NOISSUE introduce the concept of secrets static library

This commit is contained in:
Petr Mrázek 2021-08-27 22:35:17 +02:00
parent 34a5459dce
commit b2c1100b1c
10 changed files with 39 additions and 16 deletions

3
.gitignore vendored
View File

@ -30,3 +30,6 @@ tags
#OSX Stuff #OSX Stuff
.DS_Store .DS_Store
branding
secrets

View File

@ -90,8 +90,8 @@ set(MultiMC_DISCORD_URL "" CACHE STRING "URL for the Discord guild.")
# Subreddit URL # Subreddit URL
set(MultiMC_SUBREDDIT_URL "" CACHE STRING "URL for the subreddit.") set(MultiMC_SUBREDDIT_URL "" CACHE STRING "URL for the subreddit.")
# MSA Client ID
set(MultiMC_MSA_CLIENT_ID "" CACHE STRING "Client ID used for MSA authentication") option(MultiMC_EMBED_SECRETS "Determines whether to embed secrets. Secrets are separate and non-public." OFF)
#### Check the current Git commit and branch #### Check the current Git commit and branch
include(GetGitRevisionDescription) include(GetGitRevisionDescription)
@ -287,5 +287,9 @@ add_subdirectory(libraries/katabasis) # An OAuth2 library that tried to do too m
add_subdirectory(buildconfig) add_subdirectory(buildconfig)
if(MultiMC_EMBED_SECRETS)
add_subdirectory(secrets)
endif()
# NOTE: this must always be last to appease the CMake deity of quirky install command evaluation order. # NOTE: this must always be last to appease the CMake deity of quirky install command evaluation order.
add_subdirectory(launcher) add_subdirectory(launcher)

View File

@ -35,7 +35,6 @@ Config::Config()
PASTE_EE_KEY = "@MultiMC_PASTE_EE_API_KEY@"; PASTE_EE_KEY = "@MultiMC_PASTE_EE_API_KEY@";
IMGUR_CLIENT_ID = "@MultiMC_IMGUR_CLIENT_ID@"; IMGUR_CLIENT_ID = "@MultiMC_IMGUR_CLIENT_ID@";
META_URL = "@MultiMC_META_URL@"; META_URL = "@MultiMC_META_URL@";
MSA_CLIENT_ID = "@MultiMC_MSA_CLIENT_ID@";
BUG_TRACKER_URL = "@MultiMC_BUG_TRACKER_URL@"; BUG_TRACKER_URL = "@MultiMC_BUG_TRACKER_URL@";
DISCORD_URL = "@MultiMC_DISCORD_URL@"; DISCORD_URL = "@MultiMC_DISCORD_URL@";

View File

@ -75,11 +75,6 @@ public:
*/ */
QString META_URL; QString META_URL;
/**
* MSA client ID - registered with Azure / Microsoft, needs correct setup on MS side.
*/
QString MSA_CLIENT_ID;
QString BUG_TRACKER_URL; QString BUG_TRACKER_URL;
QString DISCORD_URL; QString DISCORD_URL;
QString SUBREDDIT_URL; QString SUBREDDIT_URL;

View File

@ -947,6 +947,10 @@ install(TARGETS MultiMC
RUNTIME DESTINATION ${BINARY_DEST_DIR} COMPONENT Runtime RUNTIME DESTINATION ${BINARY_DEST_DIR} COMPONENT Runtime
) )
if(MultiMC_EMBED_SECRETS)
target_link_libraries(MultiMC_logic secrets)
endif()
#### The MultiMC bundle mess! #### #### The MultiMC bundle mess! ####
# Bundle utilities are used to complete the portable packages - they add all the libraries that would otherwise be missing on the target system. # Bundle utilities are used to complete the portable packages - they add all the libraries that would otherwise be missing on the target system.
# NOTE: it seems that this absolutely has to be here, and nowhere else. # NOTE: it seems that this absolutely has to be here, and nowhere else.

