From d92886272c4079366849e07a2f9d53f6c99c3852 Mon Sep 17 00:00:00 2001 From: Moritz Zwerger Date: Tue, 1 Aug 2023 15:08:52 +0200 Subject: [PATCH] account: remove client token They are only needed in mojang accounts. Might break them. !44 --- .../data/accounts/types/test/TestAccount.kt | 4 ++-- .../profile/profiles/account/AccountProfile.kt | 8 -------- .../de/bixilon/minosoft/data/accounts/Account.kt | 8 ++++---- .../accounts/types/microsoft/MicrosoftAccount.kt | 13 ++++++------- .../data/accounts/types/mojang/MojangAccount.kt | 12 +++++++++--- .../data/accounts/types/offline/OfflineAccount.kt | 4 ++-- .../gui/eros/main/account/AccountController.kt | 2 +- .../eros/main/account/add/MojangAddController.kt | 4 ++-- .../de/bixilon/minosoft/terminal/AutoConnect.kt | 2 +- 9 files changed, 27 insertions(+), 30 deletions(-) diff --git a/src/integration-test/kotlin/de/bixilon/minosoft/data/accounts/types/test/TestAccount.kt b/src/integration-test/kotlin/de/bixilon/minosoft/data/accounts/types/test/TestAccount.kt index 8bf2b8be4..61d7aaa75 100644 --- a/src/integration-test/kotlin/de/bixilon/minosoft/data/accounts/types/test/TestAccount.kt +++ b/src/integration-test/kotlin/de/bixilon/minosoft/data/accounts/types/test/TestAccount.kt @@ -34,7 +34,7 @@ object TestAccount : Account("Bixilon") { override fun join(serverId: String) = Unit - override fun logout(clientToken: String) = Unit + override fun logout() = Unit - override fun check(latch: AbstractLatch?, clientToken: String) = Unit + override fun check(latch: AbstractLatch?) = Unit } diff --git a/src/main/java/de/bixilon/minosoft/config/profile/profiles/account/AccountProfile.kt b/src/main/java/de/bixilon/minosoft/config/profile/profiles/account/AccountProfile.kt index dd43769bf..286fe8262 100644 --- a/src/main/java/de/bixilon/minosoft/config/profile/profiles/account/AccountProfile.kt +++ b/src/main/java/de/bixilon/minosoft/config/profile/profiles/account/AccountProfile.kt @@ -19,7 +19,6 @@ import com.fasterxml.jackson.annotation.JsonProperty import de.bixilon.kutil.cast.CastUtil.unsafeCast import de.bixilon.kutil.delegates.BackingDelegate import de.bixilon.kutil.observer.DataObserver.Companion.observe -import de.bixilon.kutil.random.RandomStringUtil.randomString import de.bixilon.minosoft.config.profile.ProfileManager import de.bixilon.minosoft.config.profile.delegate.primitive.BooleanDelegate import de.bixilon.minosoft.config.profile.delegate.types.NullableStringDelegate @@ -28,7 +27,6 @@ import de.bixilon.minosoft.config.profile.delegate.types.map.MapDelegate import de.bixilon.minosoft.config.profile.profiles.Profile import de.bixilon.minosoft.config.profile.profiles.account.AccountProfileManager.latestVersion import de.bixilon.minosoft.data.accounts.Account -import de.bixilon.minosoft.util.KUtil import java.util.concurrent.atomic.AtomicInteger /** @@ -49,12 +47,6 @@ class AccountProfile( @Deprecated("Account warning", level = DeprecationLevel.HIDDEN) val NOTICE by StringDelegate(this, "NEVER EVER SHARE THIS FILE WITH SOMEBODY (NOT IN ISSUES, BUG REPORTS, NOWHERE!). IF YOU DO SO, YOU PUT YOUR ACCOUNTS AT HIGH RISK!!!") - /** - * The client token. - * This 128 length long string is generated randomly while the profile was created - * Will be sent to mojang when logging in/refreshing an account - */ - var clientToken by StringDelegate(this, KUtil.RANDOM.randomString(128)) /** * Before using an account, it always tries to fetch the profile. diff --git a/src/main/java/de/bixilon/minosoft/data/accounts/Account.kt b/src/main/java/de/bixilon/minosoft/data/accounts/Account.kt index 0e4d3cca5..74b767638 100644 --- a/src/main/java/de/bixilon/minosoft/data/accounts/Account.kt +++ b/src/main/java/de/bixilon/minosoft/data/accounts/Account.kt @@ -56,11 +56,11 @@ abstract class Account( abstract fun join(serverId: String) - abstract fun logout(clientToken: String) - abstract fun check(latch: AbstractLatch?, clientToken: String) + abstract fun logout() + abstract fun check(latch: AbstractLatch?) @Synchronized - open fun tryCheck(latch: AbstractLatch?, clientToken: