feat(microsoft): WIP: use device code grant flow instead.

2021-10-23 00:01:55 +08:00
parent 843b29eff0
commit 5a9e8683e4
12 changed files with 456 additions and 198 deletions
--- a/HMCL/src/main/java/org/jackhuang/hmcl/game/MicrosoftAuthenticationServer.java
+++ b/HMCL/src/main/java/org/jackhuang/hmcl/game/MicrosoftAuthenticationServer.java
@@ -19,7 +19,9 @@ package org.jackhuang.hmcl.game;

 import fi.iki.elonen.NanoHTTPD;
 import org.jackhuang.hmcl.auth.AuthenticationException;
-import org.jackhuang.hmcl.auth.microsoft.MicrosoftService;
+import org.jackhuang.hmcl.auth.OAuth;
+import org.jackhuang.hmcl.event.Event;
+import org.jackhuang.hmcl.event.EventManager;
 import org.jackhuang.hmcl.ui.FXUtils;
 import org.jackhuang.hmcl.util.Logging;
 import org.jackhuang.hmcl.util.StringUtils;
@@ -39,7 +41,7 @@ import static org.jackhuang.hmcl.util.Lang.mapOf;
 import static org.jackhuang.hmcl.util.Lang.thread;
 import static org.jackhuang.hmcl.util.i18n.I18n.i18n;

-public final class MicrosoftAuthenticationServer extends NanoHTTPD implements MicrosoftService.OAuthSession {
+public final class OAuthServer extends NanoHTTPD implements OAuth.Session {
    private final int port;
    private final CompletableFuture<String> future = new CompletableFuture<>();

@@ -47,7 +49,7 @@ public final class MicrosoftAuthenticationServer extends NanoHTTPD implements Mi

    private String idToken;

-    private MicrosoftAuthenticationServer(int port) {
+    private OAuthServer(int port) {
        super(port);

        this.port = port;
@@ -102,7 +104,7 @@ public final class MicrosoftAuthenticationServer extends NanoHTTPD implements Mi

        String html;
        try {
-            html = IOUtils.readFullyAsString(MicrosoftAuthenticationServer.class.getResourceAsStream("/assets/microsoft_auth.html"), StandardCharsets.UTF_8)
+            html = IOUtils.readFullyAsString(OAuthServer.class.getResourceAsStream("/assets/microsoft_auth.html"), StandardCharsets.UTF_8)
                    .replace("%close-page%", i18n("account.methods.microsoft.close_page"));
        } catch (IOException e) {
            Logging.LOG.log(Level.SEVERE, "Failed to load html");
@@ -119,10 +121,12 @@ public final class MicrosoftAuthenticationServer extends NanoHTTPD implements Mi
        return newFixedLengthResponse(Response.Status.OK, "text/html; charset=UTF-8", html);
    }

-    public static class Factory implements MicrosoftService.OAuthCallback {
+    public static class Factory implements OAuth.Callback {
+        public final EventManager<GrantDeviceCodeEvent> onGrantDeviceCode = new EventManager<>();
+        public final EventManager<OpenBrowserEvent> onOpenBrowser = new EventManager<>();

        @Override
-        public MicrosoftService.OAuthSession startServer() throws IOException, AuthenticationException {
+        public OAuth.Session startServer() throws IOException, AuthenticationException {
            if (StringUtils.isBlank(getClientId())) {
                throw new MicrosoftAuthenticationNotSupportedException();
            }
@@ -130,7 +134,7 @@ public final class MicrosoftAuthenticationServer extends NanoHTTPD implements Mi
            IOException exception = null;
            for (int port : new int[]{29111, 29112, 29113, 29114, 29115}) {
                try {
-                    MicrosoftAuthenticationServer server = new MicrosoftAuthenticationServer(port);
+                    OAuthServer server = new OAuthServer(port);
                    server.start(NanoHTTPD.SOCKET_READ_TIMEOUT, true);
                    return server;
                } catch (IOException e) {
@@ -140,10 +144,17 @@ public final class MicrosoftAuthenticationServer extends NanoHTTPD implements Mi
            throw exception;
        }

