ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Немного рефакторинга Join формы для учёта Legacy API

Browse Source 
Добавлена поддержка чтения данных из POST запроса, если они переданы как RAW json
Исправлен StringHelper::isUuid()
This commit is contained in:
ErickSkrauch
2016-09-05 17:55:38 +03:00
parent 34d725abe2
commit e8b5e90a91
12 changed files with 338 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
api/modules/session/controllers/SessionController.php
View File

@@ -2,7 +2,13 @@
namespace api\modules\session\controllers;
use api\controllers\ApiController;
use api\modules\session\exceptions\ForbiddenOperationException;
use api\modules\session\exceptions\SessionServerException;
use api\modules\session\models\JoinForm;
use api\modules\session\models\protocols\LegacyJoin;
use api\modules\session\models\protocols\ModernJoin;
use Yii;
use yii\web\Response;
class SessionController extends ApiController {
@@ -14,15 +20,41 @@ class SessionController extends ApiController {
}
public function actionJoin() {
$joinForm = new JoinForm();
$joinForm->loadByPost();
Yii::$app->response->format = Response::FORMAT_JSON;
$data = Yii::$app->request->post();
if (empty($data)) {
// TODO: помнится у Yii2 есть механизм парсинга данных входящего запроса. Лучше будет сделать это там
$data = json_decode(Yii::$app->request->getRawBody(), true);
}
$protocol = new ModernJoin($data['accessToken'] ?? '', $data['selectedProfile'] ?? '', $data['serverId'] ?? '');
$joinForm = new JoinForm($protocol);
$joinForm->join();
return ['id' => 'OK'];
}
public function actionJoinLegacy() {
Yii::$app->response->format = Response::FORMAT_RAW;
$data = Yii::$app->request->get();
$protocol = new LegacyJoin($data['user'] ?? '', $data['sessionId'] ?? '', $data['serverId'] ?? '');
$joinForm = new JoinForm($protocol);
try {
$joinForm->join();
} catch (SessionServerException $e) {
Yii::$app->response->statusCode = $e->statusCode;
if ($e instanceof ForbiddenOperationException) {
$message = 'Ely.by authorization required';
} else {
$message = $e->getMessage();
}
return $message;
}
return 'OK';
}
}

27
api/modules/session/models/Form.php
View File

@@ -1,27 +0,0 @@
<?php
namespace api\modules\session\models;
use Yii;
use yii\base\Model;
abstract class Form extends Model {
public function formName() {
return '';
}
public function loadByGet() {
return $this->load(Yii::$app->request->get());
}
public function loadByPost() {
$data = Yii::$app->request->post();
// TODO: проверить, парсит ли Yii2 raw body и что он делает, если там неспаршенный json
/*if (empty($data)) {
$data = $request->getJsonRawBody(true);
}*/
return $this->load($data);
}
}

68
api/modules/session/models/JoinForm.php
View File

@@ -3,60 +3,92 @@ namespace api\modules\session\models;
use api\modules\session\exceptions\ForbiddenOperationException;
use api\modules\session\exceptions\IllegalArgumentException;
use api\modules\session\models\protocols\JoinInterface;
use api\modules\session\Module as Session;
use api\modules\session\validators\RequiredValidator;
use common\helpers\StringHelper;
use common\models\OauthScope as S;
use common\validators\UuidValidator;
use common\models\Account;
use common\models\MinecraftAccessKey;
use Yii;
use yii\base\ErrorException;
use yii\base\Model;
use yii\web\UnauthorizedHttpException;
class JoinForm extends Form {
class JoinForm extends Model {
public $accessToken;
public $selectedProfile;
public $serverId;
private $accessToken;
private $selectedProfile;
private $serverId;
/**
* @var Account|null
*/
private $account;
/**
* @var JoinInterface
*/
private $protocol;
public function __construct(JoinInterface $protocol, array $config = []) {
$this->protocol = $protocol;
$this->accessToken = $protocol->getAccessToken();
$this->selectedProfile = $protocol->getSelectedProfile();
$this->serverId = $protocol->getServerId();
parent::__construct($config);
}
public function rules() {
return [
[['accessToken', 'selectedProfile', 'serverId'], RequiredValidator::class],
[['accessToken', 'serverId'], RequiredValidator::class],
[['accessToken', 'selectedProfile'], 'validateUuid'],
[['accessToken'], 'validateAccessToken'],
];
}
public function join() {
Session::info(
"User with access_token = '{$this->accessToken}' trying join to server with server_id = " .
"'{$this->serverId}'."
);
$serverId = $this->serverId;
$accessToken = $this->accessToken;
Session::info("User with access_token = '{$accessToken}' trying join to server with server_id = '{$serverId}'.");
if (!$this->validate()) {
return false;
}
$account = $this->getAccount();
$sessionModel = new SessionModel($account->username, $this->serverId);
$sessionModel = new SessionModel($account->username, $serverId);
if (!$sessionModel->save()) {
throw new ErrorException('Cannot save join session model');
}
Session::info(
"User with access_token = '{$this->accessToken}' and nickname = '{$account->username}' successfully " .
"joined to server_id = '{$this->serverId}'."
"User with access_token = '{$accessToken}' and nickname = '{$account->username}' successfully joined to " .
"server_id = '{$serverId}'."
);
return true;
}
public function validate($attributeNames = null, $clearErrors = true) {
if (!$this->protocol->validate()) {
throw new IllegalArgumentException();
}
return parent::validate($attributeNames, $clearErrors);
}
public function validateUuid($attribute) {
if ($this->hasErrors($attribute)) {
return;
}
if ($attribute === 'selectedProfile' && !StringHelper::isUuid($this->selectedProfile)) {
// Это нормально. Там может быть ник игрока, если это Legacy авторизация
return;
}
$validator = new UuidValidator();
$validator->validateAttribute($this, $attribute);
@@ -101,12 +133,20 @@ class JoinForm extends Form {
throw new ForbiddenOperationException('Expired access_token.');
}
if ($account->uuid !== $this->selectedProfile) {
$selectedProfile = $this->selectedProfile;
$isUuid = StringHelper::isUuid($selectedProfile);
if ($isUuid && $account->uuid !== $selectedProfile) {
Session::error(
"User with access_token = '{$accessToken}' trying to join with identity = '{$this->selectedProfile}'," .
"User with access_token = '{$accessToken}' trying to join with identity = '{$selectedProfile}'," .
" but access_token issued to account with id = '{$account->uuid}'."
);
throw new ForbiddenOperationException('Wrong selected_profile.');
} elseif (!$isUuid && $account->username !== $selectedProfile) {
Session::error(
"User with access_token = '{$accessToken}' trying to join with identity = '{$selectedProfile}'," .
" but access_token issued to account with username = '{$account->username}'."
);
throw new ForbiddenOperationException('Invalid credentials');
}
$this->account = $account;

