-
Notifications
You must be signed in to change notification settings - Fork 1
/
authenticator.go
108 lines (91 loc) · 2.54 KB
/
authenticator.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
package plasma
import (
"encoding/json"
"errors"
"fmt"
"github.com/gofrs/uuid"
"net/http"
)
func MojangSessionServerURLHasJoined(username, sessionHash string) string {
return fmt.Sprintf(
"https://sessionserver.mojang.com/session/minecraft/hasJoined?username=%s&serverId=%s",
username,
sessionHash,
)
}
func MojangSessionServerURLHasJoinedWithIP(username, sessionHash, ip string) string {
return fmt.Sprintf("%s&ip=%s",
MojangSessionServerURLHasJoined(username, sessionHash),
ip,
)
}
func GenerateSessionHash(serverID string, sharedSecret, publicKey []byte) string {
notchHash := NewSha1Hash()
notchHash.Update([]byte(serverID))
notchHash.Update(sharedSecret)
notchHash.Update(publicKey)
return notchHash.HexDigest()
}
type Session struct {
PlayerUUID uuid.UUID
PlayerSkin Skin
}
type SessionAuthenticator interface {
AuthenticateSession(username, sessionHash string) (Session, error)
AuthenticateSessionPreventProxy(username, sessionHash, ip string) (Session, error)
}
type MojangSessionAuthenticator struct{}
func (auth *MojangSessionAuthenticator) AuthenticateSession(username, sessionHash string) (Session, error) {
return auth.AuthenticateSessionPreventProxy(username, sessionHash, "")
}
func (auth *MojangSessionAuthenticator) AuthenticateSessionPreventProxy(username, sessionHash, ip string) (Session, error) {
var url string
if ip == "" {
url = MojangSessionServerURLHasJoined(username, sessionHash)
} else {
url = MojangSessionServerURLHasJoinedWithIP(username, sessionHash, ip)
}
resp, err := http.Get(url)
if err != nil {
return Session{}, err
}
if resp.StatusCode != http.StatusOK {
return Session{}, fmt.Errorf("unable to authenticate session (%s)", resp.Status)
}
var p struct {
ID string `json:"id"`
Name string `json:"name"`
Properties []struct {
Name string `json:"name"`
Value string `json:"value"`
Signature string `json:"signature"`
} `json:"properties"`
}
if err := json.NewDecoder(resp.Body).Decode(&p); err != nil {
return Session{}, err
}
_ = resp.Body.Close()
playerUUID, err := uuid.FromString(p.ID)
if err != nil {
return Session{}, err
}
var skinValue string
var skinSignature string
for _, property := range p.Properties {
if property.Name == "textures" {
skinValue = property.Value
skinSignature = property.Signature
break
}
}
if skinValue == "" {
return Session{}, errors.New("no skinValue in request")
}
return Session{
PlayerUUID: playerUUID,
PlayerSkin: Skin{
Value: skinValue,
Signature: skinSignature,
},
}, nil
}