From 47f149d154ba3ef98b2eae6101454733af331f2f Mon Sep 17 00:00:00 2001 From: Snowiiii Date: Sun, 13 Oct 2024 12:15:16 +0200 Subject: [PATCH] Support custom authentication servers --- README.md | 3 +- docs/about/introduction.md | 3 +- docs/config/advanced.md | 41 ++++++++++++++++- docs/developer/authentication.md | 68 ++++++++++++++++++++++++++-- docs/index.md | 6 +-- pumpkin-config/src/auth.rs | 6 +++ pumpkin/src/client/authentication.rs | 14 ++++-- 7 files changed, 129 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index af83e5208..2c23edd84 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,8 @@ and customizable experience. It prioritizes performance and player enjoyment whi ## What Pumpkin will not -- Provide compatibility with Vanilla or Bukkit servers (including configs and plugins). +- Be a drop-in replacement for vanilla or other servers +- Be compatible with plugins or mods for other servers - Function as a framework for building a server from scratch. > [!IMPORTANT] diff --git a/docs/about/introduction.md b/docs/about/introduction.md index ffb6f8b28..42ed30c2a 100644 --- a/docs/about/introduction.md +++ b/docs/about/introduction.md @@ -15,7 +15,8 @@ and customizable experience. It prioritizes performance and player enjoyment whi ## What Pumpkin will not -- Provide compatibility with Vanilla or Bukkit servers (including configs and plugins). +- Be a drop-in replacement for vanilla or other servers +- Be compatible with plugins or mods for other servers - Function as a framework for building a server from scratch. > [!IMPORTANT] diff --git a/docs/config/advanced.md b/docs/config/advanced.md index 316d4ca46..60fd99047 100644 --- a/docs/config/advanced.md +++ b/docs/config/advanced.md @@ -41,6 +41,19 @@ Wether Authentication is enabled enabled=false ``` +#### Authentication URL + +The Authentication URL being used + +> [!IMPORTANT] +> {username} | The Username from the requested player +> +> {server_hash} | The SHA1 Encrypted hash + +```toml +auth_url="https://sessionserver.mojang.com/session/minecraft/hasJoined?username={username}&serverId={server_hash}" +``` + #### Prevent Proxy Connections Prevent proxy connections @@ -49,6 +62,21 @@ Prevent proxy connections prevent_proxy_connections=false ``` +#### Prevent Proxy Connections URL + +The Authentication URL being used + +> [!IMPORTANT] +> {username} | The Username from the requested player +> +> {server_hash} | The SHA1 Encrypted hash +> +> {ip} | The IP of the requested Player + +```toml +prevent_proxy_connection_auth_url = "https://sessionserver.mojang.com/session/minecraft/hasJoined?username={username}&serverId={server_hash}&ip={ip}" +``` + #### Player Profile `authentication.player_profile` @@ -341,6 +369,7 @@ swing=true ``` ### Logging + `logging` Whether Logging is enabled @@ -349,10 +378,13 @@ enable=true ``` #### Level + At which level should be logged + ```toml level=Info ``` + ```toml Off Error @@ -363,26 +395,33 @@ Trace ``` #### Env + Enables the user to choose log level by setting `RUST_LOG=` environment variable + ```toml env=false ``` #### Threads + Should threads be printed in the message + ```toml threads=true ``` #### Color + Should color be enabled for logging messages + ```toml color=true ``` #### Timestamp + Should the timestamp be printed in the message ```toml timestamp=true -``` \ No newline at end of file +``` diff --git a/docs/developer/authentication.md b/docs/developer/authentication.md index c590d73e7..9d9accb31 100644 --- a/docs/developer/authentication.md +++ b/docs/developer/authentication.md @@ -21,9 +21,71 @@ Cracked accounts are also often used for Botting and [Denial of Service](https:/ By default the `online_mode` is enabled in the configuration, This enables Authentication disallowing [Cracked Accounts](#cracked-accounts). When you are willing to allow Cracked Accounts, you can dissable `online_mode` in the `configuration.toml` -### How Authentication works +### How Mojang Authentication works + To ensure a player has a premium accounts: 1. A client with a premium account sends a login