagement<Player, CommandSender
         BukkitLoginSession session = new BukkitLoginSession(player.getName(), isRegistered, profile);
 
         // enable auto login based on the value of 'autoLoginFloodgate' in config.yml
-        session.setVerified(isAutoAuthAllowed(autoLoginFloodgate));
+        session.setVerifiedPremium(isAutoAuthAllowed(autoLoginFloodgate));
 
         // run login task
         Runnable forceLoginTask = new ForceLoginTask(core.getPlugin().getCore(), player, session);

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/task/ForceLoginTask.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,20 +29,19 @@ import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
 import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
 import com.github.games647.fastlogin.bukkit.event.BukkitFastLoginAutoLoginEvent;
 import com.github.games647.fastlogin.core.PremiumStatus;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.message.SuccessMessage;
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.ForceLoginManagement;
 import com.github.games647.fastlogin.core.shared.LoginSession;
 import com.github.games647.fastlogin.core.shared.event.FastLoginAutoLoginEvent;
-
-import java.util.concurrent.ExecutionException;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import org.bukkit.Bukkit;
 import org.bukkit.command.CommandSender;
 import org.bukkit.entity.Player;
 import org.bukkit.metadata.FixedMetadataValue;
 
+import java.util.concurrent.ExecutionException;
+
 public class ForceLoginTask extends ForceLoginManagement<Player, CommandSender, BukkitLoginSession, FastLoginBukkit> {
 
     public ForceLoginTask(FastLoginCore<Player, CommandSender, FastLoginBukkit> core, Player player,
@@ -104,6 +103,6 @@ public class ForceLoginTask extends ForceLoginManagement<Player, CommandSender,
 
     @Override
     public boolean isOnlineMode() {
-        return session.isVerified();
+        return session.isVerifiedPremium();
     }
 }

bukkit/src/main/resources/plugin.yml

@@ -25,12 +25,12 @@ softdepend:
     - floodgate
     # Auth plugins
     - AuthMe
+    - CrazyLogin
     - LoginSecurity
-    - SodionAuth
-    - xAuth
     - LogIt
     - UltraAuth
-    - CrazyLogin
+    - xAuth
+    - Passky
 
 commands:
     ${project.parent.name}:
@@ -45,6 +45,11 @@ commands:
         usage: /<command> [player]
         permission: ${project.artifactId}.command.cracked
 
+    fldelete:
+        description: 'Delete player profile data'
+        usage: /<command> [player]
+        permission: ${project.artifactId}.command.delete
+
 permissions:
     ${project.artifactId}.command.premium:
         description: 'Label themselves as premium'
@@ -63,3 +68,7 @@ permissions:
         description: 'Label others as cracked'
         children:
             ${project.artifactId}.command.cracked: true
+
+    ${project.artifactId}.command.delete:
+        description: 'Delete other players profile data'
+        default: op

bukkit/src/test/java/com/github/games647/fastlogin/bukkit/FastLoginBukkitTest.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -26,11 +26,9 @@
 package com.github.games647.fastlogin.bukkit;
 
 import com.github.games647.fastlogin.core.CommonUtil;
-
+import net.md_5.bungee.api.chat.BaseComponent;
 import net.md_5.bungee.api.chat.TextComponent;
 import net.md_5.bungee.chat.ComponentSerializer;
-
-import lombok.val;
 import org.junit.jupiter.api.Test;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
@@ -39,12 +37,14 @@ class FastLoginBukkitTest {
 
     @Test
     void testRGB() {
-        val message = "&x00002a00002b&lText";
-        val msg = CommonUtil.translateColorCodes(message);
+        String message = "&x00002a00002b&lText";
+        String msg = CommonUtil.translateColorCodes(message);
         assertEquals(msg, "§x00002a00002b§lText");
 
-        val components = TextComponent.fromLegacyText(msg);
-        val expected = "{\"bold\":true,\"color\":\"#00a00b\",\"text\":\"Text\"}";
+        @SuppressWarnings("deprecation")
+        BaseComponent[] components = TextComponent.fromLegacyText(msg);
+        String expected = "{\"bold\":true,\"color\":\"#00a00b\",\"text\":\"Text\"}";
+        //noinspection deprecation
         assertEquals(ComponentSerializer.toString(components), expected);
     }
 }

bukkit/src/test/java/com/github/games647/fastlogin/bukkit/ReflectionTest.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,10 +27,8 @@ package com.github.games647.fastlogin.bukkit;
 
 import com.comphenix.protocol.reflect.accessors.Accessors;
 import com.comphenix.protocol.reflect.accessors.FieldAccessor;
-
 import fr.xephi.authme.api.v3.AuthMeApi;
 import fr.xephi.authme.process.Management;
-
 import org.junit.jupiter.api.Test;
 
 import static org.junit.jupiter.api.Assertions.assertNotNull;

bukkit/src/test/java/com/github/games647/fastlogin/bukkit/hook/CrazyLoginHookTest.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,10 +27,8 @@ package com.github.games647.fastlogin.bukkit.hook;
 
 import com.comphenix.protocol.reflect.accessors.Accessors;
 import com.comphenix.protocol.reflect.accessors.FieldAccessor;
-
 import de.st_ddt.crazylogin.CrazyLogin;
 import de.st_ddt.crazylogin.listener.PlayerListener;
-
 import org.junit.jupiter.api.Test;
 
 import static org.junit.jupiter.api.Assertions.assertNotNull;

bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/Base64Adapter.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -32,13 +32,11 @@ import com.google.gson.stream.JsonWriter;
 import java.io.IOException;
 import java.util.Base64;
 
-import lombok.val;
-
 public class Base64Adapter extends TypeAdapter<byte[]> {
 
     @Override
     public void write(JsonWriter out, byte[] value) throws IOException {
-        val encoded = Base64.getEncoder().encodeToString(value);
+        String encoded = Base64.getEncoder().encodeToString(value);
         out.value(encoded);
     }
 

bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/EncryptionUtilTest.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,8 +27,18 @@ package com.github.games647.fastlogin.bukkit.listener.protocollib;
 
 import com.github.games647.fastlogin.bukkit.listener.protocollib.SignatureTestData.SignatureData;
 import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
+import com.google.common.hash.Hasher;
 import com.google.common.hash.Hashing;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
 
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
 import java.math.BigInteger;
 import java.nio.charset.StandardCharsets;
 import java.security.GeneralSecurityException;
@@ -41,27 +51,17 @@ import java.security.SignatureException;
 import java.security.interfaces.RSAPublicKey;
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
+import java.util.Random;
+import java.util.UUID;
 import java.util.concurrent.ThreadLocalRandom;
 
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-
-import lombok.val;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.params.ParameterizedTest;
-import org.junit.jupiter.params.provider.ValueSource;
-
 import static org.junit.jupiter.api.Assertions.*;
 
 class EncryptionUtilTest {
 
     @Test
     void testVerifyToken() {
-        val random = ThreadLocalRandom.current();
+        Random random = ThreadLocalRandom.current();
         byte[] token = EncryptionUtil.generateVerifyToken(random);
 
         assertAll(
@@ -89,11 +89,11 @@ class EncryptionUtilTest {
 
     @Test
     void testExpiredClientKey() throws Exception {
-        val clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key.json");
+        ClientPublicKey clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key.json");
 
         // Client expires at the exact second mentioned, so use it for verification
-        val expiredTimestamp = clientKey.expiry();
-        assertFalse(EncryptionUtil.verifyClientKey(clientKey, expiredTimestamp));
+        Instant expiredTimestamp = clientKey.expiry();
+        assertFalse(EncryptionUtil.verifyClientKey(clientKey, expiredTimestamp, null));
     }
 
     @ParameterizedTest
@@ -106,24 +106,42 @@ class EncryptionUtilTest {
             "client_keys/invalid_wrong_signature.json"
     })
     void testInvalidClientKey(String clientKeySource) throws Exception {
-        val clientKey = ResourceLoader.loadClientKey(clientKeySource);
+        ClientPublicKey clientKey = ResourceLoader.loadClientKey(clientKeySource);
         Instant expireTimestamp = clientKey.expiry().minus(5, ChronoUnit.HOURS);
 
-        assertFalse(EncryptionUtil.verifyClientKey(clientKey, expireTimestamp));
+        assertFalse(EncryptionUtil.verifyClientKey(clientKey, expireTimestamp, null));
     }
 
     @Test
     void testValidClientKey() throws Exception {
-        val clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key.json");
-        val verificationTimestamp = clientKey.expiry().minus(5, ChronoUnit.HOURS);
+        ClientPublicKey clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key.json");
+        Instant verificationTimestamp = clientKey.expiry().minus(5, ChronoUnit.HOURS);
 
-        assertTrue(EncryptionUtil.verifyClientKey(clientKey, verificationTimestamp));
+        assertTrue(EncryptionUtil.verifyClientKey(clientKey, verificationTimestamp, null));
+    }
+
+    @Test
+    void testValid191ClientKey() throws Exception {
+        ClientPublicKey clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key_19_1.json");
+        Instant verificationTimestamp = clientKey.expiry().minus(5, ChronoUnit.HOURS);
+
+        UUID ownerPremiumId = UUID.fromString("0aaa2c13-922a-411b-b655-9b8c08404695");
+        assertTrue(EncryptionUtil.verifyClientKey(clientKey, verificationTimestamp, ownerPremiumId));
+    }
+
+    @Test
+    void testIncorrect191ClientOwner() throws Exception {
+        ClientPublicKey clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key_19_1.json");
+        Instant verificationTimestamp = clientKey.expiry().minus(5, ChronoUnit.HOURS);
+
+        UUID ownerPremiumId = UUID.fromString("61699b2e-d327-4a01-9f1e-0ea8c3f06bc6");
+        assertFalse(EncryptionUtil.verifyClientKey(clientKey, verificationTimestamp, ownerPremiumId));
     }
 
     @Test
     void testDecryptSharedSecret() throws Exception {
         KeyPair serverPair = EncryptionUtil.generateKeyPair();
-        val serverPK = serverPair.getPublic();
+        PublicKey serverPK = serverPair.getPublic();
 
         SecretKey secretKey = generateSharedKey();
         byte[] encryptedSecret = encrypt(serverPK, secretKey.getEncoded());
@@ -135,7 +153,7 @@ class EncryptionUtilTest {
     private static byte[] encrypt(PublicKey receiverKey, byte... message)
             throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
             IllegalBlockSizeException, BadPaddingException {
-        val encryptCipher = Cipher.getInstance(receiverKey.getAlgorithm());
+        Cipher encryptCipher = Cipher.getInstance(receiverKey.getAlgorithm());
         encryptCipher.init(Cipher.ENCRYPT_MODE, receiverKey);
         return encryptCipher.doFinal(message);
     }
@@ -151,15 +169,16 @@ class EncryptionUtilTest {
 
     @Test
     void testServerIdHash() throws Exception {
-        val serverId = "";
-        val sharedSecret = generateSharedKey();
-        val serverPK = ResourceLoader.loadClientKey("client_keys/valid_public_key.json").key();
+        String serverId = "";
+        SecretKeySpec sharedSecret = generateSharedKey();
+        PublicKey serverPK = ResourceLoader.loadClientKey("client_keys/valid_public_key.json").key();
 
         String sessionHash = getServerHash(serverId, sharedSecret, serverPK);
         assertEquals(EncryptionUtil.getServerIdHashString(serverId, sharedSecret, serverPK), sessionHash);
     }
 
