diff options
5 files changed, 181 insertions, 12 deletions
diff --git a/src/main/java/de/hysky/skyblocker/SkyblockerMod.java b/src/main/java/de/hysky/skyblocker/SkyblockerMod.java index eff88783..21790256 100644 --- a/src/main/java/de/hysky/skyblocker/SkyblockerMod.java +++ b/src/main/java/de/hysky/skyblocker/SkyblockerMod.java @@ -174,8 +174,8 @@ public class SkyblockerMod implements ClientModInitializer { ItemRarityBackgrounds.init(); MuseumItemCache.init(); SecretsTracker.init(); + ApiAuthentication.init(); ApiUtils.init(); - ProfileUtils.init(); Debug.init(); Kuudra.init(); RenderHelper.init(); diff --git a/src/main/java/de/hysky/skyblocker/utils/ApiAuthentication.java b/src/main/java/de/hysky/skyblocker/utils/ApiAuthentication.java new file mode 100644 index 00000000..16d07ac5 --- /dev/null +++ b/src/main/java/de/hysky/skyblocker/utils/ApiAuthentication.java @@ -0,0 +1,149 @@ +package de.hysky.skyblocker.utils; + +import java.nio.ByteBuffer; +import java.security.PrivateKey; +import java.security.Signature; +import java.util.Base64; +import java.util.Objects; +import java.util.UUID; + +import org.jetbrains.annotations.Nullable; +import org.slf4j.Logger; + +import com.google.gson.JsonParser; +import com.mojang.logging.LogUtils; +import com.mojang.serialization.Codec; +import com.mojang.serialization.JsonOps; +import com.mojang.serialization.codecs.RecordCodecBuilder; + +import de.hysky.skyblocker.SkyblockerMod; +import de.hysky.skyblocker.utils.scheduler.Scheduler; +import net.fabricmc.fabric.api.client.event.lifecycle.v1.ClientLifecycleEvents; +import net.minecraft.SharedConstants; +import net.minecraft.client.MinecraftClient; +import net.minecraft.network.encryption.PlayerKeyPair; +import net.minecraft.text.Text; +import net.minecraft.util.Uuids; +import net.minecraft.util.dynamic.Codecs; + +public class ApiAuthentication { + private static final Logger LOGGER = LogUtils.getLogger(); + private static final MinecraftClient CLIENT = MinecraftClient.getInstance(); + private static final String MINECRAFT_VERSION = SharedConstants.getGameVersion().getName(); + private static final String AUTH_URL = "https://api.azureaaron.net/authenticate"; + private static final String CONTENT_TYPE = "application/json"; + private static final String ALGORITHM = "SHA256withRSA"; + + private static TokenInfo tokenInfo = null; + + public static void init() { + //Update token after the profileKeys instance is initialized + ClientLifecycleEvents.CLIENT_STARTED.register(_client -> updateToken()); + } + + private static void updateToken() { + //The fetching runs async in ProfileKeysImpl#getKeyPair + CLIENT.getProfileKeys().fetchKeyPair().thenAcceptAsync(playerKeypairOpt -> { + if (playerKeypairOpt.isPresent()) { + PlayerKeyPair playerKeyPair = playerKeypairOpt.get(); + + //The key header and footer can be sent but that doesn't matter to the server + String publicKey = Base64.getMimeEncoder().encodeToString(playerKeyPair.publicKey().data().key().getEncoded()); + byte[] publicKeySignature = playerKeyPair.publicKey().data().keySignature(); + long expiresAt = playerKeyPair.publicKey().data().expiresAt().toEpochMilli(); + + TokenRequest.KeyPairInfo keyPairInfo = new TokenRequest.KeyPairInfo(Objects.requireNonNull(CLIENT.getSession().getUuidOrNull()), publicKey, publicKeySignature, expiresAt); + TokenRequest.SignedData signedData = Objects.requireNonNull(getRandomSignedData(playerKeyPair.privateKey())); + TokenRequest tokenRequest = new TokenRequest(keyPairInfo, signedData, SkyblockerMod.SKYBLOCKER_MOD.getMetadata().getId(), MINECRAFT_VERSION, SkyblockerMod.VERSION); + + String request = SkyblockerMod.GSON.toJson(TokenRequest.CODEC.encodeStart(JsonOps.INSTANCE, tokenRequest).getOrThrow()); + + try { + tokenInfo = TokenInfo.CODEC.parse(JsonOps.INSTANCE, JsonParser.parseString(Http.sendPostRequest(AUTH_URL, request, CONTENT_TYPE))).getOrThrow(); + int refreshAtTicks = (int) (((tokenInfo.expiresAt() - tokenInfo.issuedAt()) / 1000L) - 300L) * 20; //Refresh 5 minutes before expiry date + + Scheduler.INSTANCE.schedule(ApiAuthentication::updateToken, refreshAtTicks, true); + } catch (Exception e) { + //Try again in 1 minute + logErrorAndScheduleRetry(Text.translatable("skyblocker.api.token.authFailure"), 60 * 20, "[Skyblocker Api Auth] Failed to