request to the Mojang session server. -2. Mojang's servers verify the client's credentials and add the player to the their Servers -3. Now our server will send a Request to the Session servers and check if the Player has joined the Session Server . +2. **Mojang's servers** verify the client's credentials and add the player to the their Servers +3. Now our server will send a Request to the Session servers and check if the Player has joined the Session Server. +4. If the request was successfull, It will give use more information about the Player (e.g. UUID, Name, Skin/Cape...) + +### Custom Authentication Server + +Pumpkin does support custom Authentication servers, You can replace the Authentication URL in `features.toml`. + +Pumpkin Authentication works like this (Mojang/Custom): + +1. GET Request > Authentication + +2. Status Code 200 > Successfull + +3. Successfull > Parse JSON Game Profile + +#### Game Profile + +```rust +id: UUID +``` + +```rust +name: String +``` + +```rust +properties: Array +``` + +> [!IMPORTANT] +> Optional, Only present when actions are taken + +```rust +profile_actions: Array +``` + +##### Property + +```rust +name: String +``` + +> [!IMPORTANT] +> base 64 + +```rust +- value: String +``` + +> [!IMPORTANT] +> Optional, base 64 + +```rust +- signature: String +``` + +##### Profile Action + +```rust +FORCED_NAME_CHANGE +USING_BANNED_SKIN +``` diff --git a/docs/index.md b/docs/index.md index 8a34490e0..2359e0c8d 100644 --- a/docs/index.md +++ b/docs/index.md @@ -11,11 +11,11 @@ hero: text: Quick Start link: /about/quick-start - theme: alt - text: Documentation - link: /about/introduction + text: Configuration + link: /config/introduction - theme: alt text: For developers - link: /plugins/about + link: /developer/introduction features: - title: Written in Rust diff --git a/pumpkin-config/src/auth.rs b/pumpkin-config/src/auth.rs index ad9d611b8..09b77b8b2 100644 --- a/pumpkin-config/src/auth.rs +++ b/pumpkin-config/src/auth.rs @@ -9,10 +9,14 @@ pub struct AuthenticationConfig { #[serde_inline_default(true)] pub enabled: bool, + pub auth_url: String, + /// Prevent proxy connections. #[serde_inline_default(false)] pub prevent_proxy_connections: bool, + pub prevent_proxy_connection_auth_url: String, + /// Player profile handling. #[serde(default)] pub player_profile: PlayerProfileConfig, @@ -29,6 +33,8 @@ impl Default for AuthenticationConfig { prevent_proxy_connections: false, player_profile: Default::default(), textures: Default::default(), + auth_url: "https://sessionserver.mojang.com/session/minecraft/hasJoined?username={username}&serverId={server_hash}".to_string(), + prevent_proxy_connection_auth_url: "https://sessionserver.mojang.com/session/minecraft/hasJoined?username={username}&serverId={server_hash}&ip={ip}".to_string(), } } } diff --git a/pumpkin/src/client/authentication.rs b/pumpkin/src/client/authentication.rs index 062c01b43..195dfa2ae 100644 --- a/pumpkin/src/client/authentication.rs +++ b/pumpkin/src/client/authentication.rs @@ -60,9 +60,18 @@ pub async fn authenticate( assert!(ADVANCED_CONFIG.authentication.enabled); assert!(server.auth_client.is_some()); let address = if ADVANCED_CONFIG.authentication.prevent_proxy_connections { - format!("https://sessionserver.mojang.com/session/minecraft/hasJoined?username={username}&serverId={server_hash}&ip={ip}") + ADVANCED_CONFIG + .authentication + .auth_url + .replace("{username}", username) + .replace("{server_hash}", server_hash) + .replace("{}", &ip.to_string()) } else { - format!("https://sessionserver.mojang.com/session/minecraft/hasJoined?username={username}&serverId={server_hash}") + ADVANCED_CONFIG + .authentication + .auth_url + .replace("{username}", username) + .replace("{server_hash}", server_hash) }; let auth_client = server .auth_client @@ -107,7 +116,6 @@ pub fn is_texture_url_valid(url: Url, config: &TextureConfig) -> Result<(), Text return Err(TextureError::DisallowedUrlScheme(scheme.to_string())); } let domain = url.domain().unwrap_or(""); - dbg!(domain); if !config .allowed_url_domains .iter()