Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/main'
Browse files Browse the repository at this point in the history
  • Loading branch information
@Lenni0451
Lenni0451 committed Nov 30, 2024
2 parents 01db848 + c11bf65 commit e856366
Show file tree
Hide file tree
Showing 8 changed files with 320 additions and 3 deletions.
9 changes: 7 additions & 2 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,13 @@ jobs:
check-latest: true
- name: Build with Gradle
run: ./gradlew build
- name: Upload Artifacts to GitHub
- name: Upload ViaProxy plugin to GitHub
uses: actions/upload-artifact@v4
with:
name: Artifacts
name: AuthHook ViaProxy
path: build/libs/
- name: Upload AuthHook agent to GitHub
uses: actions/upload-artifact@v4
with:
name: AuthHook server agent
path: Agent/build/libs/
27 changes: 27 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1 +1,28 @@
# ViaProxyAuthHook
Minecraft Server modification to allow [ViaProxy](https://github.com/RaphiMC/ViaProxy) clients to join online mode servers.

## How it works
This plugin works by redirecting the authentication requests from the server to the ViaProxy instance.
ViaProxy then checks if the client is authenticated with ViaProxy and sends the result back to the server.
Clients which are not authenticated with ViaProxy will be authenticated with the official Mojang authentication servers.

The modification has been confirmed to work on Vanilla, Spigot, Paper, Fabric, Forge and BungeeCord.

## Installation
1. Download the latest version from [GitHub Actions](https://github.com/ViaVersionAddons/ViaProxyAuthHook/actions).
2. Put the jar file into the plugins folder of ViaProxy
3. Run ViaProxy once to generate the config file
4. Make sure to enable "Proxy Online Mode" in the ViaProxy CLI or config file
5. Copy the secret key from the AuthHook config file (You will need it later for the server)
6. Download the latest version of the AuthHook agent (Same link as step 1)
7. Put the AuthHook agent into the same folder as the server jar
8. Add the following JVM argument to the server start command: `-javaagent:ViaProxyAuthHook-x.x.x.jar` (Replace x.x.x with the version of the AuthHook agent you downloaded)
9. Start the server once to generate the config file
10. Open the config file (It's in the same folder as the server jar) and set the secret key to the key you copied in step 4
11. Start both the server and ViaProxy. You can now switch the authentication mode to AuthHook (Use `AUTH_HOOK` for CLI or config file).

## Contact
If you encounter any issues, please report them on the
[issue tracker](https://github.com/ViaVersionAddons/ViaProxyAuthHook/issues).
If you just want to talk or need help using ViaProxyAuthHook feel free to join my
[Discord](https://discord.gg/dCzT9XHEWu).
Empty file modified gradlew
100644 → 100755
View file
Empty file.
44 changes: 44 additions & 0 deletions src/main/java/net/raphimc/authhook/AuthHook.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,58 @@
*/
package net.raphimc.authhook;

import net.lenni0451.lambdaevents.EventHandler;
import net.lenni0451.reflect.Enums;
import net.lenni0451.reflect.stream.RStream;
import net.raphimc.authhook.config.AuthHookConfig;
import net.raphimc.viaproxy.ViaProxy;
import net.raphimc.viaproxy.plugins.ViaProxyPlugin;
import net.raphimc.viaproxy.plugins.events.JoinServerRequestEvent;
import net.raphimc.viaproxy.plugins.events.ViaProxyLoadedEvent;
import net.raphimc.viaproxy.protocoltranslator.viaproxy.ViaProxyConfig;
import net.raphimc.viaproxy.ui.I18n;
import net.raphimc.viaproxy.util.logging.Logger;

import java.net.InetSocketAddress;
import java.util.Map;
import java.util.Properties;

public class AuthHook extends ViaProxyPlugin {

private static ViaProxyConfig.AuthMethod AUTH_HOOK;
private AuthHookHttpServer authHookHttpServer;

@Override
public void onEnable() {
ViaProxy.EVENT_MANAGER.register(this);
AuthHookConfig.load(this.getDataFolder());

this.authHookHttpServer = new AuthHookHttpServer((InetSocketAddress) AuthHookConfig.bindAddress);
Logger.LOGGER.info("AuthHook is listening on http://" + AuthHookConfig.bindAddress);

AUTH_HOOK = Enums.newInstance(ViaProxyConfig.AuthMethod.class, "AUTH_HOOK", ViaProxyConfig.AuthMethod.values().length, new Class[]{String.class}, new Object[]{"authhook.auth_method.name"});
Enums.addEnumInstance(ViaProxyConfig.AuthMethod.class, AUTH_HOOK);
}

