From 253181d34e7f1d0f42be4557d85e2c31d597588d Mon Sep 17 00:00:00 2001 From: games647 Date: Tue, 6 Oct 2015 19:22:37 +0200 Subject: [PATCH] Fixed json parsing for logins --- .../github/games647/fastlogin/Encryption.java | 3 ++- .../github/games647/fastlogin/FastLogin.java | 3 ++- .../games647/fastlogin/hooks/AuthMeHook.java | 7 ------ .../fastlogin/hooks/CrazyLoginHook.java | 1 + .../fastlogin/hooks/LoginSecurityHook.java | 2 +- .../games647/fastlogin/hooks/xAuthHook.java | 22 ++++++++++--------- .../listener/EncryptionPacketListener.java | 7 ++++-- .../fastlogin/listener/PlayerListener.java | 4 +++- .../listener/StartPacketListener.java | 7 +++--- 9 files changed, 30 insertions(+), 26 deletions(-) diff --git a/src/main/java/com/github/games647/fastlogin/Encryption.java b/src/main/java/com/github/games647/fastlogin/Encryption.java index 81929d98..44f41c50 100644 --- a/src/main/java/com/github/games647/fastlogin/Encryption.java +++ b/src/main/java/com/github/games647/fastlogin/Encryption.java @@ -24,7 +24,8 @@ import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; /** - * Encryption and decryption minecraft util for connection between servers and paid minecraft account clients + * Encryption and decryption minecraft util for connection between servers + * and paid minecraft account clients. * * Source: https://github.com/bergerkiller/CraftSource/blob/master/net.minecraft.server/MinecraftEncryption.java * diff --git a/src/main/java/com/github/games647/fastlogin/FastLogin.java b/src/main/java/com/github/games647/fastlogin/FastLogin.java index 01f015af..ad85e256 100644 --- a/src/main/java/com/github/games647/fastlogin/FastLogin.java +++ b/src/main/java/com/github/games647/fastlogin/FastLogin.java @@ -76,7 +76,7 @@ public class FastLogin extends JavaPlugin { protocolManager.addPacketListener(new StartPacketListener(this, protocolManager)); //register commands using a unique name - getCommand(getName()).setExecutor(new PremiumCommand(this)); + getCommand("premium").setExecutor(new PremiumCommand(this)); } @Override @@ -145,6 +145,7 @@ public class FastLogin extends JavaPlugin { Class clazz = clazzInfo.load(); //uses only member classes which uses AuthPlugin interface (skip interfaces) if (AuthPlugin.class.isAssignableFrom(clazz) + //check only for enabled plugins. A single plugin could be disabled by plugin managers && getServer().getPluginManager().isPluginEnabled(pluginName)) { authPluginHook = (AuthPlugin) clazz.newInstance(); getLogger().log(Level.INFO, "Hooking into auth plugin: {0}", pluginName); diff --git a/src/main/java/com/github/games647/fastlogin/hooks/AuthMeHook.java b/src/main/java/com/github/games647/fastlogin/hooks/AuthMeHook.java index 93d91686..f4949c70 100644 --- a/src/main/java/com/github/games647/fastlogin/hooks/AuthMeHook.java +++ b/src/main/java/com/github/games647/fastlogin/hooks/AuthMeHook.java @@ -1,7 +1,6 @@ package com.github.games647.fastlogin.hooks; import fr.xephi.authme.api.NewAPI; -import fr.xephi.authme.cache.limbo.LimboCache; import org.bukkit.entity.Player; @@ -13,12 +12,6 @@ public class AuthMeHook implements AuthPlugin { @Override public void forceLogin(Player player) { - //here is the gamemode, inventory ... saved - if (!LimboCache.getInstance().hasLimboPlayer(player.getName().toLowerCase())) { - //add cache entry - otherwise logging in wouldn't work - LimboCache.getInstance().addLimboPlayer(player); - } - //skips registration and login NewAPI.getInstance().forceLogin(player); } diff --git