-    private static String getServerHash(CharSequence serverId, SecretKey sharedSecret, PublicKey serverPK) {
+    private static String getServerHash(@SuppressWarnings("SameParameterValue") CharSequence serverId,
+                                        SecretKey sharedSecret, PublicKey serverPK) {
         // https://wiki.vg/Protocol_Encryption#Client
         // sha1 := Sha1()
         // sha1.update(ASCII encoding of the server id string from Encryption Request)
@@ -167,7 +186,7 @@ class EncryptionUtilTest {
         // sha1.update(server's encoded public key from Encryption Request)
         // hash := sha1.hexdigest() # String of hex characters
         @SuppressWarnings("deprecation")
-        val hasher = Hashing.sha1().newHasher();
+        Hasher hasher = Hashing.sha1().newHasher();
         hasher.putString(serverId, StandardCharsets.US_ASCII);
         hasher.putBytes(sharedSecret.getEncoded());
         hasher.putBytes(serverPK.getEncoded());
@@ -180,9 +199,9 @@ class EncryptionUtilTest {
 
     @Test
     void testServerIdHashWrongSecret() throws Exception {
-        val serverId = "";
-        val sharedSecret = generateSharedKey();
-        val serverPK = ResourceLoader.loadClientKey("client_keys/valid_public_key.json").key();
+        String serverId = "";
+        SecretKeySpec sharedSecret = generateSharedKey();
+        PublicKey serverPK = ResourceLoader.loadClientKey("client_keys/valid_public_key.json").key();
 
         String sessionHash = getServerHash(serverId, sharedSecret, serverPK);
         assertNotEquals(EncryptionUtil.getServerIdHashString("", generateSharedKey(), serverPK), sessionHash);
@@ -190,12 +209,12 @@ class EncryptionUtilTest {
 
     @Test
     void testServerIdHashWrongServerKey() {
-        val serverId = "";
-        val sharedSecret = generateSharedKey();
-        val serverPK = EncryptionUtil.generateKeyPair().getPublic();
+        String serverId = "";
+        SecretKeySpec sharedSecret = generateSharedKey();
+        PublicKey serverPK = EncryptionUtil.generateKeyPair().getPublic();
 
         String sessionHash = getServerHash(serverId, sharedSecret, serverPK);
-        val wrongPK = EncryptionUtil.generateKeyPair().getPublic();
+        PublicKey wrongPK = EncryptionUtil.generateKeyPair().getPublic();
         assertNotEquals(EncryptionUtil.getServerIdHashString("", sharedSecret, wrongPK), sessionHash);
     }
 
@@ -239,8 +258,8 @@ class EncryptionUtilTest {
     @Test
     void testNonce() throws Exception {
         byte[] expected = {1, 2, 3, 4};
-        val serverKey = EncryptionUtil.generateKeyPair();
-        val encryptedNonce = encrypt(serverKey.getPublic(), expected);
+        KeyPair serverKey = EncryptionUtil.generateKeyPair();
+        byte[] encryptedNonce = encrypt(serverKey.getPublic(), expected);
 
         assertTrue(EncryptionUtil.verifyNonce(expected, serverKey.getPrivate(), encryptedNonce));
     }
@@ -248,19 +267,19 @@ class EncryptionUtilTest {
     @Test
     void testNonceIncorrect() throws Exception {
         byte[] expected = {1, 2, 3, 4};
-        val serverKey = EncryptionUtil.generateKeyPair();
+        KeyPair serverKey = EncryptionUtil.generateKeyPair();
 
         // flipped first character
-        val encryptedNonce = encrypt(serverKey.getPublic(), new byte[]{0, 2, 3, 4});
+        byte[] encryptedNonce = encrypt(serverKey.getPublic(), new byte[]{0, 2, 3, 4});
         assertFalse(EncryptionUtil.verifyNonce(expected, serverKey.getPrivate(), encryptedNonce));
     }
 
     @Test
     void testNonceFailedDecryption() throws Exception {
         byte[] expected = {1, 2, 3, 4};
-        val serverKey = EncryptionUtil.generateKeyPair();
+        KeyPair serverKey = EncryptionUtil.generateKeyPair();
         // generate a new keypair that is different
-        val encryptedNonce = encrypt(EncryptionUtil.generateKeyPair().getPublic(), expected);
+        byte[] encryptedNonce = encrypt(EncryptionUtil.generateKeyPair().getPublic(), expected);
 
         assertThrows(GeneralSecurityException.class,
                 () -> EncryptionUtil.verifyNonce(expected, serverKey.getPrivate(), encryptedNonce)
@@ -270,7 +289,7 @@ class EncryptionUtilTest {
     @Test
     void testNonceIncorrectEmpty() {
         byte[] expected = {1, 2, 3, 4};
-        val serverKey = EncryptionUtil.generateKeyPair();
+        KeyPair serverKey = EncryptionUtil.generateKeyPair();
         byte[] encryptedNonce = {};
 
         assertThrows(GeneralSecurityException.class,

bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ResourceLoader.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,6 +29,8 @@ import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPu
 import com.google.common.io.Resources;
 import com.google.gson.Gson;
 import com.google.gson.JsonObject;
+import org.bouncycastle.util.io.pem.PemObject;
+import org.bouncycastle.util.io.pem.PemReader;
 
 import java.io.IOException;
 import java.io.Reader;
@@ -40,14 +42,12 @@ import java.security.NoSuchAlgorithmException;
 import java.security.interfaces.RSAPrivateKey;
 import java.security.interfaces.RSAPublicKey;
 import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.security.spec.X509EncodedKeySpec;
 import java.time.Instant;
 import java.util.Base64;
 
-import org.bouncycastle.util.io.pem.PemObject;
-import org.bouncycastle.util.io.pem.PemReader;
-
 public class ResourceLoader {
 
     public static RSAPrivateKey parsePrivateKey(String keySpec)
@@ -58,7 +58,7 @@ public class ResourceLoader {
         ) {
             PemObject pemObject = pemReader.readPemObject();
             byte[] content = pemObject.getContent();
-            PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(content);
+            KeySpec privateKeySpec = new PKCS8EncodedKeySpec(content);
 
             KeyFactory factory = KeyFactory.getInstance("RSA");
             return (RSAPrivateKey) factory.generatePrivate(privateKeySpec);
@@ -88,7 +88,7 @@ public class ResourceLoader {
         ) {
             PemObject pemObject = pemReader.readPemObject();
             byte[] content = pemObject.getContent();
-            X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(content);
+            KeySpec pubKeySpec = new X509EncodedKeySpec(content);
 
             KeyFactory factory = KeyFactory.getInstance("RSA");
             return (RSAPublicKey) factory.generatePublic(pubKeySpec);

bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/SignatureTestData.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -30,15 +30,14 @@ import com.google.gson.Gson;
 import com.google.gson.annotations.JsonAdapter;
 
 import java.io.IOException;
+import java.net.URL;
 import java.nio.charset.StandardCharsets;
 
-import lombok.val;
-
 public class SignatureTestData {
 
     public static SignatureTestData fromResource(String resourceName) throws IOException {
-        val keyUrl = Resources.getResource(resourceName);
-        val encodedSignature = Resources.toString(keyUrl, StandardCharsets.US_ASCII);
+        URL keyUrl = Resources.getResource(resourceName);
+        String encodedSignature = Resources.toString(keyUrl, StandardCharsets.US_ASCII);
 
         return new Gson().fromJson(encodedSignature, SignatureTestData.class);
     }

bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTaskTest.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,16 +29,14 @@ import com.comphenix.protocol.injector.packet.PacketRegistry;
 import com.comphenix.protocol.reflect.accessors.Accessors;
 import com.comphenix.protocol.reflect.accessors.FieldAccessor;
 import com.comphenix.protocol.utility.MinecraftReflection;
-
-import java.util.Optional;
-
 import org.bukkit.Bukkit;
 import org.junit.jupiter.api.Test;
 import org.mockito.MockedStatic;
 
-import static org.mockito.ArgumentMatchers.any;
+import java.util.Optional;
 
 import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mockStatic;
 
 class VerifyResponseTaskTest {

bukkit/src/test/java/com/github/games647/fastlogin/bukkit/task/DelayedAuthHookTest.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -26,8 +26,6 @@
 package com.github.games647.fastlogin.bukkit.task;
 
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
-
-import lombok.val;
 import org.bukkit.entity.Player;
 import org.junit.jupiter.api.Test;
 
@@ -37,7 +35,7 @@ class DelayedAuthHookTest {
 
     @Test
     void createNewReflectiveInstance() throws ReflectiveOperationException {
-        val authHook = new DelayedAuthHook(null);
+        DelayedAuthHook authHook = new DelayedAuthHook(null);
         assertNotNull(authHook.newInstance(DummyHook.class));
     }
 

bukkit/src/test/resources/client_keys/valid_public_key_19_1.json

@@ -0,0 +1,5 @@
+{
+  "expires_at": "2022-07-29T12:57:39.011Z",
+  "key": "-----BEGIN RSA PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYOUXdid0c09/eYoseLf8qG9fKQ/G2DY9wlSyEZaFMflwZ8ZpLFYigxzfaimpT3A5cbFIdIH2W2sYl5PwsKSs128GBh/rxXUEZlLkIkS+EfxyuMp9ITclxAjCqvFgfJbZHugtB9Ofi6knCEEgjFwMDh2efdpOXkCxtHuPFfnVzDJBbHWdlCCtJesMAnA2jCT7CqCwsi7sW2QxuTarqHP/cHKiBeBIu/SngGUB6eWmvAwERW5x2D+O26w8Z5sQCND3xQ4D868RALiPNG94TyKoJV+jKi0tTUmjGGs/1ksbSGDQb5xqIH0NYKZhoZrczYPNmJX4k7g5BA5RHX8AGORaQIDAQAB\n-----END RSA PUBLIC KEY-----\n",
+  "signature": "Fto/GDqEMTWpNrktWSi3tnP3ZZlo8r4Jled/5PKYRvaL/zksfjB2RK2O8pZL+w5mI2VAViTVAQmSJEF2o/BCb2L0zXp3/hC9VhZj5NTVi4KbHfnfMorj7/WJP2vvMgVxIxgLb3EEQXGS2Mmo0w2ikUVauwXgLWECvVt10KAZnTAWNIvpM8NUoZ2oCCxVimYHBtlwWQ7WvowAatP4ypa7fo3xhQg8Im1hvQDsFTNp58pgnd7l3l99xLj1uYOUJM06HGZJ/Xd0kzzJz44Csh4m50Q0RP4Nq5L+fYPeUx990Z1r1lw0sSayk+vA2Qnxgbs/z6KgkxfhBg7oOlp4ykl9cLC2kA/LdV6igqsdr/KoP4GWxwTA7RgQbhMkDFdmIg1W+gh3XqwASFQK2BAN/eAfmDTf8u9BtOEF7Ehn9uPOaiFiGztyaHxXNIkVSPTG2GXMFSijnd3Ms28jHYVY/67INTnDRmN0//KzBAoTRMe1S5idai19kug4EUVIRKDziipowzCPdbD18trdQGpK0dYOrw9XQiQd4N4V3eItpyAULGiZd8KcjgKo4orqgsUfNyhLI1keig7TyJUE3FkBOfX4hlZBm7Q/Wq4hwarlc5yZIjhsuivKV/q4tcnYYPwjP7kNMRsIApWG+yHmSIo8QfZhBiPxvtWSSLZgoFgnlxfaEko="
+}

bungee/pom.xml

@@ -4,7 +4,7 @@
 
     The MIT License (MIT)
 
-    Copyright (c) 2015-2022 games647 and contributors
+    Copyright (c) 2015-2024 games647 and contributors
 
     Permission is hereby granted, free of charge, to any person obtaining a copy
     of this software and associated documentation files (the "Software"), to deal
@@ -25,7 +25,7 @@
     SOFTWARE.
 
