Merge remote-tracking branch 'origin/main'

Author: Lenni0451

.github/workflows/build.yml

@@ -18,8 +18,13 @@ jobs:
           check-latest: true
       - name: Build with Gradle
         run: ./gradlew build
-      - name: Upload Artifacts to GitHub
+      - name: Upload ViaProxy plugin to GitHub
         uses: actions/upload-artifact@v4
         with:
-          name: Artifacts
+          name: AuthHook ViaProxy
           path: build/libs/
+      - name: Upload AuthHook agent to GitHub
+        uses: actions/upload-artifact@v4
+        with:
+          name: AuthHook server agent
+          path: Agent/build/libs/

README.md

@@ -1 +1,28 @@
 # ViaProxyAuthHook
+Minecraft Server modification to allow [ViaProxy](https://github.com/RaphiMC/ViaProxy) clients to join online mode servers.
+
+## How it works
+This plugin works by redirecting the authentication requests from the server to the ViaProxy instance.
+ViaProxy then checks if the client is authenticated with ViaProxy and sends the result back to the server.
+Clients which are not authenticated with ViaProxy will be authenticated with the official Mojang authentication servers.
+
+The modification has been confirmed to work on Vanilla, Spigot, Paper, Fabric, Forge and BungeeCord.
+
+## Installation
+1. Download the latest version from [GitHub Actions](https://github.com/ViaVersionAddons/ViaProxyAuthHook/actions).
+2. Put the jar file into the plugins folder of ViaProxy
+3. Run ViaProxy once to generate the config file
+4. Make sure to enable "Proxy Online Mode" in the ViaProxy CLI or config file
+5. Copy the secret key from the AuthHook config file (You will need it later for the server)
+6. Download the latest version of the AuthHook agent (Same link as step 1)
+7. Put the AuthHook agent into the same folder as the server jar
+8. Add the following JVM argument to the server start command: `-javaagent:ViaProxyAuthHook-x.x.x.jar` (Replace x.x.x with the version of the AuthHook agent you downloaded)
+9. Start the server once to generate the config file
+10. Open the config file (It's in the same folder as the server jar) and set the secret key to the key you copied in step 4
+11. Start both the server and ViaProxy. You can now switch the authentication mode to AuthHook (Use `AUTH_HOOK` for CLI or config file).
+
+## Contact
+If you encounter any issues, please report them on the
+[issue tracker](https://github.com/ViaVersionAddons/ViaProxyAuthHook/issues).  
+If you just want to talk or need help using ViaProxyAuthHook feel free to join my
+[Discord](https://discord.gg/dCzT9XHEWu).

gradlew

@@ -17,14 +17,58 @@
  */
 package net.raphimc.authhook;
 
+import net.lenni0451.lambdaevents.EventHandler;
+import net.lenni0451.reflect.Enums;
+import net.lenni0451.reflect.stream.RStream;
+import net.raphimc.authhook.config.AuthHookConfig;
 import net.raphimc.viaproxy.ViaProxy;
 import net.raphimc.viaproxy.plugins.ViaProxyPlugin;
+import net.raphimc.viaproxy.plugins.events.JoinServerRequestEvent;
+import net.raphimc.viaproxy.plugins.events.ViaProxyLoadedEvent;
+import net.raphimc.viaproxy.protocoltranslator.viaproxy.ViaProxyConfig;
+import net.raphimc.viaproxy.ui.I18n;
+import net.raphimc.viaproxy.util.logging.Logger;
+
+import java.net.InetSocketAddress;
+import java.util.Map;
+import java.util.Properties;
 
