diff --git a/src/main/java/fi/flexplex/connect/FlexConnect.java b/src/main/java/fi/flexplex/connect/FlexConnect.java index bd2f8ab..196eb6a 100644 --- a/src/main/java/fi/flexplex/connect/FlexConnect.java +++ b/src/main/java/fi/flexplex/connect/FlexConnect.java @@ -3,7 +3,9 @@ package fi.flexplex.connect; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; +import java.util.HashSet; import java.util.Properties; +import java.util.Set; import org.bukkit.configuration.file.YamlConfiguration; import org.bukkit.plugin.java.JavaPlugin; @@ -12,6 +14,8 @@ import fi.flexplex.connect.util.FileChangeListener; public final class FlexConnect extends JavaPlugin { + private final Set proxyAddresses = new HashSet<>(); + private String token = ""; private FlexPlexGraphQLApi flexPlexGraphQLApi; @@ -23,6 +27,10 @@ public final class FlexConnect extends JavaPlugin { return this.flexPlexGraphQLApi; } + public Set getProxyAddresses() { + return this.proxyAddresses; + } + @Override public void onEnable() { @@ -86,6 +94,13 @@ public final class FlexConnect extends JavaPlugin { // Update whitelists for flexplex api this.flexPlexGraphQLApi.updateWhitelist(); + + // Load real FlexPlex proxy addresses from FlexPlex API + this.proxyAddresses.addAll(this.flexPlexGraphQLApi.getProxyAddresses()); + + // Load allowed proxy addresses from config + this.proxyAddresses.addAll(this.getConfig().getStringList("allowedProxies")); + } } diff --git a/src/main/java/fi/flexplex/connect/FlexConnectListener.java b/src/main/java/fi/flexplex/connect/FlexConnectListener.java index 989ca04..597c099 100644 --- a/src/main/java/fi/flexplex/connect/FlexConnectListener.java +++ b/src/main/java/fi/flexplex/connect/FlexConnectListener.java @@ -1,13 +1,12 @@ package fi.flexplex.connect; import com.destroystokyo.paper.event.server.WhitelistToggleEvent; -import com.destroystokyo.paper.profile.ProfileProperty; import org.bukkit.Bukkit; import org.bukkit.event.EventHandler; import org.bukkit.event.EventPriority; import org.bukkit.event.Listener; -import org.bukkit.event.player.AsyncPlayerPreLoginEvent; +import org.bukkit.event.player.PlayerLoginEvent; import fi.flexplex.connect.event.AsyncWhitelistChangedEvent; @@ -20,16 +19,14 @@ public final class FlexConnectListener implements Listener { } @EventHandler - public void onAsyncPlayerPreLogin(final AsyncPlayerPreLoginEvent event) { - // Authenticate players - for (final ProfileProperty property : event.getPlayerProfile().getProperties()) { - if (property.getName().equals("flexplex-token") && property.getValue().equals(flexConnect.getToken())) { - // Authentication success - return; - } + public void onPlayerLogin(final PlayerLoginEvent event) { + if (flexConnect.getProxyAddresses().contains(event.getRealAddress().getHostAddress())) { + // Connection is coming from allowed proxy + return; } - // Authentication failed - event.disallow(AsyncPlayerPreLoginEvent.Result.KICK_OTHER, "Access denied"); + + // Do not allow connections from other proxies + event.disallow(PlayerLoginEvent.Result.KICK_OTHER, "Access denied"); } @EventHandler(ignoreCancelled = true, priority = EventPriority.MONITOR) diff --git a/src/main/java/fi/flexplex/connect/FlexPlexGraphQLApi.java b/src/main/java/fi/flexplex/connect/FlexPlexGraphQLApi.java index 23cf569..bff78b6 100644 --- a/src/main/java/fi/flexplex/connect/FlexPlexGraphQLApi.java +++ b/src/main/java/fi/flexplex/connect/FlexPlexGraphQLApi.java @@ -10,6 +10,7 @@ import java.util.HashSet; import java.util.Set; import java.util.UUID; +import com.google.gson.JsonArray; import com.google.gson.JsonObject; import com.google.gson.JsonParser; @@ -25,6 +26,40 @@ public final class FlexPlexGraphQLApi { this.graphqlEndpoint = graphQLEndpoint; } + public Set getProxyAddresses() { + final Set output = new HashSet<>(); + try { + final URL url = new URL(graphqlEndpoint); + final HttpURLConnection conn = (HttpURLConnection) url.openConnection(); + conn.setDoOutput(true); + conn.setDoInput(true); + conn.setConnectTimeout(10000); + conn.setReadTimeout(10000); + conn.setRequestMethod("POST"); + conn.setRequestProperty("Content-Type", "application/json"); + + final DataOutputStream wr = new DataOutputStream(conn.getOutputStream()); + + wr.writeBytes("{\"query\":\"query { proxyAddresses }\"}"); + wr.flush(); + wr.close(); + + final JsonObject response = (JsonObject) new JsonParser().parse(new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8)); + + if (response.get("data").getAsJsonObject().has("proxyAddresses")) { + final JsonArray array = response.get("data").getAsJsonObject().get("proxyAddresses").getAsJsonArray(); + for (int i = 0; i < array.size(); i++) { + output.add(array.get(i).getAsString()); + } + } + + conn.disconnect(); + } catch (final IOException e) { + this.flexConnect.getLogger().warning("Updating whitelist data failed, propably connection to FlexPlex API server is down."); + } + return output; + } + public void updateWhitelist() { this.updateWhitelist(this.flexConnect.getServer().hasWhitelist()); } diff --git a/src/main/resources/config.yml b/src/main/resources/config.yml index f7763ae..88b04fb 100644 --- a/src/main/resources/config.yml +++ b/src/main/resources/config.yml @@ -1 +1,3 @@ token: "default" + +allowedProxies: []