From da87d4bc861c3b94dec6c6eb14d64000b04eddd2 Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Wed, 18 Oct 2017 19:13:30 +0300
Subject: [PATCH 1/4] 1.1.20-dev [skip ci]

---
 common/config/config.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/config/config.php b/common/config/config.php
index 99e5160..a053a60 100644
--- a/common/config/config.php
+++ b/common/config/config.php
@@ -1,6 +1,6 @@
 <?php
 return [
-    'version' => '1.1.19',
+    'version' => '1.1.20-dev',
     'vendorPath' => dirname(__DIR__, 2) . '/vendor',
     'components' => [
         'cache' => [

From b8e445b99f32e7a9457f9df1618887be275ac3a3 Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Fri, 20 Oct 2017 15:02:52 +0300
Subject: [PATCH 2/4] =?UTF-8?q?=D0=98=D1=81=D0=BF=D1=80=D0=B0=D0=B2=D0=BB?=
 =?UTF-8?q?=D0=B5=D0=BD=D0=B0=20=D0=BE=D0=B1=D1=80=D0=B0=D0=B1=D0=BE=D1=82?=
 =?UTF-8?q?=D0=BA=D0=B0=20=D1=81=D0=B8=D1=82=D1=83=D0=B0=D1=86=D0=B8=D0=B8?=
 =?UTF-8?q?,=20=D0=BA=D0=BE=D0=B3=D0=B4=D0=B0=20uuid=20selectedProfile=20?=
 =?UTF-8?q?=D0=BF=D1=80=D0=B8=20join=20=D0=BE=D0=BF=D0=B5=D1=80=D0=B0?=
 =?UTF-8?q?=D1=86=D0=B8=D0=B8=20=D0=BF=D0=B5=D1=80=D0=B5=D0=B4=D0=B0=D0=BD?=
 =?UTF-8?q?=20=D0=B1=D0=B5=D0=B7=20=D0=B4=D0=B5=D1=84=D0=B8=D1=81=D0=BE?=
 =?UTF-8?q?=D0=B2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 api/modules/session/models/JoinForm.php               |  6 +++++-
 .../api/functional/sessionserver/JoinCest.php         | 11 +++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/api/modules/session/models/JoinForm.php b/api/modules/session/models/JoinForm.php
index 22478f6..b8b2aff 100644
--- a/api/modules/session/models/JoinForm.php
+++ b/api/modules/session/models/JoinForm.php
@@ -126,7 +126,7 @@ class JoinForm extends Model {
 
         $selectedProfile = $this->selectedProfile;
         $isUuid = StringHelper::isUuid($selectedProfile);
-        if ($isUuid && $account->uuid !== $selectedProfile) {
+        if ($isUuid && $account->uuid !== $this->normalizeUUID($selectedProfile)) {
             Session::error(
                 "User with access_token = '{$accessToken}' trying to join with identity = '{$selectedProfile}'," .
                 " but access_token issued to account with id = '{$account->uuid}'."
@@ -149,4 +149,8 @@ class JoinForm extends Model {
         return $this->account;
     }
 
+    private function normalizeUUID(string $uuid): string {
+        return Uuid::fromString($uuid)->toString();
+    }
+
 }
diff --git a/tests/codeception/api/functional/sessionserver/JoinCest.php b/tests/codeception/api/functional/sessionserver/JoinCest.php
index af67ed6..1d539a1 100644
--- a/tests/codeception/api/functional/sessionserver/JoinCest.php
+++ b/tests/codeception/api/functional/sessionserver/JoinCest.php
@@ -52,6 +52,17 @@ class JoinCest {
         $this->expectSuccessResponse($I);
     }
 
+    public function joinByOauth2TokenWithNotDashedUUID(OauthSteps $I) {
+        $I->wantTo('join to server, using modern oAuth2 generated token and non dashed uuid');
+        $accessToken = $I->getAccessToken([P::MINECRAFT_SERVER_SESSION]);
+        $this->route->join([
+            'accessToken' => $accessToken,
+            'selectedProfile' => 'df936908b2e1544d96f82977ec213022',
+            'serverId' => Uuid::uuid(),
+        ]);
+        $this->expectSuccessResponse($I);
+    }
+
     public function joinByModernOauth2TokenWithoutPermission(OauthSteps $I) {
         $I->wantTo('join to server, using moder oAuth2 generated token, but without minecraft auth permission');
         $accessToken = $I->getAccessToken(['account_info', 'account_email']);