refresh the api token! Some features might not work :(", e); + } + } else { + //The Minecraft Services API is probably down so we will retry in 5 minutes, either that or your access token has expired (game open for 24h) and you need to restart. + logErrorAndScheduleRetry(Text.translatable("skyblocker.api.token.noProfileKeys"), 300 * 20, "[Skyblocker Api Auth] Failed to fetch profile keys! Some features may not work temporarily :( (Has your game been open for more than 24 hours? If so restart.)"); + } + }).exceptionally(throwable -> { + //Try again in 1 minute + logErrorAndScheduleRetry(Text.translatable("skyblocker.api.token.authFailure"), 60 * 20, "[Skyblocker Api Auth] Encountered an unexpected exception while refreshing the api token!", throwable); + + return null; + }); + } + + private static TokenRequest.SignedData getRandomSignedData(PrivateKey privateKey) { + try { + Signature signature = Signature.getInstance(ALGORITHM); + UUID uuid = UUID.randomUUID(); + ByteBuffer buf = ByteBuffer.allocate(16) + .putLong(uuid.getMostSignificantBits()) + .putLong(uuid.getLeastSignificantBits()); + + signature.initSign(privateKey); + signature.update(buf.array()); + + byte[] signedData = signature.sign(); + + return new TokenRequest.SignedData(buf.array(), signedData); + } catch (Exception e) { + LOGGER.error("[Skyblocker Api Auth] Failed to sign random data!", e); + } + + //This should never ever be the case, since we are signing data that is not invalid in any case + return null; + } + + private static void logErrorAndScheduleRetry(Text warningMessage, int retryAfter, String logMessage, Object... logArgs) { + LOGGER.error(logMessage, logArgs); + Scheduler.INSTANCE.schedule(ApiAuthentication::updateToken, retryAfter, true); + + if (CLIENT.player != null) CLIENT.player.sendMessage(Constants.PREFIX.get().append(warningMessage)); + } + + @Nullable + public static String getToken() { + return tokenInfo != null ? tokenInfo.token() : null; + } + + private record TokenRequest(KeyPairInfo keyPairInfo, SignedData signedData, String mod, String minecraftVersion, String modVersion) { + private static final Codec<TokenRequest> CODEC = RecordCodecBuilder.create(instance -> instance.group( + KeyPairInfo.CODEC.fieldOf("keyPair").forGetter(TokenRequest::keyPairInfo), + SignedData.CODEC.fieldOf("signedData").forGetter(TokenRequest::signedData), + Codec.STRING.fieldOf("mod").forGetter(TokenRequest::mod), + Codec.STRING.fieldOf("minecraftVersion").forGetter(TokenRequest::minecraftVersion), + Codec.STRING.fieldOf("modVersion").forGetter(TokenRequest::modVersion)) + .apply(instance, TokenRequest::new)); + + private record KeyPairInfo(UUID uuid, String publicKey, byte[] publicKeySignature, long expiresAt) { + private static final Codec<KeyPairInfo> CODEC = RecordCodecBuilder.create(instance -> instance.group( + Uuids.STRING_CODEC.fieldOf("uuid").forGetter(KeyPairInfo::uuid), + Codec.STRING.fieldOf("publicKey").forGetter(KeyPairInfo::publicKey), + Codecs.BASE_64.fieldOf("publicKeySignature").forGetter(KeyPairInfo::publicKeySignature), + Codec.LONG.fieldOf("expiresAt").forGetter(KeyPairInfo::expiresAt)) + .apply(instance, KeyPairInfo::new)); + } + + private record SignedData(byte[] original, byte[] signed) { + private static final Codec<SignedData> CODEC = RecordCodecBuilder.create(instance -> instance.group( + Codecs.BASE_64.fieldOf("original").forGetter(SignedData::original), + Codecs.BASE_64.fieldOf("signed").forGetter(SignedData::signed)) + .apply(instance, SignedData::new)); + } + } + + private record TokenInfo(String token, long issuedAt, long expiresAt) { + private static final Codec<TokenInfo> CODEC = RecordCodecBuilder.create(instance -> instance.group( + Codec.STRING.fieldOf("token").forGetter(TokenInfo::token), + Codec.LONG.fieldOf("issuedAt").forGetter(TokenInfo::issuedAt), + Codec.LONG.fieldOf("expiresAt").forGetter(TokenInfo::expiresAt)) + .apply(instance, TokenInfo::new)); + } +} diff --git a/src/main/java/de/hysky/skyblocker/utils/Http.java b/src/main/java/de/hysky/skyblocker/utils/Http.java index 871eac78..99db0316 100644 --- a/src/main/java/de/hysky/skyblocker/utils/Http.java +++ b/src/main/java/de/hysky/skyblocker/utils/Http.java @@ -17,6 +17,7 @@ import java.util.zip.GZIPInputStream; import java.util.zip.InflaterInputStream; import