String) { + open fun tryCheck(latch: AbstractLatch?) { if (state == AccountStates.CHECKING || state == AccountStates.REFRESHING) { // already checking return @@ -69,7 +69,7 @@ abstract class Account( // Nothing to do return } - check(latch, clientToken) + check(latch) } fun save() { diff --git a/src/main/java/de/bixilon/minosoft/data/accounts/types/microsoft/MicrosoftAccount.kt b/src/main/java/de/bixilon/minosoft/data/accounts/types/microsoft/MicrosoftAccount.kt index a5f3c013f..bbf6fb6b6 100644 --- a/src/main/java/de/bixilon/minosoft/data/accounts/types/microsoft/MicrosoftAccount.kt +++ b/src/main/java/de/bixilon/minosoft/data/accounts/types/microsoft/MicrosoftAccount.kt @@ -34,7 +34,6 @@ import de.bixilon.minosoft.util.account.minecraft.MinecraftTokens import de.bixilon.minosoft.util.logging.Log import de.bixilon.minosoft.util.logging.LogLevels import de.bixilon.minosoft.util.logging.LogMessageType -import org.jetbrains.annotations.Nullable import java.net.ConnectException import java.util.* @@ -54,14 +53,14 @@ class MicrosoftAccount( @Synchronized override fun join(serverId: String) { - tryCheck(null, "null") + tryCheck(null) AccountUtil.joinMojangServer(minecraft.accessToken, uuid, serverId) } - override fun logout(clientToken: String) = Unit + override fun logout() = Unit @Synchronized - override fun check(latch: AbstractLatch?, @Nullable clientToken: String) { + override fun check(latch: AbstractLatch?) { val innerLatch = latch?.child(1) try { this.error = null @@ -82,19 +81,19 @@ class MicrosoftAccount( } } - override fun tryCheck(latch: AbstractLatch?, clientToken: String) { + override fun tryCheck(latch: AbstractLatch?) { if (state == AccountStates.CHECKING || state == AccountStates.REFRESHING) { // already checking return } if (minecraft.expires >= millis() / 1000) { - return check(latch, "null") + return check(latch) } if (state == AccountStates.WORKING) { // Nothing to do return } - check(latch, clientToken) + check(latch) } private fun refreshMicrosoftToken(latch: AbstractLatch?) { diff --git a/src/main/java/de/bixilon/minosoft/data/accounts/types/mojang/MojangAccount.kt b/src/main/java/de/bixilon/minosoft/data/accounts/types/mojang/MojangAccount.kt index 7f4810993..131400c02 100644 --- a/src/main/java/de/bixilon/minosoft/data/accounts/types/mojang/MojangAccount.kt +++ b/src/main/java/de/bixilon/minosoft/data/accounts/types/mojang/MojangAccount.kt @@ -18,12 +18,14 @@ import de.bixilon.kutil.cast.CastUtil.nullCast import de.bixilon.kutil.cast.CastUtil.unsafeCast import de.bixilon.kutil.json.JsonUtil.asJsonObject import de.bixilon.kutil.latch.AbstractLatch +import de.bixilon.kutil.random.RandomStringUtil.randomString import de.bixilon.kutil.uuid.UUIDUtil.toUUID import de.bixilon.minosoft.data.accounts.Account import de.bixilon.minosoft.data.accounts.AccountStates import de.bixilon.minosoft.data.entities.entities.player.properties.PlayerProperties import de.bixilon.minosoft.data.registries.identified.Identified import de.bixilon.minosoft.data.registries.identified.ResourceLocation +import de.bixilon.minosoft.util.KUtil import de.bixilon.minosoft.util.KUtil.toResourceLocation import de.bixilon.minosoft.util.account.AccountUtil import de.bixilon.minosoft.util.http.HTTP2.postJson @@ -37,6 +39,7 @@ import java.util.* @Deprecated("Mojang authentication is legacy. Will be removed in the future!") class MojangAccount( override val id: String, + val clientToken: String, username: String, override val uuid: UUID, val email: String, @@ -51,7 +54,7 @@ class MojangAccount( AccountUtil.joinMojangServer(accessToken, uuid, serverId) } - override fun logout(clientToken: String) { + override fun logout() { val response = mutableMapOf( "accessToken" to accessToken, "clientToken" to clientToken, @@ -65,7 +68,7 @@ class MojangAccount( Log.log(LogMessageType.AUTHENTICATION, LogLevels.VERBOSE) { "Mojang account login successful (username=$username)" } } - override fun check(latch: AbstractLatch?, clientToken: String) { + override fun check(latch: AbstractLatch?) { if (refreshed) { return } @@ -115,7 +118,9 @@ class MojangAccount( private const val MOJANG_URL_INVALIDATE = "https://authserver.mojang.com/invalidate" override val identifier: ResourceLocation = "minosoft:mojang_account".toResourceLocation() - fun login(clientToken: String, email: String, password: String): MojangAccount { + fun login(email: String, password: String): MojangAccount { + val clientToken = KUtil.RANDOM.randomString(128) + val response = mutableMapOf( "agent" to mutableMapOf( "name" to "Minecraft", @@ -138,6 +143,7 @@ class MojangAccount( val uuid = response.body["selectedProfile"].asJsonObject()["id"].toString().toUUID() val account = MojangAccount( id = response.body["user"].asJsonObject()["id"].unsafeCast(), + clientToken = clientToken, username = response.body["selectedProfile"].asJsonObject()["name"].unsafeCast(), uuid = uuid, email = email, diff --git a/src/main/java/de/bixilon/minosoft/data/accounts/types/offline/OfflineAccount.kt b/src/main/java/de/bixilon/minosoft/data/accounts/types/offline/OfflineAccount.kt index c3d78061e..5f55a8bf0 100644 --- a/src/main/java/de/bixilon/minosoft/data/accounts/types/offline/OfflineAccount.kt +++ b/src/main/java/de/bixilon/minosoft/data/accounts/types/offline/OfflineAccount.kt @@ -39,9 +39,9 @@ class OfflineAccount(username: String) : Account(username) { override fun join(serverId: String) = Unit - override fun logout(clientToken: String) = Unit + override fun logout() = Unit - override fun check(latch: AbstractLatch?, clientToken: String) = Unit + override fun check(latch: AbstractLatch?) = Unit override fun toString(): String { return "OfflineAccount{$username}" diff --git a/src/main/java/de/bixilon/minosoft/gui/eros/main/account/AccountController.kt b/src/main/java/de/bixilon/minosoft/gui/eros/main/account/AccountController.kt index 88b9203ab..135d7af50 100644 --- a/src/main/java/de/bixilon/minosoft/gui/eros/main/account/AccountController.kt +++ b/src/main/java/de/bixilon/minosoft/gui/eros/main/account/AccountController.kt @@ -139,7 +139,7 @@ class AccountController : EmbeddedJavaFXController() { DefaultThreadPool += ForcePooledRunnable { latch.dec() try { - account.tryCheck(latch, profile.clientToken) // ToDo: Show error + account.tryCheck(latch) // ToDo: Show error if (select) { profile.selected = account } diff --git a/src/main/java/de/bixilon/minosoft/gui/eros/main/account/add/MojangAddController.kt b/src/main/java/de/bixilon/minosoft/gui/eros/main/account/add/MojangAddController.kt index a7fc3c364..c3fd2ee6b 100644 --- a/src/main/java/de/bixilon/minosoft/gui/eros/main/account/add/MojangAddController.kt +++ b/src/main/java/de/bixilon/minosoft/gui/eros/main/account/add/MojangAddController.kt @@ -1,6 +1,6 @@ /* * Minosoft - * Copyright (C) 2020-2022 Moritz Zwerger + * Copyright (C) 2020-2023 Moritz Zwerger * * This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. * @@ -111,7 +111,7 @@ class MojangAddController( errorFX.isVisible = false DefaultThreadPool += { try { - val account = MojangAccount.login(email = emailFX.text, password = passwordFX.text, clientToken = profile.clientToken) + val account = MojangAccount.login(email = emailFX.text, password = passwordFX.text) profile.entries[account.id] = account profile.selected = account JavaFXUtil.runLater { diff --git a/src/main/java/de/bixilon/minosoft/terminal/AutoConnect.kt b/src/main/java/de/bixilon/minosoft/terminal/AutoConnect.kt index b645c43de..f4867e7fa 100644 --- a/src/main/java/de/bixilon/minosoft/terminal/AutoConnect.kt +++ b/src/main/java/de/bixilon/minosoft/terminal/AutoConnect.kt @@ -62,7 +62,7 @@ object AutoConnect { val account = accountProfile.entries[split.getOrNull(2)] ?: accountProfile.selected ?: throw RuntimeException("Auto connect: Account not found! Have you started normal before or added an account?") Log.log(LogMessageType.AUTO_CONNECT, LogLevels.INFO) { "Checking account..." } - account.tryCheck(null, accountProfile.clientToken) + account.tryCheck(null) if (version == Versions.AUTOMATIC) { Log.log(LogMessageType.AUTO_CONNECT, LogLevels.INFO) { "Pinging server to get version..." }