Commit Graph

795 Commits

Author SHA1 Message Date
ErickSkrauch
625250b367
Fixes #35. Make clientToken optional during legacy Minecraft auth flow 2024-11-24 10:25:22 +01:00
ErickSkrauch
d921616360
Allow secure headers from internal network for production deployment 2024-06-20 04:44:11 +02:00
Octol1ttle
4231f99717
Move new "usernames -> UUIDs" endpoint to the correct location (#33)
* change: test non-injector endpoints in non-injector tests

* fix: move new "usernames -> UUIDs" endpoint to the correct location
2024-06-17 14:02:01 +02:00
ErickSkrauch
0c110213f4
Remove minecraft_access_keys table and all related code 2024-06-14 05:42:35 +02:00
ErickSkrauch
2111e1769f
Introduce an API endpoint to obtain public keys, that can be used to verify access tokens on other services 2024-06-14 04:36:49 +02:00
ErickSkrauch
17109f8eb5
Remove unused HS256 signing algorithm 2024-06-14 03:21:00 +02:00
ErickSkrauch
0a666e1e12
Extract public key from private pem file at runtime 2024-06-14 03:03:10 +02:00
ErickSkrauch
ca304261a3
Fix malformed query params 2024-06-11 04:16:36 +02:00
ErickSkrauch
46c5a0f878
Fix condition 2024-06-11 04:06:56 +02:00
ErickSkrauch
345bc80d05
Added support of the onUnknownProfileRespondWithUuid when calling Chrly endpoint 2024-06-11 03:50:10 +02:00
ErickSkrauch
16877d502d
Drop usage of goaop, replace implementation with events 2023-11-20 04:39:13 +01:00
ErickSkrauch
2bc83f39cf
Fix CS 2023-11-20 02:16:44 +01:00
Octol1ttle
574d03d02f
Add a redirect for new Usernames to UUIDs endpoint (#29)
* fix: add redirect for new "Usernames to UUIDs" endpoint location

"As of 23w42a, the endpoint moved to: 'POST https://sessionserver.mojang.com/session/minecraft/profile/lookup/bulk/byname'
"
https://wiki.vg/Mojang_API#Usernames_to_UUIDs

