d2/dc4/a01483_source.html

 #include "Globals.h"  // NOTE: MSVC stupidness requires this to be the same across all modules

 #include "Authenticator.h"
 #include "MojangAPI.h"
 #include "../Root.h"
 #include "../Server.h"
 #include "../ClientHandle.h"
 #include "../UUID.h"

 #include "../IniFile.h"
 #include "json/json.h"

 #include "../mbedTLS++/BlockingSslClientSocket.h"


 #define DEFAULT_AUTH_SERVER "sessionserver.mojang.com"
 #define DEFAULT_AUTH_ADDRESS "/session/minecraft/hasJoined?username=%USERNAME%&serverId=%SERVERID%"


 cAuthenticator::cAuthenticator(void) :
     super("cAuthenticator"),
     m_Server(DEFAULT_AUTH_SERVER),
     m_Address(DEFAULT_AUTH_ADDRESS),
     m_ShouldAuthenticate(true)
 {
 }


 cAuthenticator::~cAuthenticator()
 {
     Stop();
 }


 void cAuthenticator::ReadSettings(cSettingsRepositoryInterface & a_Settings)
 {
     m_Server             = a_Settings.GetValueSet ("Authentication", "Server", DEFAULT_AUTH_SERVER);
     m_Address            = a_Settings.GetValueSet ("Authentication", "Address", DEFAULT_AUTH_ADDRESS);
     m_ShouldAuthenticate = a_Settings.GetValueSetB("Authentication", "Authenticate", true);
 }


 void cAuthenticator::Authenticate(int a_ClientID, const AString & a_UserName, const AString & a_ServerHash)
 {
     if (!m_ShouldAuthenticate)
     {
         Json::Value Value;
         cRoot::Get()->AuthenticateUser(a_ClientID, a_UserName, cClientHandle::GenerateOfflineUUID(a_UserName), Value);
         return;
     }

     cCSLock LOCK(m_CS);
     m_Queue.push_back(cUser(a_ClientID, a_UserName, a_ServerHash));
     m_QueueNonempty.Set();
 }


 void cAuthenticator::Start(cSettingsRepositoryInterface & a_Settings)
 {
     ReadSettings(a_Settings);
     super::Start();
 }


 void cAuthenticator::Stop(void)
 {
     m_ShouldTerminate = true;
     m_QueueNonempty.Set();
     super::Stop();
 }


 void cAuthenticator::Execute(void)
 {
     for (;;)
     {
         cCSLock Lock(m_CS);
         while (!m_ShouldTerminate && (m_Queue.size() == 0))
         {
             cCSUnlock Unlock(Lock);
             m_QueueNonempty.Wait();
         }
         if (m_ShouldTerminate)
         {
             return;
         }
         ASSERT(!m_Queue.empty());

         cAuthenticator::cUser & User = m_Queue.front();
         int ClientID = User.m_ClientID;
         AString UserName = User.m_Name;
         AString ServerID = User.m_ServerID;
         m_Queue.pop_front();
         Lock.Unlock();

         AString NewUserName = UserName;
         cUUID UUID;
         Json::Value Properties;
         if (AuthWithYggdrasil(NewUserName, ServerID, UUID, Properties))
         {
             LOGINFO("User %s authenticated with UUID %s", NewUserName.c_str(), UUID.ToShortString().c_str());
             cRoot::Get()->AuthenticateUser(ClientID, NewUserName, UUID, Properties);
         }
         else
         {
             cRoot::Get()->KickUser(ClientID, "Failed to authenticate account!");
         }
     }  // for (-ever)
 }


 bool cAuthenticator::AuthWithYggdrasil(AString & a_UserName, const AString & a_ServerId, cUUID & a_UUID, Json::Value & a_Properties)
 {
     LOGD("Trying to authenticate user %s", a_UserName.c_str());

     // Create the GET request:
     AString ActualAddress = m_Address;
     ReplaceString(ActualAddress, "%USERNAME%", a_UserName);
     ReplaceString(ActualAddress, "%SERVERID%", a_ServerId);

     AString Request;
     Request += "GET " + ActualAddress + " HTTP/1.0\r\n";
     Request += "Host: " + m_Server + "\r\n";
     Request += "User-Agent: Cuberite\r\n";
     Request += "Connection: close\r\n";
     Request += "\r\n";

     AString Response;
     if (!cMojangAPI::SecureRequest(m_Server, Request, Response))
     {
         return false;
     }

     // Check the HTTP status line:
     const AString Prefix("HTTP/1.1 200 OK");
     AString HexDump;
     if (Response.compare(0, Prefix.size(), Prefix))
     {
         LOGINFO("User %s failed to auth, bad HTTP status line received", a_UserName.c_str());
         LOGD("Response: \n%s", CreateHexDump(HexDump, Response.data(), Response.size(), 16).c_str());
         return false;
     }