+        @Override
+        public void grantDeviceCode(String userCode, String verificationURI) {
+            onGrantDeviceCode.fireEvent(new GrantDeviceCodeEvent(this, userCode, verificationURI));
+        }
+
        @Override
        public void openBrowser(String url) throws IOException {
            lastlyOpenedURL = url;
            FXUtils.openLink(url);
+
+            onOpenBrowser.fireEvent(new OpenBrowserEvent(this, url));
        }

        @Override
@@ -160,6 +171,38 @@ public final class MicrosoftAuthenticationServer extends NanoHTTPD implements Mi

    }

+    public static class GrantDeviceCodeEvent extends Event {
+        private final String userCode;
+        private final String verificationUri;
+
+        public GrantDeviceCodeEvent(Object source, String userCode, String verificationUri) {
+            super(source);
+            this.userCode = userCode;
+            this.verificationUri = verificationUri;
+        }
+
+        public String getUserCode() {
+            return userCode;
+        }
+
+        public String getVerificationUri() {
+            return verificationUri;
+        }
+    }
+
+    public static class OpenBrowserEvent extends Event {
+        private final String url;
+
+        public OpenBrowserEvent(Object source, String url) {
+            super(source);
+            this.url = url;
+        }
+
+        public String getUrl() {
+            return url;
+        }
+    }
+
    public static class MicrosoftAuthenticationNotSupportedException extends AuthenticationException {
    }
 }
--- a/HMCL/src/main/java/org/jackhuang/hmcl/setting/Accounts.java
+++ b/HMCL/src/main/java/org/jackhuang/hmcl/setting/Accounts.java
@@ -34,7 +34,7 @@ import org.jackhuang.hmcl.auth.offline.OfflineAccountFactory;
 import org.jackhuang.hmcl.auth.yggdrasil.RemoteAuthenticationException;
 import org.jackhuang.hmcl.auth.yggdrasil.YggdrasilAccount;
 import org.jackhuang.hmcl.auth.yggdrasil.YggdrasilAccountFactory;
-import org.jackhuang.hmcl.game.MicrosoftAuthenticationServer;
+import org.jackhuang.hmcl.game.OAuthServer;
 import org.jackhuang.hmcl.task.Schedulers;
 import org.jackhuang.hmcl.util.skin.InvalidSkinException;

@@ -75,12 +75,12 @@ public final class Accounts {
        }
    }

-    public static final MicrosoftService.OAuthCallback MICROSOFT_OAUTH_CALLBACK = new MicrosoftAuthenticationServer.Factory();
+    public static final OAuthServer.Factory OAUTH_CALLBACK = new OAuthServer.Factory();

    public static final OfflineAccountFactory FACTORY_OFFLINE = new OfflineAccountFactory(AUTHLIB_INJECTOR_DOWNLOADER);
    public static final YggdrasilAccountFactory FACTORY_MOJANG = YggdrasilAccountFactory.MOJANG;
    public static final AuthlibInjectorAccountFactory FACTORY_AUTHLIB_INJECTOR = new AuthlibInjectorAccountFactory(AUTHLIB_INJECTOR_DOWNLOADER, Accounts::getOrCreateAuthlibInjectorServer);
-    public static final MicrosoftAccountFactory FACTORY_MICROSOFT = new MicrosoftAccountFactory(new MicrosoftService(MICROSOFT_OAUTH_CALLBACK));
+    public static final MicrosoftAccountFactory FACTORY_MICROSOFT = new MicrosoftAccountFactory(new MicrosoftService(OAUTH_CALLBACK));
    public static final List<AccountFactory<?>> FACTORIES = immutableListOf(FACTORY_OFFLINE, FACTORY_MOJANG, FACTORY_MICROSOFT, FACTORY_AUTHLIB_INJECTOR);