 -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
@@ -40,6 +40,10 @@
     <artifactId>fastlogin.bungee</artifactId>
     <packaging>jar</packaging>
 
+    <properties>
+        <maven.compiler.release>17</maven.compiler.release>
+    </properties>
+
     <!--Represents the main plugin-->
     <name>FastLoginBungee</name>
 
@@ -47,20 +51,12 @@
         <plugins>
             <plugin>
                 <artifactId>maven-shade-plugin</artifactId>
-                <version>3.3.0</version>
+                <version>3.6.0</version>
                 <configuration>
                     <minimizeJar>true</minimizeJar>
 
                     <createDependencyReducedPom>false</createDependencyReducedPom>
                     <shadedArtifactAttached>false</shadedArtifactAttached>
-                    <artifactSet>
-                        <excludes>
-                            <!--Those classes are already present in BungeeCord version-->
-                            <exclude>net.md-5:bungeecord-config</exclude>
-                            <exclude>com.google.code.gson:gson</exclude>
-                            <exclude>com.google.guava:guava</exclude>
-                        </excludes>
-                    </artifactSet>
                     <relocations>
                         <relocation>
                             <pattern>com.zaxxer.hikari</pattern>
@@ -74,13 +70,15 @@
                     <!-- Rename the service file too to let SLF4J api find our own relocated jdk logger -->
                     <!-- Located in META-INF/services -->
                     <transformers>
-                        <transformer implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer"/>
+                        <transformer
+                                implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer"/>
                     </transformers>
                     <filters>
                         <filter>
                             <artifact>*:*</artifact>
                             <excludes>
                                 <exclude>META-INF/MANIFEST.MF</exclude>
+                                <exclude>**/module-info</exclude>
                                 <exclude>**/module-info.class</exclude>
                             </excludes>
                         </filter>
@@ -104,11 +102,6 @@
             <url>https://repo.codemc.io/repository/maven-public/</url>
         </repository>
 
-        <repository>
-            <id>spigotplugins-repo</id>
-            <url>https://maven.gamestrike.de/mvn/</url>
-        </repository>
-
         <repository>
             <id>jitpack.io</id>
             <url>https://jitpack.io</url>
@@ -124,13 +117,33 @@
             <groupId>${project.groupId}</groupId>
             <artifactId>fastlogin.core</artifactId>
             <version>${project.version}</version>
+            <!--Those classes are already present in BungeeCord version-->
+            <exclusions>
+                <exclusion>
+                    <groupId>net.md-5</groupId>
+                    <artifactId>bungeecord-config</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>com.google.code.gson</groupId>
+                    <artifactId>gson</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>com.google.guava</groupId>
+                    <artifactId>guava</artifactId>
+                </exclusion>
+                <!-- Exclude snakeyaml, because it is included in BungeeCord with the correct version -->
+                <exclusion>
+                    <groupId>org.yaml</groupId>
+                    <artifactId>snakeyaml</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
 
         <!--BungeeCord with also the part outside the API-->
         <dependency>
             <groupId>net.md-5</groupId>
             <artifactId>bungeecord-proxy</artifactId>
-            <version>1.19-R0.1-SNAPSHOT</version>
+            <version>1.20-R0.2-SNAPSHOT</version>
             <scope>provided</scope>
             <!-- Use our own newer api version -->
             <exclusions>
@@ -139,13 +152,14 @@
                     <artifactId>slf4j-api</artifactId>
                 </exclusion>
                 <exclusion>
-                    <groupId>mysql</groupId>
+                    <groupId>com.mysql</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
                 <exclusion>
                     <groupId>net.md-5</groupId>
                     <artifactId>bungeecord-native</artifactId>
                 </exclusion>
+
                 <exclusion>
                     <groupId>net.md-5</groupId>
                     <artifactId>bungeecord-query</artifactId>
@@ -154,6 +168,11 @@
                     <groupId>net.md-5</groupId>
                     <artifactId>bungeecord-slf4j</artifactId>
                 </exclusion>
+
+                <exclusion>
+                    <groupId>net.sf.jopt-simple</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.apache.maven</groupId>
                     <artifactId>*</artifactId>
@@ -162,6 +181,10 @@
                     <groupId>org.apache.maven.resolver</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>io.netty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
 
@@ -173,11 +196,7 @@
             <scope>provided</scope>
             <exclusions>
                 <exclusion>
-                    <groupId>io.netty</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.geysermc.cumulus</groupId>
+                    <groupId>*</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
             </exclusions>
@@ -185,7 +204,7 @@
 
         <!-- Bedrock player bridge -->
         <dependency>
-            <groupId>org.geysermc</groupId>
+            <groupId>org.geysermc.geyser</groupId>
             <artifactId>core</artifactId>
             <version>${geyser.version}</version>
             <scope>provided</scope>
@@ -199,10 +218,16 @@
 
         <!-- We need the API, but it was excluded above -->
         <dependency>
-            <groupId>org.geysermc</groupId>
-            <artifactId>geyser-api</artifactId>
+            <groupId>org.geysermc.geyser</groupId>
+            <artifactId>api</artifactId>
             <version>${geyser.version}</version>
             <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
 
         <!--Login plugin-->
@@ -213,18 +238,5 @@
             <scope>system</scope>
             <systemPath>${project.basedir}/lib/BungeeAuth-1.4.jar</systemPath>
         </dependency>
-
-        <dependency>
-            <groupId>de.xxschrandxx.bca</groupId>
-            <artifactId>BungeeCordAuthenticator</artifactId>
-            <version>0.0.3</version>
-            <scope>provided</scope>
-            <exclusions>
-                <exclusion>
-                    <groupId>*</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
     </dependencies>
 </project>

bungee/src/main/java/com/github/games647/fastlogin/bungee/BungeeLoginSession.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,8 +25,8 @@
  */
 package com.github.games647.fastlogin.bungee;
 
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.LoginSession;
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 
 public class BungeeLoginSession extends LoginSession {
 

bungee/src/main/java/com/github/games647/fastlogin/bungee/BungeeLoginSource.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -26,15 +26,14 @@
 package com.github.games647.fastlogin.bungee;
 
 import com.github.games647.fastlogin.core.shared.LoginSource;
-
-import java.net.InetSocketAddress;
-
 import net.md_5.bungee.api.ChatColor;
 import net.md_5.bungee.api.chat.ComponentBuilder;
 import net.md_5.bungee.api.chat.TextComponent;
 import net.md_5.bungee.api.connection.PendingConnection;
 import net.md_5.bungee.api.event.PreLoginEvent;
 
+import java.net.InetSocketAddress;
+
 public class BungeeLoginSource implements LoginSource {
 
     private final PendingConnection connection;
@@ -55,9 +54,15 @@ public class BungeeLoginSource implements LoginSource {
         preLoginEvent.setCancelled(true);
 
         if (message == null) {
-            preLoginEvent.setCancelReason(new ComponentBuilder("Kicked").color(ChatColor.WHITE).create());
+            preLoginEvent.setReason(
+                    TextComponent.fromArray(
+                            new ComponentBuilder("Kicked").color(ChatColor.WHITE).create()
+                    ));
         } else {
-            preLoginEvent.setCancelReason(TextComponent.fromLegacyText(message));
+            preLoginEvent.setReason(
+                    TextComponent.fromArray(
+                            TextComponent.fromLegacyText(message)
+                    ));
         }
     }
 
@@ -73,7 +78,7 @@ public class BungeeLoginSource implements LoginSource {
     @Override
     public String toString() {
         return this.getClass().getSimpleName() + '{'
-            + "connection=" + connection
-            + '}';
+                + "connection=" + connection
+                + '}';
     }
 }

bungee/src/main/java/com/github/games647/fastlogin/bungee/FastLoginBungee.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -26,10 +26,8 @@
 package com.github.games647.fastlogin.bungee;
 
 import com.github.games647.fastlogin.bungee.hook.BungeeAuthHook;
-import com.github.games647.fastlogin.bungee.hook.BungeeCordAuthenticatorBungeeHook;
 import com.github.games647.fastlogin.bungee.listener.ConnectListener;
 import com.github.games647.fastlogin.bungee.listener.PluginMessageListener;
-import com.github.games647.fastlogin.core.AsyncScheduler;
 import com.github.games647.fastlogin.core.CommonUtil;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
 import com.github.games647.fastlogin.core.hooks.bedrock.BedrockService;
@@ -39,19 +37,13 @@ import com.github.games647.fastlogin.core.message.ChangePremiumMessage;
 import com.github.games647.fastlogin.core.message.ChannelMessage;
 import com.github.games647.fastlogin.core.message.NamespaceKey;
 import com.github.games647.fastlogin.core.message.SuccessMessage;
+import com.github.games647.fastlogin.core.scheduler.AsyncScheduler;
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.PlatformPlugin;
 import com.google.common.collect.MapMaker;
 import com.google.common.io.ByteArrayDataOutput;
 import com.google.common.io.ByteStreams;
 import com.google.common.util.concurrent.ThreadFactoryBuilder;
-
-import java.nio.file.Path;
-import java.util.Arrays;
-import java.util.List;
-import java.util.concurrent.ConcurrentMap;
-import java.util.concurrent.ThreadFactory;
-
 import net.md_5.bungee.api.CommandSender;
 import net.md_5.bungee.api.chat.TextComponent;
 import net.md_5.bungee.api.connection.PendingConnection;
@@ -61,11 +53,16 @@ import net.md_5.bungee.api.plugin.Listener;
 import net.md_5.bungee.api.plugin.Plugin;
 import net.md_5.bungee.api.plugin.PluginManager;
 import net.md_5.bungee.api.scheduler.GroupedThreadFactory;
-
 import org.geysermc.floodgate.api.FloodgateApi;
 import org.geysermc.geyser.GeyserImpl;
 import org.slf4j.Logger;
 
+import java.nio.file.Path;
+import java.util.Collections;
+import java.util.List;
+import java.util.concurrent.ConcurrentMap;
+import java.util.concurrent.ThreadFactory;
+
 /**
  * BungeeCord version of FastLogin. This plugin keeps track on online mode connections.
  */
@@ -101,7 +98,7 @@ public class FastLoginBungee extends Plugin implements PlatformPlugin<CommandSen
         //events
         PluginManager pluginManager = getProxy().getPluginManager();
 
-        Listener connectListener = new ConnectListener(this, core.getAntiBot());
+        Listener connectListener = new ConnectListener(this, core.getAntiBotService());
         pluginManager.registerListener(this, connectListener);
         pluginManager.registerListener(this, new PluginMessageListener(this));
 
@@ -129,8 +126,9 @@ public class FastLoginBungee extends Plugin implements PlatformPlugin<CommandSen
 
     private void registerHook() {
         try {
-            List<Class<? extends AuthPlugin<ProxiedPlayer>>> hooks = Arrays.asList(
-                    BungeeAuthHook.class, BungeeCordAuthenticatorBungeeHook.class);
+            List<Class<? extends AuthPlugin<ProxiedPlayer>>> hooks = Collections.singletonList(
+                    BungeeAuthHook.class
+            );
 
             for (Class<? extends AuthPlugin<ProxiedPlayer>> clazz : hooks) {
                 String pluginName = clazz.getSimpleName();

bungee/src/main/java/com/github/games647/fastlogin/bungee/event/BungeeFastLoginAutoLoginEvent.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,10 +25,9 @@
  */
 package com.github.games647.fastlogin.bungee.event;
 
