Implement checking for the Patchwork user agent

ProjectLighthouse.Servers.GameServer/Controllers/Login/LoginController.cs

@@ -3,6 +3,7 @@
 using LBPUnion.ProjectLighthouse.Database;
 using LBPUnion.ProjectLighthouse.Extensions;
 using LBPUnion.ProjectLighthouse.Helpers;
+using LBPUnion.ProjectLighthouse.Servers.GameServer.Helpers;
 using LBPUnion.ProjectLighthouse.Logging;
 using LBPUnion.ProjectLighthouse.Tickets;
 using LBPUnion.ProjectLighthouse.Types.Entities.Profile;
@@ -20,7 +21,7 @@
 public class LoginController : ControllerBase
 {
     private readonly DatabaseContext database;
     public LoginController(DatabaseContext database)
     {
         this.database = database;
     }
@@ -74,7 +75,7 @@
             case Platform.PS3:
             case Platform.Vita:
             case Platform.UnitTest:
                 user = await database.Users.FirstOrDefaultAsync(u => u.LinkedPsnId == npTicket.UserId);
                 break;
             case Platform.PSP:
             case Platform.Unknown:
@@ -86,7 +87,7 @@
         if (user == null)
         {
             // Check if there is an account with that username already
             UserEntity? targetUsername = await database.Users.FirstOrDefaultAsync(u => u.Username == npTicket.Username);
             if (targetUsername != null)
             {
                 ulong targetPlatform = npTicket.Platform == Platform.RPCS3
@@ -101,7 +102,7 @@
                 }
 
                 // if there is already a pending link request don't create another
                 bool linkAttemptExists = await database.PlatformLinkAttempts.AnyAsync(p =>
                     p.Platform == npTicket.Platform &&
                     p.PlatformId == npTicket.UserId &&
                     p.UserId == targetUsername.UserId);
@@ -116,8 +117,8 @@
                     Timestamp = TimeHelper.TimestampMillis,
                     PlatformId = npTicket.UserId,
                 };
                 database.PlatformLinkAttempts.Add(linkAttempt);
                 await database.SaveChangesAsync();
                 Logger.Success($"User '{npTicket.Username}' tried to login but platform isn't linked, platform={npTicket.Platform}", LogArea.Login);
                 return this.Forbid();
             }
@@ -147,11 +148,11 @@
             }
 
             // create account for user if they don't exist
             user = await database.CreateUser(username, "$");
             user.Password = null;
             user.LinkedRpcnId = npTicket.Platform == Platform.RPCS3 ? npTicket.UserId : 0;
             user.LinkedPsnId = npTicket.Platform != Platform.RPCS3 ? npTicket.UserId : 0;
             await database.SaveChangesAsync();
 
             if (DiscordConfiguration.Instance.DiscordIntegrationEnabled)
             {
@@ -171,7 +172,7 @@
         // automatically change username if it doesn't match
         else if (user.Username != npTicket.Username)
         {
             bool usernameExists = await database.Users.AnyAsync(u => u.Username == npTicket.Username);
             if (usernameExists)
             {
                 Logger.Warn($"{npTicket.Platform} user changed their name to a name that is already taken," +
@@ -180,17 +181,17 @@
             }
             Logger.Info($"User's username has changed, old='{user.Username}', new='{npTicket.Username}', platform={npTicket.Platform}", LogArea.Login);
             user.Username = username;
             await database.PlatformLinkAttempts.RemoveWhere(p => p.UserId == user.UserId);
             // unlink other platforms because the names no longer match
             if (npTicket.Platform == Platform.RPCS3)
                 user.LinkedPsnId = 0;
             else
                 user.LinkedRpcnId = 0;
 
             await database.SaveChangesAsync();
         }
 
         GameTokenEntity? token = await database.GameTokens.Include(t => t.User)
             .FirstOrDefaultAsync(t => t.User.Username == npTicket.Username && t.TicketHash == npTicket.TicketHash);
 
         if (token != null)
@@ -199,7 +200,7 @@
             return this.Forbid();
         }
 
         token = await database.AuthenticateUser(user, npTicket, ipAddress);
         if (token == null)
         {
             Logger.Warn($"Unable to find/generate a token for username {npTicket.Username}", LogArea.Login);
@@ -212,11 +213,19 @@
             return this.Forbid();
         }
 
