PocketMine-MP 5.35.1 git-e32e836dad793a3a3c8ddd8927c00e112b1e576a
Loading...
Searching...
No Matches
ProcessLegacyLoginTask.php
1<?php
2
3/*
4 *
5 * ____ _ _ __ __ _ __ __ ____
6 * | _ \ ___ ___| | _____| |_| \/ (_)_ __ ___ | \/ | _ \
7 * | |_) / _ \ / __| |/ / _ \ __| |\/| | | '_ \ / _ \_____| |\/| | |_) |
8 * | __/ (_) | (__| < __/ |_| | | | | | | | __/_____| | | | __/
9 * |_| \___/ \___|_|\_\___|\__|_| |_|_|_| |_|\___| |_| |_|_|
10 *
11 * This program is free software: you can redistribute it and/or modify
12 * it under the terms of the GNU Lesser General Public License as published by
13 * the Free Software Foundation, either version 3 of the License, or
14 * (at your option) any later version.
15 *
16 * @author PocketMine Team
17 * @link http://www.pocketmine.net/
18 *
19 *
20 */
21
22declare(strict_types=1);
23
24namespace pocketmine\network\mcpe\auth;
25
31use function base64_decode;
32use function igbinary_serialize;
33use function igbinary_unserialize;
34
36 private const TLS_KEY_ON_COMPLETION = "completion";
37
43 public const LEGACY_MOJANG_ROOT_PUBLIC_KEY = "MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAECRXueJeTDqNRRgJi/vlRufByu/2G0i2Ebt6YMar5QX/R0DIIyrJMcUpruK4QveTfJSTp3Shlq4Gk34cD/4GUWwkv0DVuzeuB+tXija7HBxii03NHDbPAD0AKnLr2wdAp";
44
45 private string $chain;
46
54 private NonThreadSafeValue|string|null $error = "Unknown";
56 private bool $authenticated = false;
57 private ?string $clientPublicKeyDer = null;
58
63 public function __construct(
64 array $chainJwts,
65 private string $clientDataJwt,
66 private ?string $rootAuthKeyDer,
67 private bool $authRequired,
68 \Closure $onCompletion
69 ){
70 $this->storeLocal(self::TLS_KEY_ON_COMPLETION, $onCompletion);
71 $this->chain = igbinary_serialize($chainJwts) ?? throw new AssumptionFailedError("This should never fail");
72 }
73
74 public function onRun() : void{
75 try{
76 $this->clientPublicKeyDer = $this->validateChain();
77 AuthJwtHelper::validateSelfSignedToken($this->clientDataJwt, $this->clientPublicKeyDer);
78 $this->error = null;
79 }catch(VerifyLoginException $e){
80 $disconnectMessage = $e->getDisconnectMessage();
81 $this->error = $disconnectMessage instanceof Translatable ? new NonThreadSafeValue($disconnectMessage) : $disconnectMessage;
82 }
83 }
84
85 private function validateChain() : string{
87 $chain = igbinary_unserialize($this->chain);
88
89 $identityPublicKeyDer = null;
90
91 foreach($chain as $jwt){
92 $claims = AuthJwtHelper::validateLegacyAuthToken($jwt, $identityPublicKeyDer);
93 if($this->rootAuthKeyDer !== null && $identityPublicKeyDer === $this->rootAuthKeyDer){
94 $this->authenticated = true; //we're signed into xbox live, according to this root key
95 }
96 if(!isset($claims->identityPublicKey)){
97 throw new VerifyLoginException("Missing identityPublicKey in chain link", KnownTranslationFactory::pocketmine_disconnect_invalidSession_missingKey());
98 }
99 $identityPublicKey = base64_decode($claims->identityPublicKey, true);
100 if($identityPublicKey === false){
101 throw new VerifyLoginException("Invalid identityPublicKey: base64 error decoding");
102 }
103 $identityPublicKeyDer = $identityPublicKey;
104 }
105
106 if($identityPublicKeyDer === null){
107 throw new VerifyLoginException("No authentication chain links provided");
108 }
109
110 return $identityPublicKeyDer;
111 }
112
113 public function onCompletion() : void{
118 $callback = $this->fetchLocal(self::TLS_KEY_ON_COMPLETION);
119 $callback($this->authenticated, $this->authRequired, $this->error instanceof NonThreadSafeValue ? $this->error->deserialize() : $this->error, $this->clientPublicKeyDer);
120 }
121}
__construct(array $chainJwts, private string $clientDataJwt, private ?string $rootAuthKeyDer, private bool $authRequired, \Closure $onCompletion)
storeLocal(string $key, mixed $complexData)