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.LoginSession;
 import com.github.games647.fastlogin.core.shared.event.FastLoginAutoLoginEvent;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import net.md_5.bungee.api.plugin.Cancellable;
 import net.md_5.bungee.api.plugin.Event;
 

bungee/src/main/java/com/github/games647/fastlogin/bungee/event/BungeeFastLoginPreLoginEvent.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,10 +25,9 @@
  */
 package com.github.games647.fastlogin.bungee.event;
 
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.LoginSource;
 import com.github.games647.fastlogin.core.shared.event.FastLoginPreLoginEvent;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import net.md_5.bungee.api.plugin.Event;
 
 public class BungeeFastLoginPreLoginEvent extends Event implements FastLoginPreLoginEvent {

bungee/src/main/java/com/github/games647/fastlogin/bungee/event/BungeeFastLoginPremiumToggleEvent.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,9 +25,8 @@
  */
 package com.github.games647.fastlogin.bungee.event;
 
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.event.FastLoginPremiumToggleEvent;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import net.md_5.bungee.api.plugin.Event;
 
 public class BungeeFastLoginPremiumToggleEvent extends Event implements FastLoginPremiumToggleEvent {

bungee/src/main/java/com/github/games647/fastlogin/bungee/hook/BungeeAuthHook.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,18 +27,16 @@ package com.github.games647.fastlogin.bungee.hook;
 
 import com.github.games647.fastlogin.bungee.FastLoginBungee;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
-
 import me.vik1395.BungeeAuth.Main;
 import me.vik1395.BungeeAuthAPI.RequestHandler;
-
 import net.md_5.bungee.api.connection.ProxiedPlayer;
 
 /**
  * GitHub:
  * <a href="https://github.com/vik1395/BungeeAuth-Minecraft">...</a>
- *
+ * <p>
  * Project page:
- *
+ * <p>
  * Spigot:
  * <a href="https://www.spigotmc.org/resources/bungeeauth.493/">...</a>
  */

bungee/src/main/java/com/github/games647/fastlogin/bungee/hook/BungeeCordAuthenticatorBungeeHook.java

@@ -1,92 +0,0 @@
-/*
- * SPDX-License-Identifier: MIT
- *
- * The MIT License (MIT)
- *
- * Copyright (c) 2015-2022 games647 and contributors
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in all
- * copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-package com.github.games647.fastlogin.bungee.hook;
-
-import com.github.games647.fastlogin.bungee.FastLoginBungee;
-import com.github.games647.fastlogin.core.hooks.AuthPlugin;
-
-import de.xxschrandxx.bca.bungee.BungeeCordAuthenticatorBungee;
-import de.xxschrandxx.bca.bungee.api.BungeeCordAuthenticatorBungeeAPI;
-
-import java.sql.SQLException;
-import java.util.logging.Level;
-
-import net.md_5.bungee.api.connection.ProxiedPlayer;
-
-/**
- * GitHub:
- * <a href="https://github.com/xXSchrandXx/SpigotPlugins/tree/master/BungeeCordAuthenticator">...</a>
- * <p>
- * Project page:
- * <p>
- * Spigot: <a href="https://www.spigotmc.org/resources/bungeecordauthenticator.87669/">...</a>
- */
-public class BungeeCordAuthenticatorBungeeHook implements AuthPlugin<ProxiedPlayer> {
-
-    public final BungeeCordAuthenticatorBungeeAPI api;
-
-    public BungeeCordAuthenticatorBungeeHook(FastLoginBungee plugin) {
-        api = ((BungeeCordAuthenticatorBungee) plugin.getProxy().getPluginManager()
-            .getPlugin("BungeeCordAuthenticatorBungee")).getAPI();
-        plugin.getLog().info("BungeeCordAuthenticatorHook | Hooked successful!");
-    }
-
-    @Override
-    public boolean forceLogin(ProxiedPlayer player) {
-        if (api.isAuthenticated(player)) {
-            return true;
-        }
-
-        try {
-            api.setAuthenticated(player);
-        } catch (SQLException sqlEx) {
-            api.getLogger().log(Level.WARNING, "Failed to force login", sqlEx);
-            return false;
-        }
-
-        return true;
-    }
-
-    @Override
-    public boolean isRegistered(String playerName) {
-        try {
-            return api.getSQL().checkPlayerEntry(playerName);
-        } catch (SQLException sqlEx) {
-            api.getLogger().log(Level.WARNING, "Failed to check registration", sqlEx);
-            return false;
-        }
-    }
-
-    @Override
-    public boolean forceRegister(ProxiedPlayer player, String password) {
-        try {
-            return api.createPlayerEntry(player, password);
-        } catch (SQLException sqlEx) {
-            api.getLogger().log(Level.WARNING, "Failed to force register", sqlEx);
-            return false;
-        }
-    }
-}

bungee/src/main/java/com/github/games647/fastlogin/bungee/listener/ConnectListener.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -31,20 +31,12 @@ import com.github.games647.fastlogin.bungee.FastLoginBungee;
 import com.github.games647.fastlogin.bungee.task.AsyncPremiumCheck;
 import com.github.games647.fastlogin.bungee.task.FloodgateAuthTask;
 import com.github.games647.fastlogin.bungee.task.ForceLoginTask;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.antibot.AntiBotService;
 import com.github.games647.fastlogin.core.antibot.AntiBotService.Action;
 import com.github.games647.fastlogin.core.hooks.bedrock.FloodgateService;
 import com.github.games647.fastlogin.core.shared.LoginSession;
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import com.google.common.base.Throwables;
-
-import java.lang.invoke.MethodHandle;
-import java.lang.invoke.MethodHandles;
-import java.lang.invoke.MethodHandles.Lookup;
-import java.lang.reflect.Field;
-import java.net.InetSocketAddress;
-import java.util.UUID;
-
 import net.md_5.bungee.api.chat.TextComponent;
 import net.md_5.bungee.api.connection.PendingConnection;
 import net.md_5.bungee.api.connection.ProxiedPlayer;
@@ -59,11 +51,17 @@ import net.md_5.bungee.connection.LoginResult;
 import net.md_5.bungee.event.EventHandler;
 import net.md_5.bungee.event.EventPriority;
 import net.md_5.bungee.protocol.Property;
-
 import org.geysermc.floodgate.api.player.FloodgatePlayer;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.lang.invoke.MethodHandle;
+import java.lang.invoke.MethodHandles;
+import java.lang.invoke.MethodHandles.Lookup;
+import java.lang.reflect.Field;
+import java.net.InetSocketAddress;
+import java.util.UUID;
+
 /**
  * Enables online mode logins for specified users and sends plugin message to the Bukkit version of this plugin in
  * order to clear that the connection is online mode.
@@ -73,25 +71,43 @@ public class ConnectListener implements Listener {
     private static final String UUID_FIELD_NAME = "uniqueId";
     protected static final MethodHandle UNIQUE_ID_SETTER;
 
+    private static final String REWRITE_ID_NAME = "rewriteId";
+    protected static final MethodHandle REWRITE_ID_SETTER;
+
     static {
-        MethodHandle setHandle = null;
+        MethodHandle uniqueIdHandle = null;
+        MethodHandle rewriterHandle = null;
         try {
             Lookup lookup = MethodHandles.lookup();
 
+            // test for implementation class availability
             Class.forName("net.md_5.bungee.connection.InitialHandler");
-
-            Field uuidField = InitialHandler.class.getDeclaredField(UUID_FIELD_NAME);
-            uuidField.setAccessible(true);
-            setHandle = lookup.unreflectSetter(uuidField);
+            uniqueIdHandle = getHandlerSetter(lookup, UUID_FIELD_NAME);
+            try {
+                rewriterHandle = getHandlerSetter(lookup, REWRITE_ID_NAME);
+            } catch (NoSuchFieldException noSuchFieldEx) {
+                Logger logger = LoggerFactory.getLogger(ConnectListener.class);
+                logger.error(
+                        "Rewrite field not found. Setting only legacy BungeeCord field"
+                );
+            }
         } catch (ReflectiveOperationException reflectiveOperationException) {
             Logger logger = LoggerFactory.getLogger(ConnectListener.class);
             logger.error(
-                    "Cannot find Bungee initial handler; Disabling premium UUID and skin won't work.",
+                    "Cannot find Bungee UUID field implementation; Disabling premium UUID and skin won't work.",
                     reflectiveOperationException
             );
         }
 
-        UNIQUE_ID_SETTER = setHandle;
+        UNIQUE_ID_SETTER = uniqueIdHandle;
+        REWRITE_ID_SETTER = rewriterHandle;
+    }
+
+    private static MethodHandle getHandlerSetter(Lookup lookup, String fieldName)
+            throws NoSuchFieldException, IllegalAccessException {
+        Field uuidField = InitialHandler.class.getDeclaredField(fieldName);
+        uuidField.setAccessible(true);
+        return lookup.unreflectSetter(uuidField);
     }
 
     private final FastLoginBungee plugin;
@@ -181,6 +197,12 @@ public class ConnectListener implements Listener {
             // So we have to do it with reflection
             UNIQUE_ID_SETTER.invokeExact(connection, offlineUUID);
 
+            // if available set rewrite id to forward the UUID for newer BungeeCord versions since
+            // https://github.com/SpigotMC/BungeeCord/commit/1be25b6c74ec2be4b15adf8ca53a0497f01e2afe
+            if (REWRITE_ID_SETTER != null) {
+                REWRITE_ID_SETTER.invokeExact(connection, offlineUUID);
+            }
+
             String format = "Overridden UUID from {} to {} (based of {}) on {}";
             plugin.getLog().info(format, oldPremiumId, offlineUUID, username, connection);
         } catch (Exception ex) {

bungee/src/main/java/com/github/games647/fastlogin/bungee/listener/PluginMessageListener.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -28,17 +28,14 @@ package com.github.games647.fastlogin.bungee.listener;
 import com.github.games647.fastlogin.bungee.BungeeLoginSession;
 import com.github.games647.fastlogin.bungee.FastLoginBungee;
 import com.github.games647.fastlogin.bungee.task.AsyncToggleMessage;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.hooks.bedrock.FloodgateService;
 import com.github.games647.fastlogin.core.message.ChangePremiumMessage;
 import com.github.games647.fastlogin.core.message.NamespaceKey;
 import com.github.games647.fastlogin.core.message.SuccessMessage;
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import com.google.common.io.ByteArrayDataInput;
 import com.google.common.io.ByteStreams;
-
-import java.util.Arrays;
-
 import net.md_5.bungee.api.CommandSender;
 import net.md_5.bungee.api.chat.TextComponent;
 import net.md_5.bungee.api.connection.ProxiedPlayer;
@@ -47,6 +44,8 @@ import net.md_5.bungee.api.event.PluginMessageEvent;
 import net.md_5.bungee.api.plugin.Listener;
 import net.md_5.bungee.event.EventHandler;
 