+        if (ServerConfiguration.Instance.Authentication.RequirePatchworkUserAgent)
+        {
+            if (!PatchworkHelper.UserHasValidPatchworkUserAgent(token, this.Request.Headers.UserAgent.ToString()))
+            {
+                return this.Forbid();
+            }
+        }
+
         Logger.Success($"Successfully logged in user {user.Username} as {token.GameVersion} client", LogArea.Login);
 
         user.LastLogin = TimeHelper.TimestampMillis;
 
         await database.SaveChangesAsync();
 
         // Create a new room on LBP2/3/Vita
         if (token.GameVersion != GameVersion.LittleBigPlanet1) RoomHelper.CreateRoom(user.UserId, token.GameVersion, token.Platform);

ProjectLighthouse.Servers.GameServer/Controllers/Login/LogoutController.cs

@@ -17,7 +17,7 @@
 
     private readonly DatabaseContext database;
 
     public LogoutController(DatabaseContext database)
     {
         this.database = database;
     }
@@ -38,5 +38,4 @@
         return this.Ok();
     }
 
-
 }

ProjectLighthouse.Servers.GameServer/Controllers/MessageController.cs

@@ -1,4 +1,4 @@
-using System.Text;
+using System.Text; 
 using LBPUnion.ProjectLighthouse.Configuration;
 using LBPUnion.ProjectLighthouse.Database;
 using LBPUnion.ProjectLighthouse.Extensions;
@@ -42,7 +42,7 @@
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.";
 
     public MessageController(DatabaseContext database)
     {
         this.database = database;
     }
@@ -54,6 +54,10 @@
     public async Task<IActionResult> Announce()
     {
         GameTokenEntity token = this.GetToken();
+        UserEntity? user = await this.database.UserFromGameToken(token);
+
+        if (user == null)
+            return this.Forbid();
 
         string username = await this.database.UsernameFromGameToken(token);
 
@@ -72,7 +76,7 @@
                                   $"user.UserId: {token.UserId}\n" +
                                   $"token.GameVersion: {token.GameVersion}\n" +
                                   $"token.TicketHash: {token.TicketHash}\n" +
                                   $"token.ExpiresAt: {token.ExpiresAt.ToString()}\n" +
                                   "---DEBUG INFO---");
         #endif
 
@@ -128,7 +132,7 @@
 
         if (message.StartsWith("/setemail ") && ServerConfiguration.Instance.Mail.MailEnabled)
         {
             string email = message[(message.IndexOf(" ", StringComparison.Ordinal)+1)..];
             if (!SanitizationHelper.IsValidEmail(email)) return this.Ok();
 
             if (await this.database.Users.AnyAsync(u => u.EmailAddress == email)) return this.Ok();

ProjectLighthouse.Servers.GameServer/Helpers/PatchworkHelper.cs

@@ -0,0 +1,42 @@
+using LBPUnion.ProjectLighthouse.Configuration;
+using LBPUnion.ProjectLighthouse.Configuration.ConfigurationCategories;
+using LBPUnion.ProjectLighthouse.Types.Entities.Token;
+using LBPUnion.ProjectLighthouse.Types.Users;
+
+namespace LBPUnion.ProjectLighthouse.Servers.GameServer.Helpers;
+
+public static class PatchworkHelper
+{
+    static int patchworkMajorVer = ServerConfiguration.Instance.Authentication.PatchworkMajorVersionMinimum;
+    static int patchworkMinorVer = ServerConfiguration.Instance.Authentication.PatchworkMinorVersionMinimum;
+    public static bool UserHasValidPatchworkUserAgent(GameTokenEntity token, string userAgent)
+    {
+        string userAgentPrefix = "PatchworkLBP";
+        char gameVersion = userAgent[userAgentPrefix.Length];
+        int numericVersion = 0;
+
+        if (userAgent.StartsWith(userAgentPrefix))
+            return false;
+
+        if (char.IsLetterOrDigit(gameVersion))
+        {
+            if (gameVersion == 'V')
+                numericVersion = 4;
+        }
+        else
+            numericVersion = gameVersion - '0';
+
+        // Don't want it to be 0 still because of Unknown (-1) in GameVersion
+        if (numericVersion == 0)
+            return false;
+
+        if (numericVersion - 1 != (int)token.GameVersion && !Enum.IsDefined(typeof(GameVersion), numericVersion - 1))
+            return false;
+
+        string[] patchworkVer = userAgent.Split(' ')[1].Split('.');
+        if (int.Parse(patchworkVer[0]) >= patchworkMajorVer && int.Parse(patchworkVer[1]) >= patchworkMinorVer)
+            return true;
+
+        return false;
+    }
+}