a/src/main/java/com/github/games647/fastlogin/hooks/CrazyLoginHook.java b/src/main/java/com/github/games647/fastlogin/hooks/CrazyLoginHook.java index c632c9ae..e8a26b62 100644 --- a/src/main/java/com/github/games647/fastlogin/hooks/CrazyLoginHook.java +++ b/src/main/java/com/github/games647/fastlogin/hooks/CrazyLoginHook.java @@ -21,6 +21,7 @@ public class CrazyLoginHook implements AuthPlugin { if (playerData == null) { //create a fake account - this will be saved to the database with the password=FAILEDLOADING //user cannot login with that password unless the admin uses plain text + //this automatically marks the player as logged in playerData = new LoginPlayerData(player); crazyDatabase.save(playerData); } else { diff --git a/src/main/java/com/github/games647/fastlogin/hooks/LoginSecurityHook.java b/src/main/java/com/github/games647/fastlogin/hooks/LoginSecurityHook.java index cfd93185..93ef26ed 100644 --- a/src/main/java/com/github/games647/fastlogin/hooks/LoginSecurityHook.java +++ b/src/main/java/com/github/games647/fastlogin/hooks/LoginSecurityHook.java @@ -24,7 +24,7 @@ public class LoginSecurityHook implements AuthPlugin { securityPlugin.authList.remove(name); //cancel timeout timer securityPlugin.thread.timeout.remove(name); - //remove effects + //remove effects and restore location securityPlugin.rehabPlayer(player, name); } } diff --git a/src/main/java/com/github/games647/fastlogin/hooks/xAuthHook.java b/src/main/java/com/github/games647/fastlogin/hooks/xAuthHook.java index 8a297424..d884baf3 100644 --- a/src/main/java/com/github/games647/fastlogin/hooks/xAuthHook.java +++ b/src/main/java/com/github/games647/fastlogin/hooks/xAuthHook.java @@ -19,18 +19,20 @@ public class xAuthHook implements AuthPlugin { xAuth xAuthPlugin = xAuth.getPlugin(); xAuthPlayer xAuthPlayer = xAuthPlugin.getPlayerManager().getPlayer(player); - //we checked that the player is premium (paid account) - xAuthPlayer.setPremium(true); - //mark the player online - xAuthPlugin.getAuthClass(xAuthPlayer).online(xAuthPlayer.getName()); + if (xAuthPlayer != null) { + //we checked that the player is premium (paid account) + xAuthPlayer.setPremium(true); + //mark the player online + xAuthPlugin.getAuthClass(xAuthPlayer).online(xAuthPlayer.getName()); - //update last login time - xAuthPlayer.setLoginTime(new Timestamp(System.currentTimeMillis())); + //update last login time + xAuthPlayer.setLoginTime(new Timestamp(System.currentTimeMillis())); - //mark the player as logged in - xAuthPlayer.setStatus(Status.AUTHENTICATED); + //mark the player as logged in + xAuthPlayer.setStatus(Status.AUTHENTICATED); - //restore inventory - xAuthPlugin.getPlayerManager().unprotect(xAuthPlayer); + //restore inventory + xAuthPlugin.getPlayerManager().unprotect(xAuthPlayer); + } } } diff --git a/src/main/java/com/github/games647/fastlogin/listener/EncryptionPacketListener.java b/src/main/java/com/github/games647/fastlogin/listener/EncryptionPacketListener.java index 63d7c0d1..53364152 100644 --- a/src/main/java/com/github/games647/fastlogin/listener/EncryptionPacketListener.java +++ b/src/main/java/com/github/games647/fastlogin/listener/EncryptionPacketListener.java @@ -28,6 +28,7 @@ import java.util.logging.Level; import javax.crypto.SecretKey; import org.bukkit.entity.Player; +import org.json.simple.JSONArray; import org.json.simple.JSONObject; import org.json.simple.JSONValue; @@ -198,9 +199,10 @@ public class EncryptionPacketListener extends PacketAdapter { String uuid = (String) userData.get("id"); String name = (String) userData.get("name"); - JSONObject