+import java.util.Arrays;
+
 public class PluginMessageListener implements Listener {
 
     private final FastLoginBungee plugin;
@@ -132,7 +131,7 @@ public class PluginMessageListener implements Listener {
             loginSession.setRegistered(true);
 
             if (!loginSession.isAlreadySaved()) {
-                playerProfile.setPremium(true);
+                playerProfile.setOnlinemodePreferred(true);
                 plugin.getCore().getStorage().save(playerProfile);
                 loginSession.setAlreadySaved(true);
             }

bungee/src/main/java/com/github/games647/fastlogin/bungee/task/AsyncPremiumCheck.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,10 +29,9 @@ import com.github.games647.fastlogin.bungee.BungeeLoginSession;
 import com.github.games647.fastlogin.bungee.BungeeLoginSource;
 import com.github.games647.fastlogin.bungee.FastLoginBungee;
 import com.github.games647.fastlogin.bungee.event.BungeeFastLoginPreLoginEvent;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.JoinManagement;
 import com.github.games647.fastlogin.core.shared.event.FastLoginPreLoginEvent;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import net.md_5.bungee.api.CommandSender;
 import net.md_5.bungee.api.connection.PendingConnection;
 import net.md_5.bungee.api.connection.ProxiedPlayer;
@@ -82,7 +81,7 @@ public class AsyncPremiumCheck extends JoinManagement<ProxiedPlayer, CommandSend
         plugin.getSession().put(source.getConnection(), new BungeeLoginSession(username, registered, profile));
 
         String ip = source.getAddress().getAddress().getHostAddress();
-        plugin.getCore().getPendingLogin().put(ip + username, new Object());
+        plugin.getCore().addLoginAttempt(ip, username);
     }
 
     @Override

bungee/src/main/java/com/github/games647/fastlogin/bungee/task/AsyncToggleMessage.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,10 +27,9 @@ package com.github.games647.fastlogin.bungee.task;
 
 import com.github.games647.fastlogin.bungee.FastLoginBungee;
 import com.github.games647.fastlogin.bungee.event.BungeeFastLoginPremiumToggleEvent;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.event.FastLoginPremiumToggleEvent.PremiumToggleReason;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import net.md_5.bungee.api.CommandSender;
 import net.md_5.bungee.api.ProxyServer;
 import net.md_5.bungee.api.chat.TextComponent;
@@ -65,29 +64,34 @@ public class AsyncToggleMessage implements Runnable {
     private void turnOffPremium() {
         StoredProfile playerProfile = core.getStorage().loadProfile(targetPlayer);
         //existing player is already cracked
-        if (playerProfile.isSaved() && !playerProfile.isPremium()) {
+        if (playerProfile.isExistingPlayer() && !playerProfile.isOnlinemodePreferred()) {
             sendMessage("not-premium");
             return;
         }
 
-        playerProfile.setPremium(false);
+        playerProfile.setOnlinemodePreferred(false);
         playerProfile.setId(null);
         core.getStorage().save(playerProfile);
         PremiumToggleReason reason = (!isPlayerSender || !sender.getName().equalsIgnoreCase(playerProfile.getName()))
             ? PremiumToggleReason.COMMAND_OTHER : PremiumToggleReason.COMMAND_SELF;
         core.getPlugin().getProxy().getPluginManager().callEvent(
                 new BungeeFastLoginPremiumToggleEvent(playerProfile, reason));
-        sendMessage("remove-premium");
+
+        if (isPlayerSender && core.getConfig().getBoolean("kick-toggle", true)) {
+            sender.disconnect(TextComponent.fromLegacyText(core.getMessage("remove-premium")));
+        } else {
+            sendMessage("remove-premium");
+        }
     }
 
     private void activatePremium() {
         StoredProfile playerProfile = core.getStorage().loadProfile(targetPlayer);
-        if (playerProfile.isPremium()) {
+        if (playerProfile.isOnlinemodePreferred()) {
             sendMessage("already-exists");
             return;
         }
 
-        playerProfile.setPremium(true);
+        playerProfile.setOnlinemodePreferred(true);
         core.getStorage().save(playerProfile);
         PremiumToggleReason reason = (!isPlayerSender || !sender.getName().equalsIgnoreCase(playerProfile.getName()))
             ? PremiumToggleReason.COMMAND_OTHER : PremiumToggleReason.COMMAND_SELF;

bungee/src/main/java/com/github/games647/fastlogin/bungee/task/FloodgateAuthTask.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,16 +29,14 @@ import com.github.games647.fastlogin.bungee.BungeeLoginSession;
 import com.github.games647.fastlogin.bungee.FastLoginBungee;
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.FloodgateManagement;
-
-import java.net.InetSocketAddress;
-import java.util.UUID;
-
 import net.md_5.bungee.api.CommandSender;
 import net.md_5.bungee.api.connection.ProxiedPlayer;
 import net.md_5.bungee.api.connection.Server;
-
 import org.geysermc.floodgate.api.player.FloodgatePlayer;
 
+import java.net.InetSocketAddress;
+import java.util.UUID;
+
 public class FloodgateAuthTask
         extends FloodgateManagement<ProxiedPlayer, CommandSender, BungeeLoginSession, FastLoginBungee> {
 

bungee/src/main/java/com/github/games647/fastlogin/bungee/task/ForceLoginTask.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -28,7 +28,6 @@ package com.github.games647.fastlogin.bungee.task;
 import com.github.games647.fastlogin.bungee.BungeeLoginSession;
 import com.github.games647.fastlogin.bungee.FastLoginBungee;
 import com.github.games647.fastlogin.bungee.event.BungeeFastLoginAutoLoginEvent;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.message.ChannelMessage;
 import com.github.games647.fastlogin.core.message.LoginActionMessage;
 import com.github.games647.fastlogin.core.message.LoginActionMessage.Type;
@@ -36,14 +35,14 @@ import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.ForceLoginManagement;
 import com.github.games647.fastlogin.core.shared.LoginSession;
 import com.github.games647.fastlogin.core.shared.event.FastLoginAutoLoginEvent;
-
-import java.util.UUID;
-
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 import net.md_5.bungee.api.CommandSender;
 import net.md_5.bungee.api.ProxyServer;
 import net.md_5.bungee.api.connection.ProxiedPlayer;
 import net.md_5.bungee.api.connection.Server;
 
+import java.util.UUID;
+
 public class ForceLoginTask
         extends ForceLoginManagement<ProxiedPlayer, CommandSender, BungeeLoginSession, FastLoginBungee> {
 

bungee/src/main/resources/bungee.yml

@@ -11,8 +11,6 @@ author: games647, https://github.com/games647/FastLogin/graphs/contributors
 softDepends:
     # BungeeCord auth plugins
     - BungeeAuth
-    - BungeeCordAuthenticatorBungee
-    - SodionAuth
     # Bedrock Player Bridge
     - Geyser-BungeeCord
     - floodgate

bungee/src/test/java/com/github/games647/fastlogin/bungee/listener/ConnectListenerTest.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,15 +25,14 @@
  */
 package com.github.games647.fastlogin.bungee.listener;
 
-import java.lang.reflect.Field;
-import java.util.UUID;
-
 import net.md_5.bungee.BungeeCord;
 import net.md_5.bungee.conf.Configuration;
 import net.md_5.bungee.connection.InitialHandler;
-
 import org.junit.jupiter.api.Test;
 
+import java.lang.reflect.Field;
+import java.util.UUID;
+
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.mockito.Mockito.mock;
 

checkstyle.xml

@@ -5,7 +5,7 @@
 
     The MIT License (MIT)
 
-    Copyright (c) 2015-2022 games647 and contributors
+    Copyright (c) 2015-2024 games647 and contributors
 
     Permission is hereby granted, free of charge, to any person obtaining a copy
     of this software and associated documentation files (the "Software"), to deal
@@ -29,35 +29,6 @@
 <!DOCTYPE module PUBLIC
           "-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
           "https://checkstyle.org/dtds/configuration_1_3.dtd">
-
-<!--
-
-  Checkstyle configuration that checks the sun coding conventions from:
-
-    - the Java Language Specification at
-      https://docs.oracle.com/javase/specs/jls/se11/html/index.html
-
-    - the Sun Code Conventions at https://www.oracle.com/java/technologies/javase/codeconventions-contents.html
-
-    - the Javadoc guidelines at
-      https://www.oracle.com/technical-resources/articles/java/javadoc-tool.html
-
-    - the JDK Api documentation https://docs.oracle.com/en/java/javase/11/
-
-    - some best practices
-
-  Checkstyle is very configurable. Be sure to read the documentation at
-  https://checkstyle.org (or in your downloaded distribution).
-
-  Most Checks are configurable, be sure to consult the documentation.
-
-  To completely disable a check, just comment it out or delete it from the file.
-  To suppress certain violations please review suppression filters.
-
-  Finally, it is worth reading the documentation.
-
--->
-
 <module name="Checker">
   <!--
       If you set the basedir property below, then all reported file
@@ -101,6 +72,7 @@
   <module name="LineLength">
     <property name="max" value="120"/>
     <property name="fileExtensions" value="java"/>
+    <property name="ignorePattern" value="^ *\* *@see.+$"/>
   </module>
 
   <!-- Checks for whitespace                               -->
@@ -219,6 +191,12 @@
       <property name="optional" value="true"/>
     </module>
 
+    <!-- Suppress filters via comments -->
+    <!-- https://stackoverflow.com/a/4023351/9767089 -->
+    <module name="SuppressionCommentFilter">
+      <property name="offCommentFormat" value="CHECKSTYLE.OFF\: ([\w\|]+)"/>
+      <property name="onCommentFormat" value="CHECKSTYLE.ON\: ([\w\|]+)"/>
+      <property name="checkFormat" value="$1"/>
+    </module>
   </module>
-
 </module>

core/pom.xml

@@ -4,7 +4,7 @@
 
     The MIT License (MIT)
 
-    Copyright (c) 2015-2022 games647 and contributors
+    Copyright (c) 2015-2024 games647 and contributors
 
     Permission is hereby granted, free of charge, to any person obtaining a copy
     of this software and associated documentation files (the "Software"), to deal
@@ -25,7 +25,7 @@
     SOFTWARE.
 
 -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
@@ -39,12 +39,17 @@
     <artifactId>fastlogin.core</artifactId>
     <packaging>jar</packaging>
 
+    <properties>
+        <!-- Still force Java 8 for the remaining project -->
+        <maven.compiler.release>8</maven.compiler.release>
+    </properties>
+
     <name>FastLoginCore</name>
 
     <repositories>
         <repository>
             <id>luck-repo</id>
-            <url>https://ci.lucko.me/plugin/repository/everything</url>
+            <url>https://ci.lucko.me/plugin/repository/everything/</url>
             <snapshots>
                 <enabled>false</enabled>
             </snapshots>
@@ -55,7 +60,7 @@
         </repository>
         <!-- Floodgate -->
         <repository>
-            <id>opencollab-snapshot</id>
+            <id>opencollab</id>
             <url>https://repo.opencollab.dev/maven-snapshots/</url>
             <releases>
                 <enabled>false</enabled>
@@ -63,6 +68,56 @@
         </repository>
     </repositories>
 
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <version>3.4.2</version>
+                <configuration>
+                    <archive>
+                        <manifestEntries>
+                            <Automatic-Module-Name>com.github.games647.fastlogin.core</Automatic-Module-Name>
+                        </manifestEntries>
+                    </archive>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+    <profiles>
+        <profile>
+            <id>jdk21</id>
+            <activation>
+                <jdk>[21,)</jdk>
+            </activation>
+            <build>
+                <pluginManagement>
+                    <plugins>
+                        <plugin>
+                            <artifactId>maven-compiler-plugin</artifactId>
+                            <executions>
+                                <execution>
+                                    <id>jdk21</id>
+                                    <goals>
+                                        <goal>compile</goal>
+                                    </goals>
+                                    <configuration>
+                                        <release>21</release>
+                                        <compileSourceRoots>
+                                            <compileSourceRoot>${project.basedir}/src/main/java21</compileSourceRoot>
+                                        </compileSourceRoots>
+                                        <multiReleaseOutput>true</multiReleaseOutput>
+                                    </configuration>
+                                </execution>
+                            </executions>
+                        </plugin>
+                    </plugins>
+                </pluginManagement>
+            </build>
+        </profile>
+    </profiles>
+
     <dependencies>
         <!-- Libraries that we shade into the project -->
 