* add a redirect for authlib-injector too

Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>

* revert: .gitignore

Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>

* tests: pass new URL to existing tests

Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>

* review: address requested changes

Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>

* style: add type hints to MinecraftProfilesCest functions too

Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>

---------

Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
2023-11-20 01:36:39 +01:00
ErickSkrauch
667f582b3e
Merge pull request #31 from Octol1ttle/fix-wrong-join-response
Add missing response checks in SessionServerSteps tests
2023-11-17 14:47:25 +01:00
Octol1ttle
88ff766054
fix: add missing response checks in SessionServerSteps tests
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
2023-11-17 14:20:32 +05:00
ErickSkrauch
7d4e0f246c
Fixes #30. Upgrade MariaDB base image 2023-11-16 20:43:43 +01:00
ErickSkrauch
d2d4045e61
Fix tests for authlib-injector endpoints 2023-11-16 20:25:52 +01:00
ErickSkrauch
47463d7435
Fix sessionserver/join endpoint: return empty response with 204 status code on success join 2023-11-16 20:21:26 +01:00
ErickSkrauch
984c6e7682
Fix slash email test 2023-10-15 06:54:35 +02:00
ErickSkrauch
b3d1f75cc0
Introduce validation for emails starting with slash 2023-10-15 06:53:17 +02:00
ErickSkrauch
e738bce717
Send Sentry error synchronously 2023-10-15 06:17:20 +02:00
ErickSkrauch
b98649070d
Enable better logging for queue 2023-10-15 04:09:09 +02:00
ErickSkrauch
a1eb5f3be6
Fixes ACCOUNTS-6A. Force value to string for client token validation 2023-05-26 18:48:15 +02:00
ErickSkrauch
99c983c3ea
Fixes #16. Correctly wrap Yii2's request into the PSR's ServerRequest object 2022-12-10 03:57:43 +01:00
ErickSkrauch
262bdbc08e
Fixes #17. Simplify redirect_uri validation rules to allow localhost 2022-12-10 02:51:47 +01:00
ErickSkrauch
9c39e97640
Merge pull request #21 from elyby/iss_20_minecraftservices_profile
MinecraftServices Profile info API endpoint
2022-12-10 00:16:40 +01:00
ErickSkrauch
97fe22d598
Upgrade docker version for build 2022-12-05 23:12:09 +01:00
ErickSkrauch
b113beb78e
Fixes #27. Serialize empty textures as an object 2022-12-05 22:50:22 +01:00
ErickSkrauch
26b2168ae3
Upgrade PHP to the latest version 2022-12-05 22:44:00 +01:00
ErickSkrauch
f4fa5ad2df
Add additional tests cases, implemented custom error formatter 2022-01-28 12:38:00 +01:00
ErickSkrauch
9593d1e809
Fix tests according to the latest permissions change [deploy dev] 2022-01-24 12:07:12 +01:00
ErickSkrauch
c34a2db063
Add account_info permission to tokens obtained via legacy authserver API [deploy dev] 2022-01-24 12:01:11 +01:00
ErickSkrauch
2bb465d867
Fix build pipeline [deploy dev] 2022-01-21 21:11:45 +01:00
ErickSkrauch
31febd5606
#20 Quick implementation of the https://api.minecraftservices.com/minecraft/profile endpoint [deploy dev] 2022-01-21 21:09:46 +01:00
ErickSkrauch
5b8be60867
Start looking for the ghost case of the empty signature 2021-08-16 15:16:46 +02:00
ErickSkrauch
f69ebf8221
Add types to the ApiController 2021-06-13 21:28:13 +02:00
ErickSkrauch
202099bf84
Implemented missing endpoint for the authlib injector 2021-06-13 21:21:25 +02:00
ErickSkrauch
e6b6f3f169
Allow users to manually decline auth request even when an application was authenticated before 2021-03-29 04:51:37 +02:00
ErickSkrauch
65284727ba
Update dist docker-compose configuration [skip ci] 2021-03-28 03:00:26 +02:00
ErickSkrauch
7a80c44cab
Alternative implementation of passing totp to the legacy Minecraft authorization protocol to not break the yggdrasil's protocol [deploy] 2021-03-08 22:21:10 +01:00
ErickSkrauch
9a3534ea2b
Add totp field for Minecraft auth protocol to login into accounts, protected with 2FA [deploy] 2021-03-08 11:26:47 +01:00
ErickSkrauch
125caa7e4e
Remove user from crontab [deploy] 2021-03-08 09:53:53 +01:00
ErickSkrauch
1aed8f59cb
Return user field when requestUser param received on authentication/refresh endpoint [deploy] 2021-03-06 10:37:58 +01:00
ErickSkrauch
077db4f328 Remove authserver module restriction [deploy] 2021-03-05 16:07:55 +01:00
ErickSkrauch
5dc140da15 Fixes ACCOUNTS-13, ACCOUNTS-3F. Remove warnings for the cases which are actually happens 2021-03-04 11:18:04 +01:00
ErickSkrauch
daebb66266 Fix di service configuration 2021-03-04 07:58:44 +01:00
ErickSkrauch
6469f6bd68 Merge branch 'authlib_injector' 2021-03-04 07:13:47 +01:00
ErickSkrauch
bd168808b2 Make Chrly's domain configurable 2021-03-04 05:58:07 +01:00
ErickSkrauch
163bbe68a2 Add a special header for authlib-injector for / path 2021-03-03 16:22:35 +01:00
ErickSkrauch
4856695940 Resolves #2. Implemented authlib-injector support 2021-03-03 15:04:42 +01:00