properties = (JSONObject) userData.get("properties"); + JSONArray properties = (JSONArray) userData.get("properties"); + JSONObject skinData = (JSONObject) properties.get(0); //base64 encoded skin data - String encodedSkin = (String) properties.get("value"); + String encodedSkin = (String) skinData.get("value"); return true; } @@ -218,6 +220,7 @@ public class EncryptionPacketListener extends PacketAdapter { //see StartPacketListener for packet information PacketContainer startPacket = protocolManager.createPacket(PacketType.Login.Client.START, true); + //uuid is ignored WrappedGameProfile fakeProfile = new WrappedGameProfile(UUID.randomUUID(), username); startPacket.getGameProfiles().write(0, fakeProfile); try { diff --git a/src/main/java/com/github/games647/fastlogin/listener/PlayerListener.java b/src/main/java/com/github/games647/fastlogin/listener/PlayerListener.java index 45f91e15..16a97ab3 100644 --- a/src/main/java/com/github/games647/fastlogin/listener/PlayerListener.java +++ b/src/main/java/com/github/games647/fastlogin/listener/PlayerListener.java @@ -18,6 +18,8 @@ import org.bukkit.event.player.PlayerJoinEvent; * plugin can skip authentication. */ public class PlayerListener implements Listener { + + private static final long DELAY_LOGIN = 1 * 20L; private final FastLogin plugin; private final AuthPlugin authPlugin; @@ -46,7 +48,7 @@ public class PlayerListener implements Listener { } } //Wait before auth plugin initializes the player - }, 2 * 20L); + }, DELAY_LOGIN); } } } diff --git a/src/main/java/com/github/games647/fastlogin/listener/StartPacketListener.java b/src/main/java/com/github/games647/fastlogin/listener/StartPacketListener.java index 38d4aef9..57d7738d 100644 --- a/src/main/java/com/github/games647/fastlogin/listener/StartPacketListener.java +++ b/src/main/java/com/github/games647/fastlogin/listener/StartPacketListener.java @@ -36,12 +36,13 @@ public class StartPacketListener extends PacketAdapter { private static final String UUID_LINK = "https://api.mojang.com/users/profiles/minecraft/"; //this includes a-zA-Z1-9_ private static final String VALID_PLAYERNAME = "^\\w{2,16}$"; + private static final int VERIFY_TOKEN_LENGTH = 4; private final ProtocolManager protocolManager; //hides the inherit Plugin plugin field, but we need a more detailed type than just Plugin private final FastLogin plugin; - //just create a new once on plugin enable + //just create a new once on plugin enable. This used for verify token generation private final Random random = new Random(); //compile the pattern on plugin enable private final Pattern playernameMatcher = Pattern.compile(VALID_PLAYERNAME); @@ -121,15 +122,15 @@ public class StartPacketListener extends PacketAdapter { newPacket.getSpecificModifier(PublicKey.class).write(0, plugin.getKeyPair().getPublic()); //generate a random token which should be the same when we receive it from the client - byte[] verifyToken = new byte[4]; + byte[] verifyToken = new byte[VERIFY_TOKEN_LENGTH]; random.nextBytes(verifyToken); newPacket.getByteArrays().write(0, verifyToken); protocolManager.sendServerPacket(player, newPacket); //cancel only if the player has a paid account otherwise login as normal offline player - packetEvent.setCancelled(true); plugin.getSessions().put(sessionKey, new PlayerSession(verifyToken, username)); + packetEvent.setCancelled(true); } catch (InvocationTargetException ex) { plugin.getLogger().log(Level.SEVERE, "Cannot send encryption packet. Falling back to normal login", ex); }