org.jetbrains.annotations.NotNull; +import org.jetbrains.annotations.Nullable; import de.hysky.skyblocker.SkyblockerMod; import net.minecraft.SharedConstants; @@ -33,15 +34,18 @@ public class Http { .followRedirects(Redirect.NORMAL) .build(); - private static ApiResponse sendCacheableGetRequest(String url) throws IOException, InterruptedException { - HttpRequest request = HttpRequest.newBuilder() + private static ApiResponse sendCacheableGetRequest(String url, @Nullable String token) throws IOException, InterruptedException { + HttpRequest.Builder requestBuilder = HttpRequest.newBuilder() .GET() .header("Accept", "application/json") .header("Accept-Encoding", "gzip, deflate") .header("User-Agent", USER_AGENT) .version(Version.HTTP_2) - .uri(URI.create(url)) - .build(); + .uri(URI.create(url)); + + if (token != null) requestBuilder.header("Token", token); + + HttpRequest request = requestBuilder.build(); HttpResponse<InputStream> response = HTTP_CLIENT.send(request, BodyHandlers.ofInputStream()); InputStream decodedInputStream = getDecodedInputStream(response); @@ -69,7 +73,7 @@ public class Http { } public static String sendGetRequest(String url) throws IOException, InterruptedException { - return sendCacheableGetRequest(url).content(); + return sendCacheableGetRequest(url, null).content(); } public static HttpHeaders sendHeadRequest(String url) throws IOException, InterruptedException { @@ -84,8 +88,26 @@ public class Http { return response.headers(); } + public static String sendPostRequest(String url, String requestBody, String contentType) throws IOException, InterruptedException { + HttpRequest request = HttpRequest.newBuilder() + .POST(BodyPublishers.ofString(requestBody)) + .header("Accept-Encoding", "gzip, deflate") + .header("Content-Type", contentType) + .header("User-Agent", USER_AGENT) + .version(Version.HTTP_2) + .uri(URI.create(url)) + .build(); + + HttpResponse<InputStream> response = HTTP_CLIENT.send(request, BodyHandlers.ofInputStream()); + InputStream decodedInputStream = getDecodedInputStream(response); + + String responseBody = new String(decodedInputStream.readAllBytes()); + + return responseBody; + } + public static ApiResponse sendName2UuidRequest(String name) throws IOException, InterruptedException { - return sendCacheableGetRequest(NAME_2_UUID + name); + return sendCacheableGetRequest(NAME_2_UUID + name, null); } /** @@ -96,7 +118,7 @@ public class Http { * @implNote the {@code v2} prefix is automatically added */ public static ApiResponse sendHypixelRequest(String endpoint, @NotNull String query) throws IOException, InterruptedException { - return sendCacheableGetRequest(HYPIXEL_PROXY + endpoint + query); + return sendCacheableGetRequest(HYPIXEL_PROXY + endpoint + query, ApiAuthentication.getToken()); } private static InputStream getDecodedInputStream(HttpResponse<InputStream> response) { diff --git a/src/main/java/de/hysky/skyblocker/utils/ProfileUtils.java b/src/main/java/de/hysky/skyblocker/utils/ProfileUtils.java index 0a1f238a..a786e79f 100644 --- a/src/main/java/de/hysky/skyblocker/utils/ProfileUtils.java +++ b/src/main/java/de/hysky/skyblocker/utils/ProfileUtils.java @@ -18,10 +18,6 @@ public class ProfileUtils { public static Map<String, ObjectLongPair<JsonObject>> players = new HashMap<>(); - public static void init() { - updateProfile(); - } - public static CompletableFuture<JsonObject> updateProfile() { return updateProfile(MinecraftClient.getInstance().getSession().getUsername()); } diff --git a/src/main/resources/assets/skyblocker/lang/en_us.json b/src/main/resources/assets/skyblocker/lang/en_us.json index 133923fb..d03e2a33 100644 --- a/src/main/resources/assets/skyblocker/lang/en_us.json +++ b/src/main/resources/assets/skyblocker/lang/en_us.json @@ -680,6 +680,8 @@ "skyblocker.api.cache.HIT": "This data was cached!\nIt's %d seconds old.", "skyblocker.api.cache.MISS": "This data wasn't cached!", + "skyblocker.api.token.authFailure": "Failed to refresh your Skyblocker API token, some features may not work temporarily!", + "skyblocker.api.token.noProfileKeys": "Failed to get your profile keys! Some features of the mod may not work temporarily :( (Has your game been open for more than 24 hours?)", "skyblocker.exotic.crystal": "CRYSTAL", "skyblocker.exotic.fairy": "FAIRY", |