 public class AuthHook extends ViaProxyPlugin {
 
+    private static ViaProxyConfig.AuthMethod AUTH_HOOK;
+    private AuthHookHttpServer authHookHttpServer;
+
     @Override
     public void onEnable() {
         ViaProxy.EVENT_MANAGER.register(this);
+        AuthHookConfig.load(this.getDataFolder());
+
+        this.authHookHttpServer = new AuthHookHttpServer((InetSocketAddress) AuthHookConfig.bindAddress);
+        Logger.LOGGER.info("AuthHook is listening on http://" + AuthHookConfig.bindAddress);
+
+        AUTH_HOOK = Enums.newInstance(ViaProxyConfig.AuthMethod.class, "AUTH_HOOK", ViaProxyConfig.AuthMethod.values().length, new Class[]{String.class}, new Object[]{"authhook.auth_method.name"});
+        Enums.addEnumInstance(ViaProxyConfig.AuthMethod.class, AUTH_HOOK);
+    }
+
+    @EventHandler
+    private void onViaProxyLoaded(ViaProxyLoadedEvent event) {
+        if (!ViaProxy.getConfig().isProxyOnlineMode()) {
+            Logger.LOGGER.error("Proxy online mode is disabled, please enable it to use the AuthHook plugin!");
+            Logger.LOGGER.error("Without online mode the AuthHook plugin would be effectively useless");
+            Logger.LOGGER.error("Shutting down...");
+            System.exit(0);
+        }
+
+        final Map<String, Properties> locales = RStream.of(I18n.class).fields().by("LOCALES").get();
+        locales.get("en_US").setProperty(AUTH_HOOK.getGuiTranslationKey(), "Use AuthHook");
+    }
+
+    @EventHandler
+    private void onJoinServerRequest(JoinServerRequestEvent event) {
+        if (ViaProxy.getConfig().getAuthMethod() == AUTH_HOOK) {
+            this.authHookHttpServer.addPendingConnection(event.getServerIdHash(), event.getProxyConnection());
+            event.setCancelled(true);
+        }
     }
 
