-
Notifications
You must be signed in to change notification settings - Fork 65
/
ProfileKeyFilter.java
84 lines (75 loc) · 3.43 KB
/
ProfileKeyFilter.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
/*
* Copyright (C) 2022 Haowei Wen <yushijinhun@gmail.com> and contributors
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
package moe.yushi.authlibinjector.httpd;
import static java.nio.charset.StandardCharsets.UTF_8;
import static moe.yushi.authlibinjector.util.IOUtils.CONTENT_TYPE_JSON;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.time.Instant;
import java.time.format.DateTimeFormatter;
import java.time.temporal.ChronoUnit;
import java.util.Base64;
import java.util.Optional;
import moe.yushi.authlibinjector.internal.fi.iki.elonen.IHTTPSession;
import moe.yushi.authlibinjector.internal.fi.iki.elonen.Response;
import moe.yushi.authlibinjector.internal.fi.iki.elonen.Status;
import moe.yushi.authlibinjector.internal.org.json.simple.JSONObject;
/**
* Intercepts Minecraft's request to https://api.minecraftservices.com/player/certificates,
* and returns an empty response.
*/
public class ProfileKeyFilter implements URLFilter {
@Override
public boolean canHandle(String domain) {
return domain.equals("api.minecraftservices.com");
}
@Override
public Optional<Response> handle(String domain, String path, IHTTPSession session) throws IOException {
if (domain.equals("api.minecraftservices.com") && path.equals("/player/certificates") && session.getMethod().equals("POST")) {
return Optional.of(Response.newFixedLength(Status.OK, CONTENT_TYPE_JSON, makeDummyResponse().toJSONString()));
}
return Optional.empty();
}
private JSONObject makeDummyResponse() {
KeyPairGenerator generator;
try {
generator = KeyPairGenerator.getInstance("RSA");
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
generator.initialize(2048);
KeyPair keyPair = generator.generateKeyPair();
Base64.Encoder base64 = Base64.getMimeEncoder(76, "\n".getBytes(UTF_8));
String publicKeyPEM = "-----BEGIN RSA PUBLIC KEY-----\n" + base64.encodeToString(keyPair.getPublic().getEncoded()) + "\n-----END RSA PUBLIC KEY-----\n";
String privateKeyPEM = "-----BEGIN RSA PRIVATE KEY-----\n" + base64.encodeToString(keyPair.getPrivate().getEncoded()) + "\n-----END RSA PRIVATE KEY-----\n";
Instant now = Instant.now();
Instant expiresAt = now.plus(48, ChronoUnit.HOURS);
Instant refreshedAfter = now.plus(36, ChronoUnit.HOURS);
JSONObject response = new JSONObject();
JSONObject keyPairObj = new JSONObject();
keyPairObj.put("privateKey", privateKeyPEM);
keyPairObj.put("publicKey", publicKeyPEM);
response.put("keyPair", keyPairObj);
response.put("publicKeySignature", "AA==");
response.put("publicKeySignatureV2", "AA==");
response.put("expiresAt", DateTimeFormatter.ISO_INSTANT.format(expiresAt));
response.put("refreshedAfter", DateTimeFormatter.ISO_INSTANT.format(refreshedAfter));
return response;
}
}