support new auth

Author: olebeck

gophertunnel

@@ -3,6 +3,7 @@ package worlds
 import (
 	"fmt"
 	"maps"
+	"strings"
 	"time"
 
 	"github.com/bedrock-tool/bedrocktool/handlers/worlds/entity"
@@ -104,6 +105,13 @@ func (w *worldsHandler) packetHandlerPreLogin(_pk packet.Packet, timeReceived ti
 	case *packet.BiomeDefinitionList:
 		for _, biome := range pk.BiomeDefinitions {
 			biomeName := pk.StringList[biome.NameIndex]
+			sp := strings.SplitN(biomeName, ":", 2)
+			if len(sp) > 1 {
+				ns := sp[0]
+				if ns == "minecraft" {
+					biomeName = sp[1]
+				}
+			}
 			_, ok := w.serverState.biomes.BiomeByName(biomeName)
 			if !ok {
 				w.serverState.biomes.Register(&customBiome{name: biomeName, biome: biome, pk: pk})

handlers/worlds/packets.go

@@ -5,6 +5,7 @@ import (
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
+	"crypto/x509"
 	"errors"
 	"fmt"
 	"os"
@@ -27,11 +28,19 @@ type Account struct {
 	gatherings *discovery.GatheringsService
 }
 
+type accountTokenSource struct {
+	account *Account
+}
+
+func (a *accountTokenSource) Token() (t *oauth2.Token, err error) {
+	return a.account.Token(context.Background())
+}
+
 func (a *Account) Name() string {
 	return a.name
 }
 
-func (a *Account) Token() (t *oauth2.Token, err error) {
+func (a *Account) Token(ctx context.Context) (t *oauth2.Token, err error) {
 	if a.token == nil {
 		return nil, ErrNotLoggedIn
 	}
@@ -60,11 +69,11 @@ func (a *Account) Discovery() (d *discovery.Discovery, err error) {
 }
 
 func (a *Account) PlayfabXblToken(ctx context.Context) (*xbox.XBLToken, error) {
-	liveToken, err := a.Token()
+	liveToken, err := a.Token(ctx)
 	if err != nil {
 		return nil, err
 	}
-	return xbox.RequestXBLToken(ctx, liveToken, "rp://[playfabapi.com/](https://playfabapi.com/)", a.token.XboxDeviceType())
+	return xbox.RequestXBLToken(ctx, liveToken, "rp://playfabapi.com/", a.token.XboxDeviceType())
 }
 
 func (a *Account) MCToken(ctx context.Context) (*discovery.MCToken, error) {
@@ -115,7 +124,7 @@ func (a *Account) Gatherings(ctx context.Context) (*discovery.GatheringsService,
 
 func (a *Account) Realms() *realms.Client {
 	if a.realms == nil {
-		a.realms = realms.NewClient(a, nil, "")
+		a.realms = realms.NewClient(&accountTokenSource{account: a}, nil, "")
 	}
 	return a.realms
 }
@@ -148,18 +157,44 @@ func (a *Account) Chain(ctx context.Context) (ChainKey *ecdsa.PrivateKey, ChainD
 	return ch.ChainKey, ch.ChainData, nil
 }
 