 }

src/main/java/net/raphimc/authhook/AuthHook.java

@@ -0,0 +1,146 @@
+/*
+ * This file is part of ViaProxyAuthHook - https://github.com/ViaVersionAddons/ViaProxyAuthHook
+ * Copyright (C) 2024-2024 RK_01/RaphiMC and contributors
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package net.raphimc.authhook;
+
+import com.google.common.cache.CacheBuilder;
+import com.google.gson.JsonArray;
+import com.google.gson.JsonObject;
+import com.mojang.authlib.GameProfile;
+import io.netty.bootstrap.ServerBootstrap;
+import io.netty.channel.*;
+import io.netty.channel.nio.NioEventLoopGroup;
+import io.netty.channel.socket.nio.NioServerSocketChannel;
+import io.netty.handler.codec.http.*;
+import net.raphimc.authhook.config.AuthHookConfig;
+import net.raphimc.viaproxy.proxy.session.ProxyConnection;
+
+import java.net.InetSocketAddress;
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+
+public class AuthHookHttpServer {
+
+    private final InetSocketAddress bindAddress;
+    private final ChannelFuture channelFuture;
+    private final Map<String, ProxyConnection> pendingConnections = CacheBuilder.newBuilder().expireAfterWrite(1, TimeUnit.MINUTES).<String, ProxyConnection>build().asMap();
+
+    public AuthHookHttpServer(final InetSocketAddress bindAddress) {
+        this.bindAddress = bindAddress;
+        this.channelFuture = new ServerBootstrap()
+                .group(new NioEventLoopGroup(0))
+                .channel(NioServerSocketChannel.class)
+                .option(ChannelOption.SO_BACKLOG, 128)
+                .childOption(ChannelOption.TCP_NODELAY, true)
+                .childOption(ChannelOption.SO_KEEPALIVE, true)
+                .childHandler(new ChannelInitializer<>() {
+                    @Override
+                    protected void initChannel(Channel channel) {
+                        channel.pipeline().addLast("http_codec", new HttpServerCodec());
+                        channel.pipeline().addLast("http_handler", new SimpleChannelInboundHandler<>() {
+                            @Override
+                            protected void channelRead0(ChannelHandlerContext ctx, Object msg) {
+                                if (!(msg instanceof HttpRequest request)) {
+                                    return;
+                                }
+
+                                if (request.uri().startsWith("/" + AuthHookConfig.secretKey + "/")) {
+                                    final String uri = request.uri().substring(AuthHookConfig.secretKey.length() + 1);
+                                    if (request.method().equals(HttpMethod.GET) && uri.startsWith("/session/minecraft/hasJoined")) {
+                                        final QueryStringDecoder queryStringDecoder = new QueryStringDecoder(request.uri());
+                                        if (queryStringDecoder.parameters().containsKey("username") && queryStringDecoder.parameters().containsKey("serverId")) {
+                                            final String username = queryStringDecoder.parameters().get("username").get(0);
+                                            final String serverId = queryStringDecoder.parameters().get("serverId").get(0);
+
+                                            final ProxyConnection proxyConnection = pendingConnections.remove(serverId + "_" + username);
+                                            if (proxyConnection != null) {
+                                                final GameProfile gameProfile = proxyConnection.getGameProfile();
+                                                final JsonObject responseObj = new JsonObject();
+                                                responseObj.addProperty("name", gameProfile.getName());
+                                                responseObj.addProperty("id", gameProfile.getId().toString().replace("-", ""));
+                                                if (!gameProfile.getProperties().isEmpty()) {
+                                                    final JsonArray propertiesArray = new JsonArray();
+                                                    gameProfile.getProperties().forEach((key, value) -> {
+                                                        final JsonObject propertyObj = new JsonObject();
+                                                        propertyObj.addProperty("name", key);
+                                                        propertyObj.addProperty("value", value.getValue());
+                                                        if (value.hasSignature()) {
+                                                            propertyObj.addProperty("signature", value.getSignature());
+                                                        }
+                                                        propertiesArray.add(propertyObj);
+                                                    });
+                                                    responseObj.add("properties", propertiesArray);
+                                                }
+
+                                                final FullHttpResponse response = new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, HttpResponseStatus.OK, ctx.alloc().buffer());
+                                                response.content().writeBytes(responseObj.toString().getBytes());
+                                                response.headers().set(HttpHeaderNames.CONTENT_TYPE, HttpHeaderValues.APPLICATION_JSON);
+                                                response.headers().set(HttpHeaderNames.CONTENT_LENGTH, response.content().readableBytes());
+                                                response.headers().set(HttpHeaderNames.CONNECTION, HttpHeaderValues.CLOSE);
+                                                ctx.writeAndFlush(response).addListener(ChannelFutureListener.FIRE_EXCEPTION_ON_FAILURE).addListener(ChannelFutureListener.CLOSE);
+                                                return;
+                                            }
+                                        }
+                                    }
+
+                                    final HttpClient httpClient = HttpClient.newHttpClient();
+                                    httpClient.sendAsync(java.net.http.HttpRequest.newBuilder().uri(URI.create("https://sessionserver.mojang.com" + uri)).build(), java.net.http.HttpResponse.BodyHandlers.ofByteArray())
+                                            .thenAccept(response -> {
+                                                final FullHttpResponse fullHttpResponse = new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, HttpResponseStatus.valueOf(response.statusCode()), ctx.alloc().buffer());
+                                                fullHttpResponse.content().writeBytes(response.body());
+                                                for (Map.Entry<String, List<String>> entry : response.headers().map().entrySet()) {
+                                                    if (!entry.getKey().startsWith(":")) {
+                                                        fullHttpResponse.headers().set(entry.getKey(), entry.getValue().get(0));
+                                                    }
+                                                }
+                                                fullHttpResponse.headers().set(HttpHeaderNames.CONNECTION, HttpHeaderValues.CLOSE);
+                                                ctx.writeAndFlush(fullHttpResponse).addListener(ChannelFutureListener.FIRE_EXCEPTION_ON_FAILURE).addListener(ChannelFutureListener.CLOSE);
+                                            });
+                                } else {
+                                    ctx.close();
+                                }
+                            }
+
+                            @Override
+                            public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
+                                ctx.close();
+                            }
+                        });
+                    }
+                })
+                .bind(bindAddress)
+                .syncUninterruptibly();
+    }
+
+    public void addPendingConnection(final String serverIdHash, final ProxyConnection connection) {
+        this.pendingConnections.put(serverIdHash + "_" + connection.getGameProfile().getName(), connection);
+    }
+
+    public void stop() {
+        if (this.channelFuture != null) {
+            this.channelFuture.channel().close();
+        }
+    }
+
+    public Channel getChannel() {
+        return this.channelFuture.channel();
+    }
+
+}

