de/d0b/_process_self_signed_login_task_8php_source.html

<?php


/*

 *

 *  ____            _        _   __  __ _                  __  __ ____

 * |  _ \ ___   ___| | _____| |_|  \/  (_)_ __   ___      |  \/  |  _ \

 * | |_) / _ \ / __| |/ / _ \ __| |\/| | | '_ \ / _ \_____| |\/| | |_) |

 * |  __/ (_) | (__|   <  __/ |_| |  | | | | | |  __/_____| |  | |  __/

 * |_|   \___/ \___|_|\_\___|\__|_|  |_|_|_| |_|\___|     |_|  |_|_|

 *

 * This program is free software: you can redistribute it and/or modify

 * it under the terms of the GNU Lesser General Public License as published by

 * the Free Software Foundation, either version 3 of the License, or

 * (at your option) any later version.

 *

 * @author PocketMine Team

 * @link http://www.pocketmine.net/

 *

 *

 */


declare(strict_types=1);


namespace pocketmine\network\mcpe\auth;


use pocketmine\lang\Translatable;

use pocketmine\scheduler\AsyncTask;

use pocketmine\thread\NonThreadSafeValue;

use function base64_decode;


class ProcessSelfSignedLoginTask extends AsyncTask{

    private const TLS_KEY_ON_COMPLETION = "completion";


    public const MOJANG_AUDIENCE = "api://auth-minecraft-services/multiplayer";


    private NonThreadSafeValue|string|null $error = "Unknown";

    private ?string $clientPublicKeyDer = null;


    public function __construct(

        private string $jwt,

        private string $selfSignedKeyDer,

        private string $clientDataJwt,

        private bool $authRequired,

        \Closure $onCompletion

    ){

        $this->storeLocal(self::TLS_KEY_ON_COMPLETION, $onCompletion);

    }


    public function onRun() : void{

        try{

            $this->clientPublicKeyDer = $this->validateChain();

            $this->error = null;

        }catch(VerifyLoginException $e){

            $disconnectMessage = $e->getDisconnectMessage();

            $this->error = $disconnectMessage instanceof Translatable ? new NonThreadSafeValue($disconnectMessage) : $disconnectMessage;

        }

    }


    private function validateChain() : string{

        $claims = AuthJwtHelper::validateSelfSignedAuthToken($this->jwt, $this->selfSignedKeyDer, audience: self::MOJANG_AUDIENCE);

        //validateToken will throw if the JWT is not valid


        $clientDerKey = base64_decode($claims->cpk, strict: true);

        if($clientDerKey === false){

            throw new VerifyLoginException("Invalid client public key: base64 error decoding");

        }

        //no further validation needed - OpenSSL will bail if the key is invalid

        AuthJwtHelper::validateSelfSignedToken($this->clientDataJwt, $clientDerKey);


        return $clientDerKey;

    }


    public function onCompletion() : void{

        $callback = $this->fetchLocal(self::TLS_KEY_ON_COMPLETION);

        $callback(false, $this->authRequired, $this->error instanceof NonThreadSafeValue ? $this->error->deserialize() : $this->error, $this->clientPublicKeyDer);

    }


}


pocketmine\lang\Translatable
Definition Translatable.php:28

pocketmine\network\mcpe\auth\ProcessSelfSignedLoginTask
Definition ProcessSelfSignedLoginTask.php:35

pocketmine\network\mcpe\auth\ProcessSelfSignedLoginTask\__construct
__construct(private string $jwt, private string $selfSignedKeyDer, private string $clientDataJwt, private bool $authRequired, \Closure $onCompletion)
Definition ProcessSelfSignedLoginTask.php:53

pocketmine\network\mcpe\auth\ProcessSelfSignedLoginTask\onRun
onRun()
Definition ProcessSelfSignedLoginTask.php:63

pocketmine\network\mcpe\auth\ProcessSelfSignedLoginTask\onCompletion
onCompletion()
Definition ProcessSelfSignedLoginTask.php:87

pocketmine\network\mcpe\auth\VerifyLoginException
Definition VerifyLoginException.php:28

pocketmine\scheduler\AsyncTask
Definition AsyncTask.php:59

pocketmine\scheduler\AsyncTask\storeLocal
storeLocal(string $key, mixed $complexData)
Definition AsyncTask.php:151

pocketmine\thread\NonThreadSafeValue
Definition NonThreadSafeValue.php:38

pocketmine\thread\NonThreadSafeValue\deserialize
deserialize()
Definition NonThreadSafeValue.php:55