14
api/modules/session/models/protocols/BaseJoin.php Normal file
View File

@@ -0,0 +1,14 @@
<?php
namespace api\modules\session\models\protocols;
abstract class BaseJoin implements JoinInterface {
abstract public function getAccessToken() : string;
abstract public function getSelectedProfile() : string;
abstract public function getServerId() : string;
abstract public function validate() : bool;
}

15
api/modules/session/models/protocols/JoinInterface.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace api\modules\session\models\protocols;
interface JoinInterface {
public function getAccessToken() : string;
// TODO: после перехода на PHP 7.1 сменить тип на ?string и возвращать null, если параметр не передан
public function getSelectedProfile() : string;
public function getServerId() : string;
public function validate() : bool;
}

63
api/modules/session/models/protocols/LegacyJoin.php Normal file
View File

@@ -0,0 +1,63 @@
<?php
namespace api\modules\session\models\protocols;
use yii\validators\RequiredValidator;
class LegacyJoin extends BaseJoin {
private $user;
private $sessionId;
private $serverId;
private $accessToken;
private $uuid;
public function __construct(string $user, string $sessionId, string $serverId) {
$this->user = $user;
$this->sessionId = $sessionId;
$this->serverId = $serverId;
$this->parseSessionId($this->sessionId);
}
public function getAccessToken() : string {
return $this->accessToken;
}
public function getSelectedProfile() : string {
return $this->uuid ?: $this->user;
}
public function getServerId() : string {
return $this->serverId;
}
/**
* @return bool
*/
public function validate() : bool {
$validator = new RequiredValidator();
return $validator->validate($this->accessToken)
&& $validator->validate($this->user)
&& $validator->validate($this->serverId);
}
/**
* Метод проводит инициализацию значений полей для соотвествия общим канонам
* именования в проекте
*
* Бьём по ':' для учёта авторизации в современных лаунчерах и входе на более старую
* версию игры. Там sessionId передаётся как "token:{accessToken}:{uuid}", так что это нужно обработать
*/
protected function parseSessionId(string $sessionId) {
$parts = explode(':', $sessionId);
if (count($parts) === 3) {
$this->accessToken = $parts[1];
$this->uuid = $parts[2];
} else {
$this->accessToken = $this->sessionId;
}
}
}

38
api/modules/session/models/protocols/ModernJoin.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
namespace api\modules\session\models\protocols;
use yii\validators\RequiredValidator;
class ModernJoin extends BaseJoin {
private $accessToken;
private $selectedProfile;
private $serverId;
public function __construct(string $accessToken, string $selectedProfile, string $serverId) {
$this->accessToken = $accessToken;
$this->selectedProfile = $selectedProfile;
$this->serverId = $serverId;
}
public function getAccessToken() : string {
return $this->accessToken;
}
public function getSelectedProfile() : string {
return $this->selectedProfile;
}
public function getServerId() : string {
return $this->serverId;
}
public function validate() : bool {
$validator = new RequiredValidator();
return $validator->validate($this->accessToken)
&& $validator->validate($this->selectedProfile)
&& $validator->validate($this->serverId);
}
}