From 6d4d2177d0010ef79f90fc6d7124be1e62a0b3ae Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Fri, 20 Oct 2017 15:19:39 +0300
Subject: [PATCH 3/4] =?UTF-8?q?=D0=98=D1=81=D0=BF=D1=80=D0=B0=D0=B2=D0=BB?=
 =?UTF-8?q?=D0=B5=D0=BD=D0=B0=20=D0=BE=D0=B1=D1=80=D0=B0=D0=B1=D0=BE=D1=82?=
 =?UTF-8?q?=D0=BA=D0=B0=20=D1=81=D0=B8=D1=82=D1=83=D0=B0=D1=86=D0=B8=D0=B8?=
 =?UTF-8?q?,=20=D0=BA=D0=BE=D0=B3=D0=B4=D0=B0=20=D0=BF=D1=80=D0=B8=20?=
 =?UTF-8?q?=D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0?=
 =?UTF-8?q?=D0=BD=D0=B8=D0=B8=20=D1=81=D1=82=D0=B0=D1=80=D0=BE=D0=B3=D0=BE?=
 =?UTF-8?q?=20=D0=BF=D1=80=D0=BE=D1=82=D0=BE=D0=BA=D0=BE=D0=BB=D0=B0=20?=
 =?UTF-8?q?=D0=B0=D0=B2=D1=82=D0=BE=D1=80=D0=B8=D0=B7=D0=B0=D1=86=D0=B8?=
 =?UTF-8?q?=D0=B8=20=D0=BD=D0=B0=20=D1=81=D0=B5=D1=80=D0=B2=D0=B5=D1=80?=
 =?UTF-8?q?=D0=B5=20=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82?=
 =?UTF-8?q?=D0=B5=D0=BB=D1=8C=20=D0=BF=D0=B5=D1=80=D0=B5=D0=B4=D0=B0=D0=B2?=
 =?UTF-8?q?=D0=B0=D0=BB=20=D1=81=D0=B2=D0=BE=D0=B9=20=D0=BD=D0=B8=D0=BA=20?=
 =?UTF-8?q?=D0=B2=20=D0=BD=D0=B5=D0=BF=D1=80=D0=B0=D0=B2=D0=B8=D0=BB=D1=8C?=
 =?UTF-8?q?=D0=BD=D0=BE=D0=BC=20=D1=80=D0=B5=D0=B3=D0=B8=D1=81=D1=82=D1=80?=
 =?UTF-8?q?=D0=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 api/modules/session/models/JoinForm.php               |  2 +-
 .../api/functional/sessionserver/JoinLegacyCest.php   | 11 +++++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/api/modules/session/models/JoinForm.php b/api/modules/session/models/JoinForm.php
index b8b2aff..2676fb2 100644
--- a/api/modules/session/models/JoinForm.php
+++ b/api/modules/session/models/JoinForm.php
@@ -134,7 +134,7 @@ class JoinForm extends Model {
             throw new ForbiddenOperationException('Wrong selected_profile.');
         }
 
-        if (!$isUuid && $account->username !== $selectedProfile) {
+        if (!$isUuid && mb_strtolower($account->username) !== mb_strtolower($selectedProfile)) {
             Session::error(
                 "User with access_token = '{$accessToken}' trying to join with identity = '{$selectedProfile}'," .
                 " but access_token issued to account with username = '{$account->username}'."
diff --git a/tests/codeception/api/functional/sessionserver/JoinLegacyCest.php b/tests/codeception/api/functional/sessionserver/JoinLegacyCest.php
index a04cbc0..27fe28c 100644
--- a/tests/codeception/api/functional/sessionserver/JoinLegacyCest.php
+++ b/tests/codeception/api/functional/sessionserver/JoinLegacyCest.php
@@ -30,6 +30,17 @@ class JoinLegacyCest {
         $this->expectSuccessResponse($I);
     }
 
+    public function joinByOauth2TokenAndDifferentLetterCase(AuthserverSteps $I) {
+        $I->wantTo('join to server by legacy protocol, using legacy authserver access token and different letter case');
+        [$accessToken] = $I->amAuthenticated();
+        $this->route->joinLegacy([
+            'sessionId' => $accessToken,
+            'user' => 'admin',
+            'serverId' => Uuid::uuid(),
+        ]);
+        $this->expectSuccessResponse($I);
+    }
+
     public function joinByNewSessionFormat(AuthserverSteps $I) {
         $I->wantTo('join to server by legacy protocol with new launcher session format, using legacy authserver');
         [$accessToken] = $I->amAuthenticated();

From 9d8b695fff63fd65a83059e1a2ee209986821336 Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Fri, 20 Oct 2017 15:20:02 +0300
Subject: [PATCH 4/4] 1.1.20 [skip ci]

---
 common/config/config.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/config/config.php b/common/config/config.php
index a053a60..b353408 100644
--- a/common/config/config.php
+++ b/common/config/config.php
@@ -1,6 +1,6 @@
 <?php
 return [
-    'version' => '1.1.20-dev',
+    'version' => '1.1.20',
     'vendorPath' => dirname(__DIR__, 2) . '/vendor',
     'components' => [
         'cache' => [