     // Erase the HTTP headers from the response:
     size_t idxHeadersEnd = Response.find("\r\n\r\n");
     if (idxHeadersEnd == AString::npos)
     {
         LOGINFO("User %s failed to authenticate, bad HTTP response header received", a_UserName.c_str());
         LOGD("Response: \n%s", CreateHexDump(HexDump, Response.data(), Response.size(), 16).c_str());
         return false;
     }
     Response.erase(0, idxHeadersEnd + 4);

     // Parse the Json response:
     if (Response.empty())
     {
         return false;
     }
     Json::Value root;
     Json::Reader reader;
     if (!reader.parse(Response, root, false))
     {
         LOGWARNING("cAuthenticator: Cannot parse received data (authentication) to JSON!");
         return false;
     }
     a_UserName = root.get("name", "Unknown").asString();
     a_Properties = root["properties"];
     if (!a_UUID.FromString(root.get("id", "").asString()))
     {
         LOGWARNING("cAuthenticator: Recieved invalid UUID format");
         return false;
     }

     // Store the player's profile in the MojangAPI caches:
     cRoot::Get()->GetMojangAPI().AddPlayerProfile(a_UserName, a_UUID, a_Properties);

     return true;
 }


 /* In case we want to export this function to the plugin API later - don't forget to add the relevant INI configuration lines for DEFAULT_PROPERTIES_ADDRESS

 #define DEFAULT_PROPERTIES_ADDRESS "/session/minecraft/profile/%UUID%"

 // Gets the properties, such as skin, of a player based on their UUID via Mojang's API
 bool GetPlayerProperties(const AString & a_UUID, Json::Value & a_Properties);

 bool cAuthenticator::GetPlayerProperties(const AString & a_UUID, Json::Value & a_Properties)
 {
     LOGD("Trying to get properties for user %s", a_UUID.c_str());

     // Create the GET request:
     AString ActualAddress = m_PropertiesAddress;
     ReplaceString(ActualAddress, "%UUID%", a_UUID);

     AString Request;
     Request += "GET " + ActualAddress + " HTTP/1.0\r\n";
     Request += "Host: " + m_Server + "\r\n";
     Request += "User-Agent: Cuberite\r\n";
     Request += "Connection: close\r\n";
     Request += "\r\n";

     AString Response;
     if (!ConnectSecurelyToAddress(StarfieldCACert(), m_Server, Request, Response))
     {
         return false;
     }

     // Check the HTTP status line:
     const AString Prefix("HTTP/1.1 200 OK");
     AString HexDump;
     if (Response.compare(0, Prefix.size(), Prefix))
     {
         LOGINFO("Failed to get properties for user %s, bad HTTP status line received", a_UUID.c_str());
         LOGD("Response: \n%s", CreateHexDump(HexDump, Response.data(), Response.size(), 16).c_str());
         return false;
     }

     // Erase the HTTP headers from the response:
     size_t idxHeadersEnd = Response.find("\r\n\r\n");
     if (idxHeadersEnd == AString::npos)
     {
         LOGINFO("Failed to get properties for user %s, bad HTTP response header received", a_UUID.c_str());
         LOGD("Response: \n%s", CreateHexDump(HexDump, Response.data(), Response.size(), 16).c_str());
         return false;
     }
     Response.erase(0, idxHeadersEnd + 4);

     // Parse the Json response:
     if (Response.empty())
     {
         return false;
     }

     Json::Value root;
     Json::Reader reader;
     if (!reader.parse(Response, root, false))
     {
         LOGWARNING("cAuthenticator: Cannot parse received properties data to JSON!");
         return false;
     }

     a_Properties = root["properties"];
     return true;
 }
 */


cEvent::Set
void Set(void)
Sets the event - releases one thread that has been waiting in Wait().
Definition: Event.cpp:53

cIsThread::m_ShouldTerminate
std::atomic< bool > m_ShouldTerminate
The overriden Execute() method should check this value periodically and terminate if this is true...
Definition: IsThread.h:32

cSettingsRepositoryInterface
Definition: SettingsRepositoryInterface.h:4

cAuthenticator::ReadSettings
void ReadSettings(cSettingsRepositoryInterface &a_Settings)
(Re-)read server and address from INI:
Definition: Authenticator.cpp:48

cAuthenticator::cAuthenticator
cAuthenticator(void)
Definition: Authenticator.cpp:27

cUUID::ToShortString
AString ToShortString() const
Converts the UUID to a short form string (i.e without dashes).
Definition: UUID.cpp:133

cIsThread
Definition: IsThread.h:24

cUUID::FromString
bool FromString(const AString &a_StringUUID)
Tries to interpret the string as a short or long form UUID and assign from it.
Definition: UUID.cpp:102

cAuthenticator::m_ShouldAuthenticate
bool m_ShouldAuthenticate
Definition: Authenticator.h:84

cAuthenticator::m_Queue
cUserList m_Queue
Definition: Authenticator.h:71

DEFAULT_AUTH_SERVER
#define DEFAULT_AUTH_SERVER
Definition: Authenticator.cpp:20

ReplaceString
void ReplaceString(AString &iHayStack, const AString &iNeedle, const AString &iReplaceWith)
Replaces each occurence of iNeedle in iHayStack with iReplaceWith.
Definition: StringUtils.cpp:333