@EventHandler
private void onViaProxyLoaded(ViaProxyLoadedEvent event) {
if (!ViaProxy.getConfig().isProxyOnlineMode()) {
Logger.LOGGER.error("Proxy online mode is disabled, please enable it to use the AuthHook plugin!");
Logger.LOGGER.error("Without online mode the AuthHook plugin would be effectively useless");
Logger.LOGGER.error("Shutting down...");
System.exit(0);
}

final Map<String, Properties> locales = RStream.of(I18n.class).fields().by("LOCALES").get();
locales.get("en_US").setProperty(AUTH_HOOK.getGuiTranslationKey(), "Use AuthHook");
}

@EventHandler
private void onJoinServerRequest(JoinServerRequestEvent event) {
if (ViaProxy.getConfig().getAuthMethod() == AUTH_HOOK) {
this.authHookHttpServer.addPendingConnection(event.getServerIdHash(), event.getProxyConnection());
event.setCancelled(true);
}
}

}
146 changes: 146 additions & 0 deletions src/main/java/net/raphimc/authhook/AuthHookHttpServer.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,146 @@
/*
* This file is part of ViaProxyAuthHook - https://github.com/ViaVersionAddons/ViaProxyAuthHook
* Copyright (C) 2024-2024 RK_01/RaphiMC and contributors
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package net.raphimc.authhook;

import com.google.common.cache.CacheBuilder;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject;
import com.mojang.authlib.GameProfile;
import io.netty.bootstrap.ServerBootstrap;
import io.netty.channel.*;
import io.netty.channel.nio.NioEventLoopGroup;
import io.netty.channel.socket.nio.NioServerSocketChannel;
import io.netty.handler.codec.http.*;
import net.raphimc.authhook.config.AuthHookConfig;
import net.raphimc.viaproxy.proxy.session.ProxyConnection;

import java.net.InetSocketAddress;
import java.net.URI;
import java.net.http.HttpClient;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;

public class AuthHookHttpServer {

private final InetSocketAddress bindAddress;
private final ChannelFuture channelFuture;
private final Map<String, ProxyConnection> pendingConnections = CacheBuilder.newBuilder().expireAfterWrite(1, TimeUnit.MINUTES).<String, ProxyConnection>build().asMap();

public AuthHookHttpServer(final InetSocketAddress bindAddress) {
this.bindAddress = bindAddress;
this.channelFuture = new ServerBootstrap()
.group(new NioEventLoopGroup(0))
.channel(NioServerSocketChannel.class)
.option(ChannelOption.SO_BACKLOG, 128)
.childOption(ChannelOption.TCP_NODELAY, true)
.childOption(ChannelOption.SO_KEEPALIVE, true)
.childHandler(new ChannelInitializer<>() {
@Override
protected void initChannel(Channel channel) {
channel.pipeline().addLast("http_codec", new HttpServerCodec());
channel.pipeline().addLast("http_handler", new SimpleChannelInboundHandler<>() {
@Override
protected void channelRead0(ChannelHandlerContext ctx, Object msg) {
if (!(msg instanceof HttpRequest request)) {
return;
}

if (request.uri().startsWith("/" + AuthHookConfig.secretKey + "/")) {
final String uri = request.uri().substring(AuthHookConfig.secretKey.length() + 1);
if (request.method().equals(HttpMethod.GET) && uri.startsWith("/session/minecraft/hasJoined")) {
final QueryStringDecoder queryStringDecoder = new QueryStringDecoder(request.uri());
if (queryStringDecoder.parameters().containsKey("username") && queryStringDecoder.parameters().containsKey("serverId")) {
final String username = queryStringDecoder.parameters().get("username").get(0);
final String serverId = queryStringDecoder.parameters().get("serverId").get(0);

final ProxyConnection proxyConnection = pendingConnections.remove(serverId + "_" + username);
if (proxyConnection != null) {
final GameProfile gameProfile = proxyConnection.getGameProfile();
final JsonObject responseObj = new JsonObject();
responseObj.addProperty("name", gameProfile.getName());
responseObj.addProperty("id", gameProfile.getId().toString().replace("-", ""));
if (!gameProfile.getProperties().isEmpty()) {
final JsonArray propertiesArray = new JsonArray();
gameProfile.getProperties().forEach((key, value) -> {
final JsonObject propertyObj = new JsonObject();
propertyObj.addProperty("name", key);
propertyObj.addProperty("value", value.getValue());
if (value.hasSignature()) {
propertyObj.addProperty("signature", value.getSignature());
}
propertiesArray.add(propertyObj);
});
responseObj.add("properties", propertiesArray);
}

final FullHttpResponse response = new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, HttpResponseStatus.OK, ctx.alloc().buffer());
response.content().writeBytes(responseObj.toString().getBytes());
response.headers().set(HttpHeaderNames.CONTENT_TYPE, HttpHeaderValues.APPLICATION_JSON);
response.headers().set(HttpHeaderNames.CONTENT_LENGTH, response.content().readableBytes());
response.headers().set(HttpHeaderNames.CONNECTION, HttpHeaderValues.CLOSE);
ctx.writeAndFlush(response).addListener(ChannelFutureListener.FIRE_EXCEPTION_ON_FAILURE).addListener(ChannelFutureListener.CLOSE);
return;
}
}
}