-func (a *Account) authChain(ctx context.Context) (key *ecdsa.PrivateKey, chain string, err error) {
-	key, _ = ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
-	liveToken, err := a.Token()
+func (a *Account) PfToken(ctx context.Context, publicKey *ecdsa.PublicKey) (string, error) {
+	discovery, err := a.Discovery()
 	if err != nil {
-		return nil, "", fmt.Errorf("request Live Connect token: %w", err)
+		return "", err
+	}
+	authService, err := discovery.AuthService()
+	if err != nil {
+		return "", err
+	}
+	mcToken, err := a.MCToken(ctx)
+	if err != nil {
+		return "", err
+	}
+
+	keyData, _ := x509.MarshalPKIXPublicKey(publicKey)
+	signedToken, _, err := authService.MultiplayerSessionStart(ctx, keyData, mcToken)
+	return signedToken, err
+}
+
+func (a *Account) XBLToken(ctx context.Context) (*auth.XBLToken, error) {
+	liveToken, err := a.Token(ctx)
+	if err != nil {
+		return nil, fmt.Errorf("request Live Connect token: %w", err)
 	}
 	xsts, err := xbox.RequestXBLToken(ctx, liveToken, "https://multiplayer.minecraft.net/", a.token.XboxDeviceType())
 	if err != nil {
-		return nil, "", fmt.Errorf("request XBOX Live token: %w", err)
+		return nil, fmt.Errorf("request XBOX Live token: %w", err)
 	}
-	xstsa := &auth.XBLToken{
+	return &auth.XBLToken{
 		AuthorizationToken: xsts.AuthorizationToken,
+	}, nil
+}
+
+func (a *Account) authChain(ctx context.Context) (key *ecdsa.PrivateKey, chain string, err error) {
+	key, _ = ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
+	xstsa, err := a.XBLToken(ctx)
+	if err != nil {
+		return nil, "", err
 	}
 	chain, err = auth.RequestMinecraftChain(ctx, xstsa, key)
 	if err != nil {

utils/auth/account.go

@@ -85,10 +85,6 @@ func (a *authSrv) Logout() {
 	os.Remove(chainFileName(acc.name))
 }
 
-func (a *authSrv) setAccount(acc *Account) {
-	a.account.Store(acc)
-}
-
 func (a *authSrv) Account() *Account {
 	return a.account.Load()
 }

utils/auth/auth.go

@@ -1,11 +1,9 @@
 package discovery
 
 import (
-	"bytes"
 	"context"
-	"encoding/json"
+	"encoding/base64"
 	"fmt"
-	"io"
 	"net/http"
 	"strings"
 	"time"
@@ -88,50 +86,26 @@ func (a *AuthService) StartSession(ctx context.Context, xblToken, titleid string
 	return &resp.Result, nil
 }
 
-func doRequest[T any](ctx context.Context, client *http.Client, method, url string, payload any, extraHeaders func(*http.Request)) (*T, error) {
-	body, err := json.Marshal(payload)
-	if err != nil {
-		return nil, err
-	}
-	req, err := http.NewRequestWithContext(ctx, method, url, bytes.NewReader(body))
-	if err != nil {
-		return nil, err
-	}
-	req.Header.Set("Accept", "*/*")
-	req.Header.Set("Content-Type", "application/json")
-	req.Header.Set("User-Agent", minecraftUserAgent)
-	req.Header.Set("Accept-Language", "en-US,en;q=0.5")
-	req.Header.Set("Cache-Control", "no-cache")
-	if extraHeaders != nil {
-		extraHeaders(req)
-	}
-
-	res, err := client.Do(req)
-	if err != nil {
-		return nil, err
-	}
-	defer res.Body.Close()
-
-	if res.StatusCode >= 400 {
-		bodyResp, err := io.ReadAll(res.Body)
-		if err != nil {
-			return nil, err
-		}
-		var resp map[string]any
-		err = json.Unmarshal(bodyResp, &resp)
-		if err != nil {
-			return nil, err
-		}
-		return nil, &JsonResponseError{
-			Status: res.Status,
-			Data:   resp,
-		}
-	}
+type multiplayerSessionStartResponse struct {
+	Result struct {
+		IssuedAt    time.Time `json:"issuedAt"`
+		SignedToken string    `json:"signedToken"`
+		ValidUntil  time.Time `json:"validUntil"`
+	} `json:"result"`
+}
 