    // ==== login type / account factory mapping ====
@@ -374,7 +374,7 @@ public final class Accounts {
            return i18n("account.methods.microsoft.error.no_character");
        } else if (exception instanceof MicrosoftService.NoXuiException) {
            return i18n("account.methods.microsoft.error.add_family_probably");
-        } else if (exception instanceof MicrosoftAuthenticationServer.MicrosoftAuthenticationNotSupportedException) {
+        } else if (exception instanceof OAuthServer.MicrosoftAuthenticationNotSupportedException) {
            return i18n("account.methods.microsoft.snapshot");
        } else if (exception instanceof OAuthAccount.WrongAccountException) {
            return i18n("account.failed.wrong_account");
--- a/HMCL/src/main/java/org/jackhuang/hmcl/setting/HMCLAccounts.java
+++ b/HMCL/src/main/java/org/jackhuang/hmcl/setting/HMCLAccounts.java
@@ -20,7 +20,7 @@ package org.jackhuang.hmcl.setting;
 import com.google.gson.annotations.SerializedName;
 import javafx.beans.property.ObjectProperty;
 import javafx.beans.property.SimpleObjectProperty;
-import org.jackhuang.hmcl.auth.microsoft.MicrosoftService;
+import org.jackhuang.hmcl.auth.OAuth;
 import org.jackhuang.hmcl.task.Schedulers;
 import org.jackhuang.hmcl.task.Task;
 import org.jackhuang.hmcl.util.gson.JsonUtils;
@@ -57,11 +57,11 @@ public final class HMCLAccounts {
        String scope = "openid offline_access";

        return Task.supplyAsync(() -> {
-            MicrosoftService.OAuthSession session = Accounts.MICROSOFT_OAUTH_CALLBACK.startServer();
-            Accounts.MICROSOFT_OAUTH_CALLBACK.openBrowser(NetworkUtils.withQuery(
+            OAuth.Session session = Accounts.OAUTH_CALLBACK.startServer();
+            Accounts.OAUTH_CALLBACK.openBrowser(NetworkUtils.withQuery(
                    "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
                    mapOf(
-                            pair("client_id", Accounts.MICROSOFT_OAUTH_CALLBACK.getClientId()),
+                            pair("client_id", Accounts.OAUTH_CALLBACK.getClientId()),
                            pair("response_type", "id_token code"),
                            pair("response_mode", "form_post"),
                            pair("scope", scope),
@@ -72,12 +72,12 @@ public final class HMCLAccounts {

            // Authorization Code -> Token
            String responseText = HttpRequest.POST("https://login.microsoftonline.com/common/oauth2/v2.0/token")
-                    .form(mapOf(pair("client_id", Accounts.MICROSOFT_OAUTH_CALLBACK.getClientId()), pair("code", code),
-                            pair("grant_type", "authorization_code"), pair("client_secret", Accounts.MICROSOFT_OAUTH_CALLBACK.getClientSecret()),
+                    .form(mapOf(pair("client_id", Accounts.OAUTH_CALLBACK.getClientId()), pair("code", code),
+                            pair("grant_type", "authorization_code"), pair("client_secret", Accounts.OAUTH_CALLBACK.getClientSecret()),
                            pair("redirect_uri", session.getRedirectURI()), pair("scope", scope)))
                    .getString();
-            MicrosoftService.LiveAuthorizationResponse response = JsonUtils.fromNonNullJson(responseText,
-                    MicrosoftService.LiveAuthorizationResponse.class);
+            OAuth.AuthorizationResponse response = JsonUtils.fromNonNullJson(responseText,
+                    OAuth.AuthorizationResponse.class);

