Examples with Verification com.github.games647.craftapi.model.auth.Verification used on opensource projects

Example 1 with Verification

use of com.github.games647.craftapi.model.auth.Verification in project FastLogin by games647.

the class VerifyResponseTask method verifyResponse.

private void verifyResponse(BukkitLoginSession session) {
    PrivateKey privateKey = serverKey.getPrivate();
    SecretKey loginKey;
    try {
        loginKey = EncryptionUtil.decryptSharedKey(privateKey, sharedSecret);
    } catch (GeneralSecurityException securityEx) {
        disconnect("error-kick", false, "Cannot decrypt received contents", securityEx);
        return;
    }
    try {
        if (!checkVerifyToken(session) || !enableEncryption(loginKey)) {
            return;
        }
    } catch (Exception ex) {
        disconnect("error-kick", false, "Cannot decrypt received contents", ex);
        return;
    }
    String serverId = EncryptionUtil.getServerIdHashString("", loginKey, serverKey.getPublic());
    String requestedUsername = session.getRequestUsername();
    InetSocketAddress socketAddress = player.getAddress();
    try {
        MojangResolver resolver = plugin.getCore().getResolver();
        InetAddress address = socketAddress.getAddress();
        Optional<Verification> response = resolver.hasJoined(requestedUsername, serverId, address);
        if (response.isPresent()) {
            Verification verification = response.get();
            plugin.getLog().info("Profile {} has a verified premium account", requestedUsername);
            String realUsername = verification.getName();
            if (realUsername == null) {
                disconnect("invalid-session", true, "Username field null for {}", requestedUsername);
                return;
            }
            SkinProperty[] properties = verification.getProperties();
            if (properties.length > 0) {
                session.setSkinProperty(properties[0]);
            }
            session.setVerifiedUsername(realUsername);
            session.setUuid(verification.getId());
            session.setVerified(true);
            setPremiumUUID(session.getUuid());
            receiveFakeStartPacket(realUsername);
        } else {
            // user tried to fake an authentication
            disconnect("invalid-session", true, "GameProfile {0} ({1}) tried to log in with an invalid session ServerId: {2}", session.getRequestUsername(), socketAddress, serverId);
        }
    } catch (IOException ioEx) {
        disconnect("error-kick", false, "Failed to connect to session server", ioEx);
    }
}

Example 2 with Verification

use of com.github.games647.craftapi.model.auth.Verification in project CraftAPI by games647.

the class MojangResolver method hasJoined.

// todo: implement custom rate limiter that cleans up on size checking
// private final Map<Object, Object> requests = SafeCacheBuilder.newBuilder()
// .expireAfterWrite(10, TimeUnit.MINUTES)
// .build(CacheLoader.from(() -> {
// throw new UnsupportedOperationException();
// }));
@Override
public Optional<Verification> hasJoined(String username, String serverHash, InetAddress hostIp) throws IOException {
    String url;
    if (hostIp instanceof Inet6Address) {
        // Mojang currently doesn't check the IPv6 address correct. The prevent-proxy even doesn't work with
        // a vanilla server
        url = String.format(HAS_JOINED_URL_RAW, username, serverHash);
    } else {
        String encodedIP = URLEncoder.encode(hostIp.getHostAddress(), StandardCharsets.UTF_8.name());
        url = String.format(HAS_JOINED_URL_PROXY_CHECK, username, serverHash, encodedIP);
    }
    HttpURLConnection conn = getConnection(url);
    int responseCode = conn.getResponseCode();
    if (responseCode == HttpURLConnection.HTTP_NO_CONTENT) {
        return Optional.empty();
    }
    return Optional.of(parseRequest(conn, in -> readJson(in, Verification.class)));
}