Change authentication
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/tag Build is passing Details

master 29082022
Jonttuuu 2022-08-29 14:50:02 +03:00
parent d7ecefb3ff
commit 2027806e0c
4 changed files with 60 additions and 11 deletions

View File

@ -3,7 +3,9 @@ package fi.flexplex.connect;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.HashSet;
import java.util.Properties;
import java.util.Set;
import org.bukkit.configuration.file.YamlConfiguration;
import org.bukkit.plugin.java.JavaPlugin;
@ -12,6 +14,8 @@ import fi.flexplex.connect.util.FileChangeListener;
public final class FlexConnect extends JavaPlugin {
private final Set<String> proxyAddresses = new HashSet<>();
private String token = "";
private FlexPlexGraphQLApi flexPlexGraphQLApi;
@ -23,6 +27,10 @@ public final class FlexConnect extends JavaPlugin {
return this.flexPlexGraphQLApi;
}
public Set<String> getProxyAddresses() {
return this.proxyAddresses;
}
@Override
public void onEnable() {
@ -86,6 +94,13 @@ public final class FlexConnect extends JavaPlugin {
// Update whitelists for flexplex api
this.flexPlexGraphQLApi.updateWhitelist();
// Load real FlexPlex proxy addresses from FlexPlex API
this.proxyAddresses.addAll(this.flexPlexGraphQLApi.getProxyAddresses());
// Load allowed proxy addresses from config
this.proxyAddresses.addAll(this.getConfig().getStringList("allowedProxies"));
}
}

View File

@ -1,13 +1,12 @@
package fi.flexplex.connect;
import com.destroystokyo.paper.event.server.WhitelistToggleEvent;
import com.destroystokyo.paper.profile.ProfileProperty;
import org.bukkit.Bukkit;
import org.bukkit.event.EventHandler;
import org.bukkit.event.EventPriority;
import org.bukkit.event.Listener;
import org.bukkit.event.player.AsyncPlayerPreLoginEvent;
import org.bukkit.event.player.PlayerLoginEvent;
import fi.flexplex.connect.event.AsyncWhitelistChangedEvent;
@ -20,16 +19,14 @@ public final class FlexConnectListener implements Listener {
}
@EventHandler
public void onAsyncPlayerPreLogin(final AsyncPlayerPreLoginEvent event) {
// Authenticate players
for (final ProfileProperty property : event.getPlayerProfile().getProperties()) {
if (property.getName().equals("flexplex-token") && property.getValue().equals(flexConnect.getToken())) {
// Authentication success
return;
}
public void onPlayerLogin(final PlayerLoginEvent event) {
if (flexConnect.getProxyAddresses().contains(event.getRealAddress().getHostAddress())) {
// Connection is coming from allowed proxy
return;
}
// Authentication failed
event.disallow(AsyncPlayerPreLoginEvent.Result.KICK_OTHER, "Access denied");
// Do not allow connections from other proxies
event.disallow(PlayerLoginEvent.Result.KICK_OTHER, "Access denied");
}
@EventHandler(ignoreCancelled = true, priority = EventPriority.MONITOR)

View File

@ -10,6 +10,7 @@ import java.util.HashSet;
import java.util.Set;
import java.util.UUID;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
@ -25,6 +26,40 @@ public final class FlexPlexGraphQLApi {
this.graphqlEndpoint = graphQLEndpoint;
}
public Set<String> getProxyAddresses() {
final Set<String> output = new HashSet<>();
try {
final URL url = new URL(graphqlEndpoint);
final HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setConnectTimeout(10000);
conn.setReadTimeout(10000);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/json");
final DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes("{\"query\":\"query { proxyAddresses }\"}");
wr.flush();
wr.close();
final JsonObject response = (JsonObject) new JsonParser().parse(new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8));
if (response.get("data").getAsJsonObject().has("proxyAddresses")) {
final JsonArray array = response.get("data").getAsJsonObject().get("proxyAddresses").getAsJsonArray();
for (int i = 0; i < array.size(); i++) {
output.add(array.get(i).getAsString());
}
}
conn.disconnect();
} catch (final IOException e) {
this.flexConnect.getLogger().warning("Updating whitelist data failed, propably connection to FlexPlex API server is down.");
}
return output;
}
public void updateWhitelist() {
this.updateWhitelist(this.flexConnect.getServer().hasWhitelist());
}

View File

@ -1 +1,3 @@
token: "default"
allowedProxies: []