            HMCLAccountProfile profile = HttpRequest.GET("https://hmcl.huangyuhui.net/api/user")
                    .header("Token-Type", response.tokenType)
--- a/HMCL/src/main/java/org/jackhuang/hmcl/ui/account/CreateAccountPane.java
+++ b/HMCL/src/main/java/org/jackhuang/hmcl/ui/account/CreateAccountPane.java
@@ -43,7 +43,7 @@ import org.jackhuang.hmcl.auth.offline.OfflineAccountFactory;
 import org.jackhuang.hmcl.auth.yggdrasil.GameProfile;
 import org.jackhuang.hmcl.auth.yggdrasil.YggdrasilAccountFactory;
 import org.jackhuang.hmcl.auth.yggdrasil.YggdrasilService;
-import org.jackhuang.hmcl.game.MicrosoftAuthenticationServer;
+import org.jackhuang.hmcl.game.OAuthServer;
 import org.jackhuang.hmcl.game.TexturesLoader;
 import org.jackhuang.hmcl.setting.Accounts;
 import org.jackhuang.hmcl.setting.Theme;
@@ -267,8 +267,8 @@ public class CreateAccountPane extends JFXDialogLayout implements DialogAware {
                            ? i18n("account.methods.microsoft.manual")
                            : i18n("account.methods.microsoft.hint")));
            hintPane.setOnMouseClicked(e -> {
-                if (logging.get() && MicrosoftAuthenticationServer.lastlyOpenedURL != null) {
-                    FXUtils.copyText(MicrosoftAuthenticationServer.lastlyOpenedURL);
+                if (logging.get() && OAuthServer.lastlyOpenedURL != null) {
+                    FXUtils.copyText(OAuthServer.lastlyOpenedURL);
                }
            });

--- a/HMCL/src/main/java/org/jackhuang/hmcl/ui/account/OAuthAccountLoginDialog.java
+++ b/HMCL/src/main/java/org/jackhuang/hmcl/ui/account/OAuthAccountLoginDialog.java
@@ -1,7 +1,7 @@
 package org.jackhuang.hmcl.ui.account;

-import javafx.beans.property.BooleanProperty;
-import javafx.beans.property.SimpleBooleanProperty;
+import javafx.beans.property.ObjectProperty;
+import javafx.beans.property.SimpleObjectProperty;
 import javafx.scene.control.Label;
 import javafx.scene.layout.GridPane;
 import javafx.scene.layout.HBox;
@@ -9,11 +9,12 @@ import javafx.scene.layout.VBox;
 import org.jackhuang.hmcl.auth.AuthInfo;
 import org.jackhuang.hmcl.auth.OAuthAccount;
 import org.jackhuang.hmcl.auth.yggdrasil.YggdrasilService;
-import org.jackhuang.hmcl.game.MicrosoftAuthenticationServer;
+import org.jackhuang.hmcl.game.OAuthServer;
 import org.jackhuang.hmcl.setting.Accounts;
 import org.jackhuang.hmcl.task.Schedulers;
 import org.jackhuang.hmcl.task.Task;
 import org.jackhuang.hmcl.ui.FXUtils;
+import org.jackhuang.hmcl.ui.WeakListenerHolder;
 import org.jackhuang.hmcl.ui.construct.*;
 import org.jackhuang.hmcl.util.javafx.BindingMapping;

@@ -27,7 +28,9 @@ public class OAuthAccountLoginDialog extends DialogPane {
    private final OAuthAccount account;
    private final Consumer<AuthInfo> success;
    private final Runnable failed;
-    private final BooleanProperty logging = new SimpleBooleanProperty();
+    private final ObjectProperty<OAuthServer.GrantDeviceCodeEvent> deviceCode = new SimpleObjectProperty<>();
+
+    private final WeakListenerHolder holder = new WeakListenerHolder();

    public OAuthAccountLoginDialog(OAuthAccount account, Consumer<AuthInfo> success, Runnable failed) {
        this.account = account;
@@ -40,13 +43,13 @@ public class OAuthAccountLoginDialog extends DialogPane {
        Label usernameLabel = new Label(account.getUsername());

