feedc0de/FastLogin
1
0
Fork 0
forked from TuxCoding/FastLogin
Code Pull Requests Activity

Use SecureRandom for passwords

Browse Source
This commit is contained in:
games647
2017-10-30 17:57:01 +01:00
parent 57eff4b3ec
commit 82a258097d
7 changed files with 20 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/ISSUE_TEMPLATE.md vendored
View File

@ -9,7 +9,7 @@
[//]: # (What did you expect?) [//]: # (What did you expect?)
### Steps/models to reproduce: ### Steps/models to reproduce:
[//]: # (The actions that cause the issue) [//]: # (The actions that cause the issue. Please explain it in detail)
### Plugin list: ### Plugin list:
[//]: # (This can be found by running `/pl`) [//]: # (This can be found by running `/pl`)

1
bukkit/src/main/java/com/github/games647/fastlogin/bukkit/MojangApiBukkit.java
View File

@ -37,7 +37,6 @@ public class MojangApiBukkit extends MojangApiConnector {
String url = String.format(HAS_JOINED_URL, playerSession.getUsername(), serverId, encodedIp); String url = String.format(HAS_JOINED_URL, playerSession.getUsername(), serverId, encodedIp);
HttpURLConnection conn = getConnection(url); HttpURLConnection conn = getConnection(url);
try (BufferedReader reader = new BufferedReader( try (BufferedReader reader = new BufferedReader(
new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8))) { new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8))) {
//validate parsing //validate parsing

20
bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/SkinApplyListener.java
View File

@ -57,17 +57,17 @@ public class SkinApplyListener implements Listener {
private void applySkin(Player player, String skinData, String signature) { private void applySkin(Player player, String skinData, String signature) {
WrappedGameProfile gameProfile = WrappedGameProfile.fromPlayer(player); WrappedGameProfile gameProfile = WrappedGameProfile.fromPlayer(player);
if (skinData != null && signature != null) {
WrappedSignedProperty skin = WrappedSignedProperty.fromValues(SkinProperties.TEXTURE_KEY, skinData, signature); WrappedSignedProperty skin = WrappedSignedProperty.fromValues(SkinProperties.TEXTURE_KEY, skinData, signature);
try {
gameProfile.getProperties().put(SkinProperties.TEXTURE_KEY, skin);
} catch (ClassCastException castException) {
//Cauldron, MCPC, Thermos, ...
Object map = GET_PROPERTIES.invoke(gameProfile.getHandle());
try { try {
gameProfile.getProperties().put(SkinProperties.TEXTURE_KEY, skin); MethodUtils.invokeMethod(map, "put", new Object[]{SkinProperties.TEXTURE_KEY, skin.getHandle()});
} catch (ClassCastException castException) { } catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException ex) {
Object map = GET_PROPERTIES.invoke(gameProfile.getHandle()); plugin.getLog().error("Error setting premium skin", ex);
try {
MethodUtils.invokeMethod(map, "put", new Object[]{SkinProperties.TEXTURE_KEY, skin.getHandle()});
} catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException ex) {
plugin.getLog().error("Error setting premium skin", ex);
}
} }
} }
} }

7
core/src/main/java/com/github/games647/fastlogin/core/AuthStorage.java
View File

@ -50,13 +50,14 @@ public class AuthStorage {
config.setThreadFactory(platformThreadFactory); config.setThreadFactory(platformThreadFactory);
} }
String pluginFolder = core.getPlugin().getPluginFolder().toAbsolutePath().toString();
databasePath = databasePath.replace("{pluginDir}", pluginFolder);
String jdbcUrl = "jdbc:"; String jdbcUrl = "jdbc:";
if (driver.contains("sqlite")) { if (driver.contains("sqlite")) {
String pluginFolder = core.getPlugin().getPluginFolder().toAbsolutePath().toString();
databasePath = databasePath.replace("{pluginDir}", pluginFolder);
jdbcUrl += "sqlite://" + databasePath; jdbcUrl += "sqlite://" + databasePath;
config.setConnectionTestQuery("SELECT 1"); config.setConnectionTestQuery("SELECT 1");
config.setMaximumPoolSize(1);
} else { } else {
jdbcUrl += "mysql://" + host + ':' + port + '/' + databasePath; jdbcUrl += "mysql://" + host + ':' + port + '/' + databasePath;
} }

4
core/src/main/java/com/github/games647/fastlogin/core/hooks/DefaultPasswordGenerator.java
View File

@ -1,12 +1,14 @@
package com.github.games647.fastlogin.core.hooks; package com.github.games647.fastlogin.core.hooks;
import java.security.SecureRandom;
import java.util.Random; import java.util.Random;
public class DefaultPasswordGenerator<P> implements PasswordGenerator<P> { public class DefaultPasswordGenerator<P> implements PasswordGenerator<P> {
private static final char[] PASSWORD_CHARACTERS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" private static final char[] PASSWORD_CHARACTERS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
.toCharArray(); .toCharArray();
private final Random random = new Random();
private final Random random = new SecureRandom();
@Override @Override
public String getRandomPassword(P player) { public String getRandomPassword(P player) {

2
core/src/main/java/com/github/games647/fastlogin/core/mojang/SkinProperties.java
View File

@ -4,7 +4,7 @@ public class SkinProperties {
public static final String TEXTURE_KEY = "textures"; public static final String TEXTURE_KEY = "textures";
private final String name = "textures"; private final String name = TEXTURE_KEY;
private String value; private String value;
private String signature; private String signature;

2
core/src/main/resources/config.yml
View File

@ -167,7 +167,7 @@ database: '{pluginDir}/FastLogin.db'
# MySQL/MariaDB # MySQL/MariaDB
#driver: com.mysql.jdbc.Driver #driver: com.mysql.jdbc.Driver
#host: localhost #host: 127.0.0.1
#port: 3306 #port: 3306
#database: fastlogin #database: fastlogin
#username: myUser #username: myUser