-	var resp T
-	err = json.NewDecoder(res.Body).Decode(&resp)
+func (a *AuthService) MultiplayerSessionStart(ctx context.Context, publicKey []byte, mcToken *MCToken) (signedToken string, validUntil time.Time, err error) {
+	resp, err := doRequest[multiplayerSessionStartResponse](ctx, http.DefaultClient, "POST",
+		fmt.Sprintf("%s/api/v1.0/multiplayer/session/start", a.ServiceURI),
+		map[string]any{
+			"publicKey": base64.RawStdEncoding.EncodeToString(publicKey),
+		},
+		func(req *http.Request) {
+			req.Header.Set("Authorization", mcToken.AuthorizationHeader)
+		},
+	)
 	if err != nil {
-		return nil, err
+		return "", time.Time{}, err
 	}
-	return &resp, nil
+	return resp.Result.SignedToken, resp.Result.ValidUntil, nil
 }

utils/discovery/authservice.go

@@ -0,0 +1,57 @@
+package discovery
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"io"
+	"net/http"
+)
+
+func doRequest[T any](ctx context.Context, client *http.Client, method, url string, payload any, extraHeaders func(*http.Request)) (*T, error) {
+	body, err := json.Marshal(payload)
+	if err != nil {
+		return nil, err
+	}
+	req, err := http.NewRequestWithContext(ctx, method, url, bytes.NewReader(body))
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Accept", "*/*")
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("User-Agent", minecraftUserAgent)
+	req.Header.Set("Accept-Language", "en-US,en;q=0.5")
+	req.Header.Set("Cache-Control", "no-cache")
+	if extraHeaders != nil {
+		extraHeaders(req)
+	}
+
+	res, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+
+	if res.StatusCode >= 400 {
+		bodyResp, err := io.ReadAll(res.Body)
+		if err != nil {
+			return nil, err
+		}
+		var resp map[string]any
+		err = json.Unmarshal(bodyResp, &resp)
+		if err != nil {
+			return nil, err
+		}
+		return nil, &JsonResponseError{
+			Status: res.Status,
+			Data:   resp,
+		}
+	}
+
+	var resp T
+	err = json.NewDecoder(res.Body).Decode(&resp)
+	if err != nil {
+		return nil, err
+	}
+	return &resp, nil
+}

utils/discovery/request.go

@@ -84,6 +84,10 @@ func (p *packetLogger) logPacket(pk packet.Packet, t time.Time, toServer bool) e
 		utils.DumpStruct(p.packetLogWriter, pk)
 		p.packetLogWriter.Write([]byte("\n\n\n"))
 		p.packetLogWriter.Flush()
+		//switch pk := pk.(type) {
+		//case *packet.Login:
+		//	fmt.Fprintf(p.packetLogWriter, "%s\n", hex.EncodeToString(pk.ConnectionRequest))
+		//}
 	}
 
 	var dir string = dirS2C

utils/proxy/packet_logger.go

@@ -378,7 +378,7 @@ func (s *Session) connectServer(ctx context.Context, rpHandler *resourcepacks.Re
 
 	logrus.Info(locale.Loc("connecting", locale.Strmap{"Address": address}))
 	dialer := minecraft.Dialer{
-		TokenSource:                s.connectInfo.Account,
+		AuthSource:                 s.connectInfo.Account,
 		DisconnectOnUnknownPackets: false,
 		ErrorLog:                   slog.Default(),
 		PacketFunc:                 s.packetFunc,
@@ -399,16 +399,6 @@ func (s *Session) connectServer(ctx context.Context, rpHandler *resourcepacks.Re
 			conn.SetPrePlayPacketHandler(s.serverPrePlayHandler)
 		},
 	}
-	for range 3 {
-		dialer.ChainKey, dialer.ChainData, err = s.connectInfo.Account.Chain(s.ctx)
-		if err != nil {
-			continue
-		}
-		break
-	}
-	if err != nil {
-		return err
-	}
 
 	_, err = dialer.DialContext(ctx, "raknet", address, 20*time.Second)
 	if err != nil {