@@ -85,20 +140,21 @@
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-jdk14</artifactId>
-            <version>2.0.0-alpha7</version>
+            <version>2.0.17</version>
         </dependency>
 
-        <!-- snakeyaml is present in Bungee, Spigot, Cauldron, so we could use this independent implementation -->
+        <!-- snakeyaml is present in Bungee, Spigot, so we could use this independent implementation -->
         <dependency>
             <groupId>net.md-5</groupId>
             <artifactId>bungeecord-config</artifactId>
-            <version>1.19-R0.1-20220702.004052-16</version>
-            <exclusions>
-                <exclusion>
-                    <groupId>*</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
-            </exclusions>
+            <version>1.20-R0.2</version>
+        </dependency>
+
+        <!-- This is optional in BungeeCord-config, so we include it here manually -->
+        <dependency>
+            <groupId>org.yaml</groupId>
+            <artifactId>snakeyaml</artifactId>
+            <version>2.4</version>
         </dependency>
 
         <!--Floodgate for Xbox Live Authentication-->
@@ -109,11 +165,7 @@
             <scope>provided</scope>
             <exclusions>
                 <exclusion>
-                    <groupId>io.netty</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.geysermc.cumulus</groupId>
+                    <groupId>*</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
             </exclusions>
@@ -121,7 +173,7 @@
 
         <!-- Bedrock player bridge -->
         <dependency>
-            <groupId>org.geysermc</groupId>
+            <groupId>org.geysermc.geyser</groupId>
             <artifactId>core</artifactId>
             <version>${geyser.version}</version>
             <scope>provided</scope>
@@ -135,54 +187,31 @@
 
         <!-- We need the API, but it was excluded above -->
         <dependency>
-            <groupId>org.geysermc</groupId>
-            <artifactId>geyser-api</artifactId>
+            <groupId>org.geysermc.geyser</groupId>
+            <artifactId>api</artifactId>
             <version>${geyser.version}</version>
             <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
 
         <!--Common component for contacting the Mojang API-->
         <dependency>
             <groupId>com.github.games647</groupId>
             <artifactId>craftapi</artifactId>
-            <version>0.5.3</version>
+            <version>1.0-SNAPSHOT</version>
         </dependency>
 
-        <!-- APIs we can use because they are available in all platforms (Spigot, Bungee, Velocity) -->
+        <!-- Database driver included in Spigot -->
         <dependency>
-            <groupId>com.google.guava</groupId>
-            <artifactId>guava</artifactId>
-            <!-- Old version for velocity -->
-            <version>25.1-jre</version>
-            <!-- Exclude compile time dependencies not marked as such on upstream  -->
-            <exclusions>
-                <exclusion>
-                    <groupId>com.google.code.findbugs</groupId>
-                    <artifactId>jsr305</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.checkerframework</groupId>
-                    <artifactId>checker-qual</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>com.google.errorprone</groupId>
-                    <artifactId>error_prone_annotations</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>com.google.j2objc</groupId>
-                    <artifactId>j2objc-annotations</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.codehaus.mojo</groupId>
-                    <artifactId>animal-sniffer-annotations</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-
-        <dependency>
-            <groupId>com.google.code.gson</groupId>
-            <artifactId>gson</artifactId>
-            <version>2.9.0</version>
+            <groupId>org.xerial</groupId>
+            <artifactId>sqlite-jdbc</artifactId>
+            <version>[3.36,)</version>
+            <scope>provided</scope>
         </dependency>
     </dependencies>
 </project>

core/src/main/java/com/github/games647/fastlogin/core/CommonUtil.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -26,27 +26,26 @@
 package com.github.games647.fastlogin.core;
 
 import com.google.common.cache.CacheBuilder;
-
-import java.lang.reflect.Constructor;
-import java.lang.reflect.InvocationTargetException;
-import java.util.concurrent.ConcurrentMap;
-import java.util.concurrent.TimeUnit;
-import java.util.logging.Level;
-
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.slf4j.jul.JDK14LoggerAdapter;
 
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.time.Duration;
+import java.util.concurrent.ConcurrentMap;
+import java.util.logging.Level;
+
 public final class CommonUtil {
 
     private static final char COLOR_CHAR = '&';
     private static final char TRANSLATED_CHAR = '§';
 
-    public static <K, V> ConcurrentMap<K, V> buildCache(int expireAfterWrite, int maxSize) {
+    public static <K, V> ConcurrentMap<K, V> buildCache(Duration expireAfterWrite, int maxSize) {
         CacheBuilder<Object, Object> builder = CacheBuilder.newBuilder();
 
-        if (expireAfterWrite > 0) {
-            builder.expireAfterWrite(expireAfterWrite, TimeUnit.MINUTES);
+        if (expireAfterWrite != null) {
+            builder.expireAfterWrite(expireAfterWrite);
         }
 
         if (maxSize > 0) {

core/src/main/java/com/github/games647/fastlogin/core/PremiumStatus.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

core/src/main/java/com/github/games647/fastlogin/core/ProxyAgnosticMojangResolver.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -23,14 +23,13 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE.
  */
-package com.github.games647.fastlogin.core.mojang;
+package com.github.games647.fastlogin.core;
 
 import com.github.games647.craftapi.model.auth.Verification;
 import com.github.games647.craftapi.resolver.MojangResolver;
+import com.github.games647.craftapi.resolver.Options;
 
 import java.io.IOException;
-import java.io.InputStream;
-import java.net.HttpURLConnection;
 import java.net.InetAddress;
 import java.util.Optional;
 
@@ -44,38 +43,12 @@ import java.util.Optional;
  */
 public class ProxyAgnosticMojangResolver extends MojangResolver {
 
-    private static final String HOST = "sessionserver.mojang.com";
-
-    /**
-     * A formatting string containing a URL used to call the {@code hasJoined} method on mojang session servers.
-     * <p>
-     * Formatting parameters:
-     * 1. The username of the player in question
-     * 2. The serverId of this server
-     */
-    public static final String ENDPOINT = "https://" + HOST + "/session/minecraft/hasJoined?username=%s&serverId=%s";
-
+    public ProxyAgnosticMojangResolver(Options options) {
+        super(options);
+    }
     @Override
     public Optional<Verification> hasJoined(String username, String serverHash, InetAddress hostIp)
         throws IOException {
-        String url = String.format(ENDPOINT, username, serverHash);
-
-        HttpURLConnection conn = this.getConnection(url);
-        int responseCode = conn.getResponseCode();
-
-        Verification verification = null;
-
-        // Mojang session servers send HTTP 204 (NO CONTENT) when the authentication seems invalid
-        // If that's not our case, the authentication is valid, and so we can parse the response.
-        if (responseCode != HttpURLConnection.HTTP_NO_CONTENT) {
-            verification = this.parseRequest(conn, this::parseVerification);
-        }
-
-        return Optional.ofNullable(verification);
-    }
-
-    // Functional implementation of InputStreamAction, used in hasJoined method in parseRequest call
-    protected Verification parseVerification(InputStream input) throws IOException {
-        return this.readJson(input, Verification.class);
+        return super.hasJoined(username, serverHash, null);
     }
 }

core/src/main/java/com/github/games647/fastlogin/core/antibot/AntiBotService.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,10 +25,10 @@
  */
 package com.github.games647.fastlogin.core.antibot;
 
-import java.net.InetSocketAddress;
-
 import org.slf4j.Logger;
 
+import java.net.InetSocketAddress;
+
 public class AntiBotService {
 
     private final Logger logger;
@@ -57,6 +57,6 @@ public class AntiBotService {
 
         Block,
 
-        Continue;
+        Continue
     }
 }

core/src/main/java/com/github/games647/fastlogin/core/antibot/RateLimiter.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

core/src/main/java/com/github/games647/fastlogin/core/antibot/TickingRateLimiter.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -107,7 +107,7 @@ public class TickingRateLimiter implements RateLimiter {
         }
     }
 
-    private static class TimeRecord implements Comparable<Long> {
+    private static class TimeRecord implements Comparable<TimeRecord> {
 
         private final long firstMinuteRecord;
         private final long expireTime;
@@ -131,9 +131,9 @@ public class TickingRateLimiter implements RateLimiter {
             return firstMinuteRecord + expireTime <= now;
         }
 
-        @Override
-        public int compareTo(Long other) {
+        public int compareTo(long other) {
             if (other < firstMinuteRecord) {
+                // other is earlier
                 return -1;
             }
 
@@ -143,5 +143,10 @@ public class TickingRateLimiter implements RateLimiter {
 
             return 0;
         }
+
+        @Override
+        public int compareTo(TimeRecord other) {
+            return compareTo(other.firstMinuteRecord);
+        }
     }
 }

core/src/main/java/com/github/games647/fastlogin/core/hooks/AuthPlugin.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -37,7 +37,7 @@ public interface AuthPlugin<P> {
 
     /**
      * Login the premium (paid account) player after the player joined successfully the server.
-     *
+     * <p>
      * <strong>This operation will be performed async while the player successfully
      * joined the server.</strong>
      *
@@ -48,17 +48,17 @@ public interface AuthPlugin<P> {
 
     /**
      * Forces a register in order to protect the paid account.
-     *
+     * <p>
      * <strong>This operation will be performed async while the player successfully
      * joined the server.</strong>
-     *
+     * <p>
      * After a successful registration the player should be logged
      * in too.
-     *
+     * <p>
      * The method will be called only for premium accounts.
      * So it's recommended to set additionally premium property
      * if possible.
-     *
+     * <p>
      * Background: If we don't register an account, cracked players
      * could steal the unregistered account from the paid
      * player account
@@ -71,11 +71,11 @@ public interface AuthPlugin<P> {
 
     /**
      * Checks whether an account exists for this player name.
-     *
+     * <p>
      * This check should check if a cracked player account exists,
      * so we can be sure the premium player doesn't steal the account
      * of that player.
-     *
+     * <p>
      * This operation will be performed async while the player is
      * connecting.
      *

core/src/main/java/com/github/games647/fastlogin/core/hooks/DefaultPasswordGenerator.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

core/src/main/java/com/github/games647/fastlogin/core/hooks/PasswordGenerator.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,8 +25,17 @@
  */
 package com.github.games647.fastlogin.core.hooks;
 
+/**
+ * Password generator for your auth plugin.
+ * @param <P> platform dependent player class
+ */
 @FunctionalInterface
 public interface PasswordGenerator<P> {
 
+    /**
+     * Generate a password for a non-registered player
+     * @param player player representation
+     * @return generated password
+     */
     String getRandomPassword(P player);
 }

core/src/main/java/com/github/games647/fastlogin/core/hooks/bedrock/BedrockService.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,9 +27,9 @@ package com.github.games647.fastlogin.core.hooks.bedrock;
 
 import com.github.games647.craftapi.model.Profile;
 import com.github.games647.craftapi.resolver.RateLimitException;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.LoginSource;
+import com.github.games647.fastlogin.core.storage.StoredProfile;
 
 import java.io.IOException;
 import java.util.Optional;

core/src/main/java/com/github/games647/fastlogin/core/hooks/bedrock/FloodgateService.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -25,16 +25,15 @@
  */
 package com.github.games647.fastlogin.core.hooks.bedrock;
 