final HttpClient httpClient = HttpClient.newHttpClient();
httpClient.sendAsync(java.net.http.HttpRequest.newBuilder().uri(URI.create("https://sessionserver.mojang.com" + uri)).build(), java.net.http.HttpResponse.BodyHandlers.ofByteArray())
.thenAccept(response -> {
final FullHttpResponse fullHttpResponse = new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, HttpResponseStatus.valueOf(response.statusCode()), ctx.alloc().buffer());
fullHttpResponse.content().writeBytes(response.body());
for (Map.Entry<String, List<String>> entry : response.headers().map().entrySet()) {
if (!entry.getKey().startsWith(":")) {
fullHttpResponse.headers().set(entry.getKey(), entry.getValue().get(0));
}
}
fullHttpResponse.headers().set(HttpHeaderNames.CONNECTION, HttpHeaderValues.CLOSE);
ctx.writeAndFlush(fullHttpResponse).addListener(ChannelFutureListener.FIRE_EXCEPTION_ON_FAILURE).addListener(ChannelFutureListener.CLOSE);
});
} else {
ctx.close();
}
}

@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
ctx.close();
}
});
}
})
.bind(bindAddress)
.syncUninterruptibly();
}

public void addPendingConnection(final String serverIdHash, final ProxyConnection connection) {
this.pendingConnections.put(serverIdHash + "_" + connection.getGameProfile().getName(), connection);
}

public void stop() {
if (this.channelFuture != null) {
this.channelFuture.channel().close();
}
}

public Channel getChannel() {
return this.channelFuture.channel();
}

}
54 changes: 54 additions & 0 deletions src/main/java/net/raphimc/authhook/config/AuthHookConfig.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
/*
* This file is part of ViaProxyAuthHook - https://github.com/ViaVersionAddons/ViaProxyAuthHook
* Copyright (C) 2024-2024 RK_01/RaphiMC and contributors
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package net.raphimc.authhook.config;

import net.lenni0451.optconfig.ConfigLoader;
import net.lenni0451.optconfig.annotations.*;
import net.lenni0451.optconfig.provider.ConfigProvider;
import net.raphimc.viaproxy.util.AddressUtil;
import net.raphimc.viaproxy.util.logging.Logger;

import java.io.File;
import java.net.SocketAddress;
import java.util.UUID;

@OptConfig
public class AuthHookConfig {

@Option("secret-key")
@Description("The secret key used to verify the servers. Paste this key into the auth_hook.properties config file on your server.")
public static String secretKey = UUID.randomUUID().toString().replace("-", "");

@NotReloadable
@Option("bind-address")
@Description({"The address AuthHook should listen for HTTP requests."})
@TypeSerializer(SocketAddressTypeSerializer.class)
public static SocketAddress bindAddress = AddressUtil.parse("127.0.0.1:8080", null);

public static void load(final File dataFolder) {
try {
final ConfigLoader<AuthHookConfig> configLoader = new ConfigLoader<>(AuthHookConfig.class);
configLoader.getConfigOptions().setResetInvalidOptions(true);
configLoader.loadStatic(ConfigProvider.file(new File(dataFolder, "auth_hook.yml")));
} catch (Throwable t) {
Logger.LOGGER.error("Failed to load the AuthHook configuration!", t);
System.exit(-1);
}
}

}
41 changes: 41 additions & 0 deletions src/main/java/net/raphimc/authhook/config/SocketAddressTypeSerializer.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
/*
* This file is part of ViaProxyAuthHook - https://github.com/ViaVersionAddons/ViaProxyAuthHook
* Copyright (C) 2024-2024 RK_01/RaphiMC and contributors
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package net.raphimc.authhook.config;

import net.lenni0451.optconfig.serializer.ConfigTypeSerializer;
import net.raphimc.viaproxy.util.AddressUtil;

import java.net.SocketAddress;

public class SocketAddressTypeSerializer extends ConfigTypeSerializer<AuthHookConfig, SocketAddress> {

public SocketAddressTypeSerializer(final AuthHookConfig config) {
super(config);
}

@Override
public SocketAddress deserialize(final Class<SocketAddress> typeClass, final Object serializedObject) {
return AddressUtil.parse((String) serializedObject, null);
}

@Override
public Object serialize(final SocketAddress object) {
return AddressUtil.toString(object);
}

}
2 changes: 1 addition & 1 deletion src/main/resources/viaproxy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@ name: "AuthHook"
version: "${version}"
author: "RK_01 and Lenni0451"
main: "net.raphimc.authhook.AuthHook"
min-version: "3.2.1"
min-version: "3.3.6"

0 comments on commit e856366

Please sign in to comment.