src/main/java/net/raphimc/authhook/AuthHookHttpServer.java

@@ -0,0 +1,54 @@
+/*
+ * This file is part of ViaProxyAuthHook - https://github.com/ViaVersionAddons/ViaProxyAuthHook
+ * Copyright (C) 2024-2024 RK_01/RaphiMC and contributors
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package net.raphimc.authhook.config;
+
+import net.lenni0451.optconfig.ConfigLoader;
+import net.lenni0451.optconfig.annotations.*;
+import net.lenni0451.optconfig.provider.ConfigProvider;
+import net.raphimc.viaproxy.util.AddressUtil;
+import net.raphimc.viaproxy.util.logging.Logger;
+
+import java.io.File;
+import java.net.SocketAddress;
+import java.util.UUID;
+
+@OptConfig
+public class AuthHookConfig {
+
+    @Option("secret-key")
+    @Description("The secret key used to verify the servers. Paste this key into the auth_hook.properties config file on your server.")
+    public static String secretKey = UUID.randomUUID().toString().replace("-", "");
+
+    @NotReloadable
+    @Option("bind-address")
+    @Description({"The address AuthHook should listen for HTTP requests."})
+    @TypeSerializer(SocketAddressTypeSerializer.class)
+    public static SocketAddress bindAddress = AddressUtil.parse("127.0.0.1:8080", null);
+
+    public static void load(final File dataFolder) {
+        try {
+            final ConfigLoader<AuthHookConfig> configLoader = new ConfigLoader<>(AuthHookConfig.class);
+            configLoader.getConfigOptions().setResetInvalidOptions(true);
+            configLoader.loadStatic(ConfigProvider.file(new File(dataFolder, "auth_hook.yml")));
+        } catch (Throwable t) {
+            Logger.LOGGER.error("Failed to load the AuthHook configuration!", t);
+            System.exit(-1);
+        }
+    }
+
+}

src/main/java/net/raphimc/authhook/config/AuthHookConfig.java

@@ -0,0 +1,41 @@
+/*
+ * This file is part of ViaProxyAuthHook - https://github.com/ViaVersionAddons/ViaProxyAuthHook
+ * Copyright (C) 2024-2024 RK_01/RaphiMC and contributors
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package net.raphimc.authhook.config;
+
+import net.lenni0451.optconfig.serializer.ConfigTypeSerializer;
+import net.raphimc.viaproxy.util.AddressUtil;
+
+import java.net.SocketAddress;
+
+public class SocketAddressTypeSerializer extends ConfigTypeSerializer<AuthHookConfig, SocketAddress> {
+
+    public SocketAddressTypeSerializer(final AuthHookConfig config) {
+        super(config);
+    }
+
+    @Override
+    public SocketAddress deserialize(final Class<SocketAddress> typeClass, final Object serializedObject) {
+        return AddressUtil.parse((String) serializedObject, null);
+    }
+
+    @Override
+    public Object serialize(final SocketAddress object) {
+        return AddressUtil.toString(object);
+    }
+
+}

src/main/java/net/raphimc/authhook/config/SocketAddressTypeSerializer.java

@@ -2,4 +2,4 @@ name: "AuthHook"
 version: "${version}"
 author: "RK_01 and Lenni0451"
 main: "net.raphimc.authhook.AuthHook"
-min-version: "3.2.1"
+min-version: "3.3.6"