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.LoginSource;
+import com.github.games647.fastlogin.core.storage.StoredProfile;
+import org.geysermc.floodgate.api.FloodgateApi;
+import org.geysermc.floodgate.api.player.FloodgatePlayer;
 
 import java.util.Locale;
 import java.util.UUID;
 
-import org.geysermc.floodgate.api.FloodgateApi;
-import org.geysermc.floodgate.api.player.FloodgatePlayer;
-
 public class FloodgateService extends BedrockService<FloodgatePlayer> {
 
     private final FloodgateApi floodgate;
@@ -99,23 +98,11 @@ public class FloodgateService extends BedrockService<FloodgatePlayer> {
      * The FloodgateApi does not support querying players by name, so this function
      * iterates over every online FloodgatePlayer and checks if the requested
      * username can be found
-     * <br>
-     * <i>Falls back to non-prefixed name checks, if ProtocolLib is installed</i>
      *
      * @param prefixedUsername the name of the player with the prefix appended
      * @return FloodgatePlayer if found, null otherwise
      */
     public FloodgatePlayer getBedrockPlayer(String prefixedUsername) {
-        //prefixes are broken with ProtocolLib, so fall back to name checks without prefixes
-        //this should be removed if #493 gets fixed
-        if (core.getPlugin().isPluginInstalled("ProtocolLib")) {
-            for (FloodgatePlayer floodgatePlayer : floodgate.getPlayers()) {
-                if (floodgatePlayer.getUsername().equals(prefixedUsername)) {
-                    return floodgatePlayer;
-                }
-            }
-            return null;
-        }
         for (FloodgatePlayer floodgatePlayer : floodgate.getPlayers()) {
             if (floodgatePlayer.getCorrectUsername().equals(prefixedUsername)) {
                 return floodgatePlayer;

core/src/main/java/com/github/games647/fastlogin/core/hooks/bedrock/GeyserService.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,13 +27,12 @@ package com.github.games647.fastlogin.core.hooks.bedrock;
 
 import com.github.games647.fastlogin.core.shared.FastLoginCore;
 import com.github.games647.fastlogin.core.shared.LoginSource;
+import org.geysermc.geyser.GeyserImpl;
+import org.geysermc.geyser.api.network.AuthType;
+import org.geysermc.geyser.session.GeyserSession;
 
 import java.util.UUID;
 
-import org.geysermc.geyser.GeyserImpl;
-import org.geysermc.geyser.session.GeyserSession;
-import org.geysermc.geyser.session.auth.AuthType;
-
 public class GeyserService extends BedrockService<GeyserSession> {
 
     private final GeyserImpl geyser;
@@ -44,7 +43,7 @@ public class GeyserService extends BedrockService<GeyserSession> {
         super(core);
         this.geyser = geyser;
         this.core = core;
-        this.authType = GeyserImpl.getInstance().getConfig().getRemote().getAuthType();
+        this.authType = GeyserImpl.getInstance().getConfig().getRemote().authType();
     }
 
     @Override
@@ -65,7 +64,12 @@ public class GeyserService extends BedrockService<GeyserSession> {
 
     @Override
     public GeyserSession getBedrockPlayer(String username) {
-        return geyser.connectionByName(username);
+        for (GeyserSession gSess : geyser.getSessionManager().getAllSessions()) {
+            if (username.equals(gSess.getClientData().getUsername())) {
+                return gSess;
+            }
+        }
+        return null;
     }
 
     @Override

core/src/main/java/com/github/games647/fastlogin/core/message/ChangePremiumMessage.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

core/src/main/java/com/github/games647/fastlogin/core/message/ChannelMessage.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

core/src/main/java/com/github/games647/fastlogin/core/message/LoginActionMessage.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -63,7 +63,7 @@ public class LoginActionMessage implements ChannelMessage {
 
     @Override
     public void readFrom(ByteArrayDataInput input) {
-        this.type = Type.values()[input.readInt()];
+        this.type = Type.values()[input.readByte()];
 
         this.playerName = input.readUTF();
 
@@ -75,7 +75,7 @@ public class LoginActionMessage implements ChannelMessage {
 
     @Override
     public void writeTo(ByteArrayDataOutput output) {
-        output.writeInt(type.ordinal());
+        output.writeByte(type.ordinal());
 
         //Data is sent through a random player. We have to tell the Bukkit version of this plugin the target
         output.writeUTF(playerName);

core/src/main/java/com/github/games647/fastlogin/core/message/NamespaceKey.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -48,4 +48,12 @@ public class NamespaceKey {
     public static String getCombined(String namespace, String key) {
         return new NamespaceKey(namespace, key).combined;
     }
+
+    public String getNamespace() {
+        return namespace;
+    }
+
+    public String getKey() {
+        return key;
+    }
 }

core/src/main/java/com/github/games647/fastlogin/core/message/SuccessMessage.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

core/src/main/java/com/github/games647/fastlogin/core/scheduler/AbstractAsyncScheduler.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -23,36 +23,22 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE.
  */
-package com.github.games647.fastlogin.core;
+package com.github.games647.fastlogin.core.scheduler;
 
+import org.slf4j.Logger;
+
+import java.time.Duration;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.Executor;
 import java.util.concurrent.atomic.AtomicInteger;
 
-import org.slf4j.Logger;
+public abstract class AbstractAsyncScheduler {
 
-/**
- * This limits the number of threads that are used at maximum. Thread creation can be very heavy for the CPU and
- * context switching between threads too. However, we need many threads for blocking HTTP and database calls.
- * Nevertheless, this number can be further limited, because the number of actually working database threads
- * is limited by the size of our database pool. The goal is to separate concerns into processing and blocking only
- * threads.
- */
-public class AsyncScheduler {
+    protected final Logger logger;
+    protected final Executor processingPool;
+    protected final AtomicInteger currentlyRunning = new AtomicInteger();
 
-    private static final int MAX_CAPACITY = 1024;
-
-    //todo: single thread for delaying and scheduling tasks
-    private final Logger logger;
-
-    // 30 threads are still too many - the optimal solution is to separate into processing and blocking threads
-    // where processing threads could only be max number of cores while blocking threads could be minimized using
-    // non-blocking I/O and a single event executor
-    private final Executor processingPool;
-
-    private final AtomicInteger currentlyRunning = new AtomicInteger();
-
-    public AsyncScheduler(Logger logger, Executor processingPool) {
+    public AbstractAsyncScheduler(Logger logger, Executor processingPool) {
         this.logger = logger;
         this.processingPool = processingPool;
     }
@@ -64,7 +50,25 @@ public class AsyncScheduler {
         });
     }
 
-    private void process(Runnable task) {
+    public CompletableFuture<Void> runAsyncDelayed(Runnable task, Duration delay) {
+        return CompletableFuture.runAsync(() -> {
+            currentlyRunning.incrementAndGet();
+            try {
+                Thread.sleep(delay.toMillis());
+                task.run();
+            } catch (InterruptedException interruptedException) {
+                // restore interrupt flag
+                Thread.currentThread().interrupt();
+            } finally {
+                currentlyRunning.getAndDecrement();
+            }
+        }, processingPool).exceptionally(error -> {
+            logger.warn("Error occurred on thread pool", error);
+            return null;
+        });
+    }
+
+    protected void process(Runnable task) {
         currentlyRunning.incrementAndGet();
         try {
             task.run();

core/src/main/java/com/github/games647/fastlogin/core/scheduler/AsyncScheduler.java

@@ -0,0 +1,47 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2024 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core.scheduler;
+
+import org.slf4j.Logger;
+
+import java.util.concurrent.Executor;
+
+/**
+ * This limits the number of threads that are used at maximum. Thread creation can be very heavy for the CPU and
+ * context switching between threads too. However, we need many threads for blocking HTTP and database calls.
+ * Nevertheless, this number can be further limited, because the number of actually working database threads
+ * is limited by the size of our database pool. The goal is to separate concerns into processing and blocking only
+ * threads.
+ */
+public class AsyncScheduler extends AbstractAsyncScheduler {
+
+    public AsyncScheduler(Logger logger, Executor processingPool) {
+        super(logger, processingPool);
+        logger.info("Using legacy platform scheduler for using an older Java version. "
+            + "Upgrade Java to 21+ for improved performance");
+    }
+
+}

core/src/main/java/com/github/games647/fastlogin/core/shared/FastLoginCore.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -26,8 +26,10 @@
 package com.github.games647.fastlogin.core.shared;
 
 import com.github.games647.craftapi.resolver.MojangResolver;
+import com.github.games647.craftapi.resolver.Options;
 import com.github.games647.craftapi.resolver.http.RotatingProxySelector;
 import com.github.games647.fastlogin.core.CommonUtil;
+import com.github.games647.fastlogin.core.ProxyAgnosticMojangResolver;
 import com.github.games647.fastlogin.core.antibot.AntiBotService;
 import com.github.games647.fastlogin.core.antibot.AntiBotService.Action;
 import com.github.games647.fastlogin.core.antibot.RateLimiter;
@@ -35,24 +37,24 @@ import com.github.games647.fastlogin.core.antibot.TickingRateLimiter;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
 import com.github.games647.fastlogin.core.hooks.DefaultPasswordGenerator;
 import com.github.games647.fastlogin.core.hooks.PasswordGenerator;
-import com.github.games647.fastlogin.core.mojang.ProxyAgnosticMojangResolver;
 import com.github.games647.fastlogin.core.storage.MySQLStorage;
 import com.github.games647.fastlogin.core.storage.SQLStorage;
 import com.github.games647.fastlogin.core.storage.SQLiteStorage;
 import com.google.common.base.Ticker;
-import com.google.common.net.HostAndPort;
 import com.zaxxer.hikari.HikariConfig;
+import net.md_5.bungee.config.Configuration;
+import net.md_5.bungee.config.ConfigurationProvider;
+import net.md_5.bungee.config.YamlConfiguration;
 
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.Reader;
-import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.Proxy;
 import java.net.Proxy.Type;
-import java.net.UnknownHostException;
 import java.nio.file.Files;
 import java.nio.file.Path;
+import java.time.Duration;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.Map;
@@ -62,12 +64,6 @@ import java.util.UUID;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
 
-import net.md_5.bungee.config.Configuration;
-import net.md_5.bungee.config.ConfigurationProvider;
-import net.md_5.bungee.config.YamlConfiguration;
-
-import org.slf4j.Logger;
-
 import static java.util.function.Function.identity;
 import static java.util.stream.Collectors.toMap;
 import static java.util.stream.Collectors.toSet;
@@ -82,7 +78,10 @@ public class FastLoginCore<P extends C, C, T extends PlatformPlugin<C>> {
     private static final long MAX_EXPIRE_RATE = 1_000_000;
 
     private final Map<String, String> localeMessages = new ConcurrentHashMap<>();
-    private final ConcurrentMap<String, Object> pendingLogin = CommonUtil.buildCache(5, -1);
+    private final ConcurrentMap<String, Object> pendingLogin = CommonUtil.buildCache(
+            Duration.ofMinutes(5), -1
+    );
+
     private final Collection<UUID> pendingConfirms = new HashSet<>();
     private final T plugin;
 
@@ -121,30 +120,35 @@ public class FastLoginCore<P extends C, C, T extends PlatformPlugin<C>> {
             return;
         }
 
-        // Initialize the resolver based on the config parameter
-        this.resolver = this.config.getBoolean("useProxyAgnosticResolver", false)
-            ? new ProxyAgnosticMojangResolver() : new MojangResolver();
+        Options resolverOptions = new Options();
+        resolverOptions.setMaxNameRequests(config.getInt("mojang-request-limit", 600));
 