View File

@ -171,9 +171,16 @@ void LaunchController::login() {
break; break;
} }
case AuthSession::RequiresOAuth: { case AuthSession::RequiresOAuth: {
// FIXME: add UI for expired / broken MS accounts auto errorString = tr("Microsoft account has expired and needs to be logged into manually again.");
QMessageBox::warning(
nullptr,
tr("Microsoft Account refresh failed"),
errorString,
QMessageBox::StandardButton::Ok,
QMessageBox::StandardButton::Ok
);
tryagain = false; tryagain = false;
emitFailed(tr("Microsoft account has expired and needs to be logged into again.")); emitFailed(errorString);
return; return;
} }
case AuthSession::PlayableOffline: { case AuthSession::PlayableOffline: {

View File

@ -245,7 +245,12 @@ void MinecraftAccount::authFailed(QString reason)
emit changed(); emit changed();
if (session) if (session)
{ {
session->status = AuthSession::RequiresPassword; if(data.type == AccountType::MSA) {
session->status = AuthSession::RequiresOAuth;
}
else {
session->status = AuthSession::RequiresPassword;
}
session->auth_server_online = true; session->auth_server_online = true;
fillSession(session); fillSession(session);
} }

View File

@ -17,7 +17,10 @@
#include "AuthContext.h" #include "AuthContext.h"
#include "katabasis/Globals.h" #include "katabasis/Globals.h"
#include "katabasis/Requestor.h" #include "katabasis/Requestor.h"
#include "BuildConfig.h"
#ifdef EMBED_SECRETS
#include "Secrets.h"
#endif
using OAuth2 = Katabasis::OAuth2; using OAuth2 = Katabasis::OAuth2;
using Requestor = Katabasis::Requestor; using Requestor = Katabasis::Requestor;
@ -49,12 +52,13 @@ void AuthContext::finishActivity() {
} }
void AuthContext::initMSA() { void AuthContext::initMSA() {
#ifdef EMBED_SECRETS
if(m_oauth2) { if(m_oauth2) {
return; return;
} }
Katabasis::OAuth2::Options opts; Katabasis::OAuth2::Options opts;
opts.scope = "XboxLive.signin offline_access"; opts.scope = "XboxLive.signin offline_access";
opts.clientIdentifier = BuildConfig.MSA_CLIENT_ID; opts.clientIdentifier = Secrets::getMSAClientID('-');
opts.authorizationUrl = "https://login.microsoftonline.com/consumers/oauth2/v2.0/devicecode"; opts.authorizationUrl = "https://login.microsoftonline.com/consumers/oauth2/v2.0/devicecode";
opts.accessTokenUrl = "https://login.microsoftonline.com/consumers/oauth2/v2.0/token"; opts.accessTokenUrl = "https://login.microsoftonline.com/consumers/oauth2/v2.0/token";
opts.listenerPorts = {28562, 28563, 28564, 28565, 28566}; opts.listenerPorts = {28562, 28563, 28564, 28565, 28566};
@ -66,6 +70,7 @@ void AuthContext::initMSA() {
connect(m_oauth2, &OAuth2::linkingSucceeded, this, &AuthContext::onOAuthLinkingSucceeded); connect(m_oauth2, &OAuth2::linkingSucceeded, this, &AuthContext::onOAuthLinkingSucceeded);
connect(m_oauth2, &OAuth2::showVerificationUriAndCode, this, &AuthContext::showVerificationUriAndCode); connect(m_oauth2, &OAuth2::showVerificationUriAndCode, this, &AuthContext::showVerificationUriAndCode);
connect(m_oauth2, &OAuth2::activityChanged, this, &AuthContext::onOAuthActivityChanged); connect(m_oauth2, &OAuth2::activityChanged, this, &AuthContext::onOAuthActivityChanged);
#endif
} }
void AuthContext::initMojang() { void AuthContext::initMojang() {

View File

@ -72,9 +72,9 @@ AccountListPage::AccountListPage(QWidget *parent)
// Xbox authentication won't work without a client identifier, so disable the button // Xbox authentication won't work without a client identifier, so disable the button
// if the build didn't specify one (GH-4012) // if the build didn't specify one (GH-4012)
if (BuildConfig.MSA_CLIENT_ID.isEmpty()) { #ifndef EMBED_SECRETS
ui->actionAddMicrosoft->setVisible(false); ui->actionAddMicrosoft->setVisible(false);
} #endif
} }
AccountListPage::~AccountListPage() AccountListPage::~AccountListPage()

View File

@ -570,6 +570,7 @@ void OAuth2::onRefreshFinished() {
emit refreshFinished(QNetworkReply::NoError); emit refreshFinished(QNetworkReply::NoError);
qDebug() << "New token expires in" << expires() << "seconds"; qDebug() << "New token expires in" << expires() << "seconds";
} else { } else {
emit linkingFailed();
qDebug() << "OAuth2::onRefreshFinished: Error" << (int)refreshReply->error() << refreshReply->errorString(); qDebug() << "OAuth2::onRefreshFinished: Error" << (int)refreshReply->error() << refreshReply->errorString();
} }
refreshReply->deleteLater(); refreshReply->deleteLater();