ProjectLighthouse/Configuration/ConfigurationCategories/AuthenticationConfiguration.cs

@@ -3,11 +3,17 @@
 public class AuthenticationConfiguration
 {
     public bool RegistrationEnabled { get; set; } = true;
     public bool AutomaticAccountCreation { get; set; } = true;
     public bool VerifyTickets { get; set; } = true;
 
     public bool AllowRPCNSignup { get; set; } = true;
 
     public bool AllowPSNSignup { get; set; } = true;
+
+    // Require use of Zaprit's "Patchwork" prx plugin's user agent when connecting to the server
+    // Major and minor version minimums can be left alone if patchwork is not required
+    public bool RequirePatchworkUserAgent { get; set; } = false;
+    public int PatchworkMajorVersionMinimum { get; set; } = 0;
+    public int PatchworkMinorVersionMinimum { get; set; } = 0;
 
 }

ProjectLighthouse/Configuration/ServerConfiguration.cs

@@ -11,39 +11,38 @@
     // This is so Lighthouse can properly identify outdated configurations and update them with newer settings accordingly.
     // If you are modifying anything here, this value MUST be incremented.
     // Thanks for listening~
-    public override int ConfigVersion { get; set; } = 27;
+    public override int ConfigVersion { get; set; } = 29;
 
     public override string ConfigName { get; set; } = "lighthouse.yml";
     public string WebsiteListenUrl { get; set; } = "http://localhost:10060";
     public string GameApiListenUrl { get; set; } = "http://localhost:10061";
     public string ApiListenUrl { get; set; } = "http://localhost:10062";
 
     public string DbConnectionString { get; set; } = "server=127.0.0.1;uid=root;pwd=lighthouse;database=lighthouse";
     public string RedisConnectionString { get; set; } = "redis://localhost:6379";
     public string ExternalUrl { get; set; } = "http://localhost:10060";
     public string GameApiExternalUrl { get; set; } = "http://localhost:10060/LITTLEBIGPLANETPS3_XML";
     public string EulaText { get; set; } = "";
 #if !DEBUG
     public string AnnounceText { get; set; } = "You are now logged in as %user.";
 #else
     public string AnnounceText { get; set; } = "You are now logged in as %user (id: %id).";
 #endif
     public bool CheckForUnsafeFiles { get; set; } = true;
     public bool LogChatFiltering { get; set; } = false;
     public bool LogChatMessages { get; set; } = false;
-
     public AuthenticationConfiguration Authentication { get; set; } = new();
     public CaptchaConfiguration Captcha { get; set; } = new();
     public DigestKeyConfiguration DigestKey { get; set; } = new();
     public MatchmakingConfiguration Matchmaking { get; set; } = new();
     public GoogleAnalyticsConfiguration GoogleAnalytics { get; set; } = new();
     public MailConfiguration Mail { get; set; } = new();
     public UserGeneratedContentLimitConfiguration UserGeneratedContentLimits { get; set; } = new();
     public WebsiteConfiguration WebsiteConfiguration { get; set; } = new();
     public CustomizationConfiguration Customization { get; set; } = new();
     public RateLimitConfiguration RateLimitConfiguration { get; set; } = new();
     public TwoFactorConfiguration TwoFactorConfiguration { get; set; } = new();
     public RichPresenceConfiguration RichPresenceConfiguration { get; set; } = new();
     public NotificationConfiguration NotificationConfiguration { get; set; } = new();
 
     public override ConfigurationBase<ServerConfiguration> Deserialize(IDeserializer deserializer, string text) => deserializer.Deserialize<ServerConfiguration>(text);