cAuthenticator::~cAuthenticator
virtual ~cAuthenticator() override
Definition: Authenticator.cpp:39

cMojangAPI::AddPlayerProfile
void AddPlayerProfile(const AString &a_PlayerName, const cUUID &a_UUID, const Json::Value &a_Properties)
Called by the Authenticator to add a profile that it has received from authenticating a user...
Definition: MojangAPI.cpp:433

cRoot::AuthenticateUser
void AuthenticateUser(int a_ClientID, const AString &a_Name, const cUUID &a_UUID, const Json::Value &a_Properties)
Called by cAuthenticator to auth the specified user.
Definition: Root.cpp:747

cUUID
Definition: UUID.h:10

Authenticator.h

cMojangAPI::SecureRequest
static bool SecureRequest(const AString &a_ServerName, const AString &a_Request, AString &a_Response)
Connects to the specified server using SSL, sends the given request and receives the response...
Definition: MojangAPI.cpp:455

cAuthenticator::cUser
Definition: Authenticator.h:53

cEvent::Wait
void Wait(void)
Waits until the event has been set.
Definition: Event.cpp:24

cRoot::KickUser
void KickUser(int a_ClientID, const AString &a_Reason)
Kicks the user, no matter in what world they are.
Definition: Root.cpp:738

cAuthenticator::Authenticate
void Authenticate(int a_ClientID, const AString &a_UserName, const AString &a_ServerHash)
Queues a request for authenticating a user.
Definition: Authenticator.cpp:59

cAuthenticator::AuthWithYggdrasil
bool AuthWithYggdrasil(AString &a_UserName, const AString &a_ServerId, cUUID &a_UUID, Json::Value &a_Properties)
Returns true if the user authenticated okay, false on error Returns the case-corrected username...
Definition: Authenticator.cpp:140

cRoot::GetMojangAPI
cMojangAPI & GetMojangAPI(void)
Definition: Root.h:116

MojangAPI.h

LOGINFO
void LOGINFO(const char *a_Format, fmt::ArgList a_ArgList)
Definition: Logger.cpp:165

cCSUnlock
Temporary RAII unlock for a cCSLock.
Definition: CriticalSection.h:79

DEFAULT_AUTH_ADDRESS
#define DEFAULT_AUTH_ADDRESS
Definition: Authenticator.cpp:21

ASSERT
#define ASSERT(x)
Definition: Globals.h:335

LOGWARNING
void LOGWARNING(const char *a_Format, fmt::ArgList a_ArgList)
Definition: Logger.cpp:174

LOGD
#define LOGD(...)
Definition: LoggerSimple.h:40

cCSLock::Unlock
void Unlock(void)
Definition: CriticalSection.cpp:112

cSettingsRepositoryInterface::GetValueSet
virtual AString GetValueSet(const AString &keyname, const AString &valuename, const AString &defValue="")=0
Gets the value; if not found, write the default to the repository.

cIsThread::Stop
void Stop(void)
Signals the thread to terminate and waits until it&#39;s finished.
Definition: IsThread.cpp:110

cAuthenticator::Stop
void Stop(void)
Stops the authenticator thread.
Definition: Authenticator.cpp:87

cAuthenticator::m_QueueNonempty
cEvent m_QueueNonempty
Definition: Authenticator.h:72

cAuthenticator::Execute
virtual void Execute(void) override
cIsThread override:
Definition: Authenticator.cpp:98

cClientHandle::GenerateOfflineUUID
void GenerateOfflineUUID(void)
Generates an UUID based on the username stored for this client, and stores it in the m_UUID member...
Definition: ClientHandle.cpp:212

AString
std::string AString
Definition: StringUtils.h:13

cSettingsRepositoryInterface::GetValueSetB
virtual bool GetValueSetB(const AString &keyname, const AString &valuename, const bool defValue=false)=0

Globals.h

cAuthenticator::m_Address
AString m_Address
The URL to use for auth, without server part.
Definition: Authenticator.h:81

cRoot::Get
static cRoot * Get()
Definition: Root.h:51

CreateHexDump
AString & CreateHexDump(AString &a_Out, const void *a_Data, size_t a_Size, size_t a_BytesPerLine)
format binary data this way: 00001234: 31 32 33 34 35 36 37 38 39 30 61 62 63 64 65 66 1234567890abcd...
Definition: StringUtils.cpp:631

cAuthenticator::m_CS
cCriticalSection m_CS
Definition: Authenticator.h:70

cCSLock
RAII for cCriticalSection - locks the CS on creation, unlocks on destruction.
Definition: CriticalSection.h:52

cIsThread::Start
bool Start(void)
Starts the thread; returns without waiting for the actual start.
Definition: IsThread.cpp:80

cAuthenticator::m_Server
AString m_Server
The server that is to be contacted for auth / UUID conversions.
Definition: Authenticator.h:75