-        antiBot = createAntiBotService(config.getSection("anti-bot"));
         Set<Proxy> proxies = config.getStringList("proxies")
                 .stream()
-                .map(HostAndPort::fromString)
-                .map(proxy -> new InetSocketAddress(proxy.getHost(), proxy.getPort()))
+                .map(proxy -> proxy.split(":"))
+                .map(proxy -> new InetSocketAddress(proxy[0], Integer.parseInt(proxy[1])))
                 .map(sa -> new Proxy(Type.HTTP, sa))
                 .collect(toSet());
-
-        Collection<InetAddress> addresses = new HashSet<>();
-        for (String localAddress : config.getStringList("ip-addresses")) {
-            try {
-                addresses.add(InetAddress.getByName(localAddress.replace('-', '.')));
-            } catch (UnknownHostException ex) {
-                plugin.getLog().error("IP-Address is unknown to us", ex);
-            }
+        if (!proxies.isEmpty()) {
+            resolverOptions.setProxySelector(new RotatingProxySelector(proxies));
         }
 
-        resolver.setMaxNameRequests(config.getInt("mojang-request-limit"));
-        resolver.setProxySelector(new RotatingProxySelector(proxies));
-        resolver.setOutgoingAddresses(addresses);
+//        TODO: Not available currently in craftapi?
+//        Collection<InetAddress> addresses = new HashSet<>();
+//        for (String localAddress : config.getStringList("ip-addresses")) {
+//            try {
+//                addresses.add(InetAddress.getByName(localAddress.replace('-', '.')));
+//            } catch (UnknownHostException ex) {
+//                plugin.getLog().error("IP-Address is unknown to us", ex);
+//            }
+//        }
+//        resolver.setOutgoingAddresses(addresses);
+
+        // Initialize the resolver based on the config parameter
+        this.resolver = this.config.getBoolean("useProxyAgnosticResolver", false)
+            ? new ProxyAgnosticMojangResolver(resolverOptions) : new MojangResolver(resolverOptions);
+
+        antiBot = createAntiBotService(config.getSection("anti-bot"));
     }
 
     private AntiBotService createAntiBotService(Configuration botSection) {
@@ -224,21 +228,16 @@ public class FastLoginCore<P extends C, C, T extends PlatformPlugin<C>> {
     }
 
     public boolean setupDatabase() {
-        String driver = config.getString("driver");
-        if (!checkDriver(driver)) {
-            return false;
-        }
+        String type = config.getString("driver");
 
         HikariConfig databaseConfig = new HikariConfig();
-        databaseConfig.setDriverClassName(driver);
-
         String database = config.getString("database");
 
         databaseConfig.setConnectionTimeout(config.getInt("timeout", 30) * 1_000L);
         databaseConfig.setMaxLifetime(config.getInt("lifetime", 30) * 1_000L);
 
-        if (driver.contains("sqlite")) {
-            storage = new SQLiteStorage(this, database, databaseConfig);
+        if (type.contains("sqlite")) {
+            storage = new SQLiteStorage(plugin, database, databaseConfig);
         } else {
             String host = config.get("host", "");
             int port = config.get("port", 3306);
@@ -256,7 +255,7 @@ public class FastLoginCore<P extends C, C, T extends PlatformPlugin<C>> {
 
             databaseConfig.setUsername(config.get("username", ""));
             databaseConfig.setPassword(config.getString("password"));
-            storage = new MySQLStorage(this, driver, host, port, database, databaseConfig, useSSL);
+            storage = new MySQLStorage(plugin, type, host, port, database, databaseConfig, useSSL);
         }
 
         try {
@@ -268,20 +267,6 @@ public class FastLoginCore<P extends C, C, T extends PlatformPlugin<C>> {
         }
     }
 
-    private boolean checkDriver(String className) {
-        try {
-            Class.forName(className);
-            return true;
-        } catch (ClassNotFoundException notFoundEx) {
-            Logger log = plugin.getLog();
-            log.warn("This driver {} is not supported on this platform", className);
-            log.warn("Please choose either MySQL (Spigot, BungeeCord), SQLite (Spigot, Sponge) or "
-                + "MariaDB (Sponge, Velocity)", notFoundEx);
-        }
-
-        return false;
-    }
-
     public Configuration getConfig() {
         return config;
     }
@@ -290,12 +275,21 @@ public class FastLoginCore<P extends C, C, T extends PlatformPlugin<C>> {
         return passwordGenerator;
     }
 
+    @SuppressWarnings("unused")
     public void setPasswordGenerator(PasswordGenerator<P> passwordGenerator) {
         this.passwordGenerator = passwordGenerator;
     }
 
-    public ConcurrentMap<String, Object> getPendingLogin() {
-        return pendingLogin;
+    public void addLoginAttempt(String ip, String username) {
+        pendingLogin.put(ip + username, new Object());
+    }
+
+    public boolean hasFailedLogin(String ip, String username) {
+        if (!config.get("secondAttemptCracked", false)) {
+            return false;
+        }
+
+        return pendingLogin.remove(ip + username) != null;
     }
 
     public Collection<UUID> getPendingConfirms() {
@@ -306,7 +300,7 @@ public class FastLoginCore<P extends C, C, T extends PlatformPlugin<C>> {
         return authPlugin;
     }
 
-    public AntiBotService getAntiBot() {
+    public AntiBotService getAntiBotService() {
         return antiBot;
     }
 

core/src/main/java/com/github/games647/fastlogin/core/shared/FloodgateManagement.java

@@ -3,7 +3,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015-2022 games647 and contributors
+ * Copyright (c) 2015-2024 games647 and contributors
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,16 +27,16 @@ package com.github.games647.fastlogin.core.shared;
 
 import com.github.games647.craftapi.model.Profile;
 import com.github.games647.craftapi.resolver.RateLimitException;
-import com.github.games647.fastlogin.core.StoredProfile;
 import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+import com.github.games647.fastlogin.core.storage.StoredProfile;
+import org.geysermc.floodgate.api.player.FloodgatePlayer;
 
 import java.io.IOException;
 import java.net.InetSocketAddress;
+import java.util.Locale;
 import java.util.Optional;
 import java.util.UUID;
 
-import org.geysermc.floodgate.api.player.FloodgatePlayer;
-
 public abstract class FloodgateManagement<P extends C, C, L extends LoginSession, T extends PlatformPlugin<C>>
         implements Runnable {
 
@@ -62,9 +62,9 @@ public abstract class FloodgateManagement<P extends C, C, L extends LoginSession
         this.username = getName(player);
 
         //load values from config.yml
-        autoLoginFloodgate = core.getConfig().get("autoLoginFloodgate").toString().toLowerCase();
-        autoRegisterFloodgate = core.getConfig().get("autoRegisterFloodgate").toString().toLowerCase();
-        allowNameConflict = core.getConfig().get("allowFloodgateNameConflict").toString().toLowerCase();
+        autoLoginFloodgate = core.getConfig().get("autoLoginFloodgate").toString().toLowerCase(Locale.ROOT);
+        autoRegisterFloodgate = core.getConfig().get("autoRegisterFloodgate").toString().toLowerCase(Locale.ROOT);
+        allowNameConflict = core.getConfig().get("allowFloodgateNameConflict").toString().toLowerCase(Locale.ROOT);
     }
 
     @Override
@@ -81,13 +81,47 @@ public abstract class FloodgateManagement<P extends C, C, L extends LoginSession
         }
 
         profile = core.getStorage().loadProfile(username);
+
+        if (profile.isExistingPlayer()) {
+            if (profile.isFloodgateMigrated()) {
+                if (profile.getFloodgate() == FloodgateState.TRUE && isLinked) {
+                    core.getPlugin().getLog()
+                            .info("Player {} is already stored by FastLogin as a non-linked Bedrock Edition player",
+                                    username);
+                    return;
+                } else if (profile.getFloodgate() == FloodgateState.FALSE && isLinked) {
+                    profile.setFloodgate(FloodgateState.LINKED);
+                    core.getPlugin().getLog().info(
+                            "Player {} will be changed from a Java player to a linked Floodgate player",
+                            username);
+                }
+            } else {
+                if (isLinked) {
+                    profile.setFloodgate(FloodgateState.LINKED);
+                    core.getPlugin().getLog().info(
+                            "Player {} will be migrated to the v2 database schema as a linked Floodgate user",
+                            username);
+                } else {
+                    profile.setFloodgate(FloodgateState.TRUE);
+                    core.getPlugin().getLog().info(
+                            "Player {} will be migrated to the v2 database schema as a Floodgate user", username);
+                }
+            }
+        } else {
+            if (isLinked) {
+                profile.setFloodgate(FloodgateState.LINKED);
+            } else {
+                profile.setFloodgate(FloodgateState.TRUE);
+            }
+        }
+
         AuthPlugin<P> authPlugin = core.getAuthPluginHook();
 
         try {
             //maybe Bungee without auth plugin
             if (authPlugin == null) {
                 if (profile != null) {
-                    isRegistered = profile.isPremium();
+                    isRegistered = profile.isOnlinemodePreferred();
                 } else {
                     isRegistered = false;
                 }
@@ -120,13 +154,17 @@ public abstract class FloodgateManagement<P extends C, C, L extends LoginSession
             }
         }
 
+        // defer auto registration, if it's not enabled in the config
         if (!isRegistered && !isAutoAuthAllowed(autoRegisterFloodgate)) {
             return;
         }
 
-        //logging in from bedrock for a second time threw an error with UUID
-        if (profile == null) {
-            profile = new StoredProfile(getUUID(player), username, true, getAddress(player).toString());
+        // stop the auto login procedure, if the current connection's parameters don't match the one stored in our
+        // database
+        // ex. we stored a LINKED account, but the current connection is not linked
+        if ((profile.getFloodgate() == FloodgateState.LINKED && !isLinked)
+            || (profile.getFloodgate() == FloodgateState.TRUE && isLinked)) {
+            return;
         }
 
         //start Bukkit/Bungee specific tasks

core/src/main/java/com/github/games647/fastlogin/core/shared/FloodgateState.java

@@ -0,0 +1,86 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2024 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core.shared;
+
+public enum FloodgateState {
+
+    /**
+     * Purely Java profile
+     */
+    FALSE(0),
+
+    /**
+     * Purely Bedrock profile
+     */
+    TRUE(1),
+
+    /**
+     * Bedrock profile is bidirectional associated with the Java Mojang profile.
+     */
+    LINKED(2),
+
+    /**
+     * Data before floodgate database migration. Floodgate state is unknown.
+     */
+    NOT_MIGRATED(3);
+
+    private final int value;
+
+    FloodgateState(int value) {
+        this.value = value;
+    }
+
+    public int getValue() {
+        return value;
+    }
+
+    /**
+     * Convert a number to FloodgateState
+     * <ol start="0">
+     *     <li>False</li>
+     *     <li>True</li>
+     *     <li>Linked</li>
+     *     <li>Not Migrated</li>
+     * </ol>
+     * @param num the number, most likely loaded from the database
+     * @return FloodgateStatus on success, null otherwise
+     */
+    public static FloodgateState fromInt(int num) {
+        // using Enum.values()[i] is expensive as per https://stackoverflow.com/a/8762387/9767089
+        switch (num) {
+            case 0:
+                return FloodgateState.FALSE;
+            case 1:
+                return FloodgateState.TRUE;
+            case 2:
+                return FloodgateState.LINKED;
+            case 3:
+                return FloodgateState.NOT_MIGRATED;
+            default:
+                return null;
+        }
+    }
+}