From 878c4fb8103bc866e5368fbb7287e94cca190dff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Mr=C3=A1zek?= Date: Sun, 5 Sep 2021 18:23:49 +0200 Subject: [PATCH] NOISSUE Provide dummy implementation for the secrets library --- CMakeLists.txt | 3 ++ launcher/CMakeLists.txt | 4 +- launcher/minecraft/auth/flows/AuthContext.cpp | 12 +++--- launcher/pages/global/AccountListPage.cpp | 9 ++-- notsecrets/CMakeLists.txt | 4 ++ notsecrets/Secrets.cpp | 42 +++++++++++++++++++ notsecrets/Secrets.h | 8 ++++ 7 files changed, 69 insertions(+), 13 deletions(-) create mode 100644 notsecrets/CMakeLists.txt create mode 100644 notsecrets/Secrets.cpp create mode 100644 notsecrets/Secrets.h diff --git a/CMakeLists.txt b/CMakeLists.txt index 84c4a180..9356f326 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -289,7 +289,10 @@ add_subdirectory(buildconfig) if(MultiMC_EMBED_SECRETS) add_subdirectory(secrets) +else() + add_subdirectory(notsecrets) endif() + # NOTE: this must always be last to appease the CMake deity of quirky install command evaluation order. add_subdirectory(launcher) diff --git a/launcher/CMakeLists.txt b/launcher/CMakeLists.txt index 7241b89d..c29ee3e1 100644 --- a/launcher/CMakeLists.txt +++ b/launcher/CMakeLists.txt @@ -949,9 +949,7 @@ install(TARGETS MultiMC RUNTIME DESTINATION ${BINARY_DEST_DIR} COMPONENT Runtime ) -if(MultiMC_EMBED_SECRETS) - target_link_libraries(MultiMC_logic secrets) -endif() +target_link_libraries(MultiMC_logic secrets) #### The MultiMC bundle mess! #### # Bundle utilities are used to complete the portable packages - they add all the libraries that would otherwise be missing on the target system. diff --git a/launcher/minecraft/auth/flows/AuthContext.cpp b/launcher/minecraft/auth/flows/AuthContext.cpp index 776f45fe..b4db6c2d 100644 --- a/launcher/minecraft/auth/flows/AuthContext.cpp +++ b/launcher/minecraft/auth/flows/AuthContext.cpp @@ -18,9 +18,7 @@ #include "katabasis/Globals.h" #include "AuthRequest.h" -#ifdef EMBED_SECRETS #include "Secrets.h" -#endif #include "Env.h" @@ -53,13 +51,18 @@ void AuthContext::finishActivity() { } void AuthContext::initMSA() { -#ifdef EMBED_SECRETS if(m_oauth2) { return; } + + auto clientId = Secrets::getMSAClientID('-'); + if(clientId.isEmpty()) { + return; + } + Katabasis::OAuth2::Options opts; opts.scope = "XboxLive.signin offline_access"; - opts.clientIdentifier = Secrets::getMSAClientID('-'); + opts.clientIdentifier = clientId; opts.authorizationUrl = "https://login.microsoftonline.com/consumers/oauth2/v2.0/devicecode"; opts.accessTokenUrl = "https://login.microsoftonline.com/consumers/oauth2/v2.0/token"; opts.listenerPorts = {28562, 28563, 28564, 28565, 28566}; @@ -71,7 +74,6 @@ void AuthContext::initMSA() { connect(m_oauth2, &OAuth2::linkingSucceeded, this, &AuthContext::onOAuthLinkingSucceeded); connect(m_oauth2, &OAuth2::showVerificationUriAndCode, this, &AuthContext::showVerificationUriAndCode); connect(m_oauth2, &OAuth2::activityChanged, this, &AuthContext::onOAuthActivityChanged); -#endif } void AuthContext::initMojang() { diff --git a/launcher/pages/global/AccountListPage.cpp b/launcher/pages/global/AccountListPage.cpp index 6bb07b22..f52fa834 100644 --- a/launcher/pages/global/AccountListPage.cpp +++ b/launcher/pages/global/AccountListPage.cpp @@ -37,6 +37,8 @@ #include "BuildConfig.h" #include +#include "Secrets.h" + AccountListPage::AccountListPage(QWidget *parent) : QMainWindow(parent), ui(new Ui::AccountListPage) { @@ -70,11 +72,8 @@ AccountListPage::AccountListPage(QWidget *parent) updateButtonStates(); - // Xbox authentication won't work without a client identifier, so disable the button - // if the build didn't specify one (GH-4012) -#ifndef EMBED_SECRETS - ui->actionAddMicrosoft->setVisible(false); -#endif + // Xbox authentication won't work without a client identifier, so disable the button if it is missing + ui->actionAddMicrosoft->setVisible(Secrets::hasMSAClientID()); } AccountListPage::~AccountListPage() diff --git a/notsecrets/CMakeLists.txt b/notsecrets/CMakeLists.txt new file mode 100644 index 00000000..f27aeb70 --- /dev/null +++ b/notsecrets/CMakeLists.txt @@ -0,0 +1,4 @@ +add_library(secrets STATIC Secrets.cpp Secrets.h) +target_link_libraries(secrets Qt5::Core) +target_compile_definitions(secrets PUBLIC -DEMBED_SECRETS) +target_include_directories(secrets PUBLIC .) diff --git a/notsecrets/Secrets.cpp b/notsecrets/Secrets.cpp new file mode 100644 index 00000000..88995635 --- /dev/null +++ b/notsecrets/Secrets.cpp @@ -0,0 +1,42 @@ +#include "Secrets.h" + +#include +#include + +namespace { + +/* + * This is the MSA client ID. It is confidential and should not be reused. + * You can obtain one for yourself by using azure app registration: + * https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app + * + * The app registration should: + * - Be only for personal accounts. + * - Not have any redirect URI. + * - Not have any platform. + * - Have no credentials. + * - No certificates. + * - No client secrets. + * - Enable 'Live SDK support' for access to XBox APIs. + * - Enable 'public client flows' for OAuth2 device flow. + * + * By putting one in here, you accept the terms and conditions for using the MS Identity Plaform and assume all responsibilities associated with it. + * See: https://docs.microsoft.com/en-us/legal/microsoft-identity-platform/terms-of-use + * + * Above all else, do not impersonate other applications! This includes the Mojang Launcher and MultiMC - your builds are *NOT* MultiMC. + * + * If you intend to base your own launcher on this code, take care and customize this to obfuscate the client ID, so it cannot be trivially found by casual attackers. + */ + +QString MSAClientID = ""; +} + +namespace Secrets { +bool hasMSAClientID() { + return !MSAClientID.isEmpty(); +} + +QString getMSAClientID(uint8_t separator) { + return MSAClientID; +} +} diff --git a/notsecrets/Secrets.h b/notsecrets/Secrets.h new file mode 100644 index 00000000..6872b68e --- /dev/null +++ b/notsecrets/Secrets.h @@ -0,0 +1,8 @@ +#pragma once +#include +#include + +namespace Secrets { +bool hasMSAClientID(); +QString getMSAClientID(uint8_t separator); +}