        HintPane hintPane = new HintPane(MessageDialogPane.MessageType.INFO);
-        hintPane.textProperty().bind(BindingMapping.of(logging).map(logging ->
-                logging
-                        ? i18n("account.methods.microsoft.manual")
+        hintPane.textProperty().bind(BindingMapping.of(deviceCode).map(deviceCode ->
+                deviceCode != null
+                        ? i18n("account.methods.microsoft.manual", deviceCode.getUserCode())
                        : i18n("account.methods.microsoft.hint")));
        hintPane.setOnMouseClicked(e -> {
-            if (logging.get() && MicrosoftAuthenticationServer.lastlyOpenedURL != null) {
-                FXUtils.copyText(MicrosoftAuthenticationServer.lastlyOpenedURL);
+            if (deviceCode.get() != null) {
+                FXUtils.copyText(deviceCode.get().getVerificationUri());
            }
        });

@@ -62,15 +65,19 @@ public class OAuthAccountLoginDialog extends DialogPane {

        vbox.getChildren().setAll(usernameLabel, hintPane, box);
        setBody(vbox);
+
+        holder.add(Accounts.OAUTH_CALLBACK.onGrantDeviceCode.registerWeak(this::onGrantDeviceCode));
+    }
+
+    private void onGrantDeviceCode(OAuthServer.GrantDeviceCodeEvent event) {
+        deviceCode.set(event);
    }

    @Override
    protected void onAccept() {
        setLoading();
-        logging.set(true);
        Task.supplyAsync(account::logInWhenCredentialsExpired)
                .whenComplete(Schedulers.javafx(), (authInfo, exception) -> {
-                    logging.set(false);
                    if (exception == null) {
                        success.accept(authInfo);
                        onSuccess();
--- a/HMCL/src/main/java/org/jackhuang/hmcl/ui/main/FeedbackPage.java
+++ b/HMCL/src/main/java/org/jackhuang/hmcl/ui/main/FeedbackPage.java
@@ -31,7 +31,7 @@ import javafx.geometry.Pos;
 import javafx.scene.control.Label;
 import javafx.scene.layout.*;
 import org.jackhuang.hmcl.Metadata;
-import org.jackhuang.hmcl.game.MicrosoftAuthenticationServer;
+import org.jackhuang.hmcl.game.OAuthServer;
 import org.jackhuang.hmcl.setting.Accounts;
 import org.jackhuang.hmcl.setting.HMCLAccounts;
 import org.jackhuang.hmcl.setting.Theme;
@@ -246,8 +246,8 @@ public class FeedbackPage extends VBox implements PageAware {
                            ? i18n("account.methods.microsoft.manual")
                            : i18n("account.methods.microsoft.hint")));
            hintPane.setOnMouseClicked(e -> {
-                if (logging.get() && MicrosoftAuthenticationServer.lastlyOpenedURL != null) {
-                    FXUtils.copyText(MicrosoftAuthenticationServer.lastlyOpenedURL);
+                if (logging.get() && OAuthServer.lastlyOpenedURL != null) {
+                    FXUtils.copyText(OAuthServer.lastlyOpenedURL);
                }
            });
            vbox.getChildren().setAll(hintPane);
--- a/HMCL/src/main/resources/assets/lang/I18N.properties
+++ b/HMCL/src/main/resources/assets/lang/I18N.properties
@@ -96,8 +96,8 @@ account.methods.microsoft.error.missing_xbox_account=Your Microsoft account is n
 account.methods.microsoft.error.no_character=Account is missing a Minecraft Java profile. While the Microsoft account is valid, it does not own the game.
 account.methods.microsoft.error.unknown=Failed to log in. Microsoft respond with error code %d.
 account.methods.microsoft.logging_in=Logging in...
-account.methods.microsoft.hint=You should click "login" button and continue login process in newly opened browser window.
-account.methods.microsoft.manual=After clicking "login" button, you should finish authorization in the newly opened browser window. If the browser window failed to show, you can click here to copy the URL, and manually open it in your browser.
+account.methods.microsoft.hint=You should click "login" button, paste the device code shown here later and continue login process in newly opened browser window.
+account.methods.microsoft.manual=Your device code is <b>%s</b>. After clicking "login" button, you should finish authorization in the newly opened browser window. If the browser window failed to show, you can click here to copy the URL, and manually open it in your browser.
 account.methods.microsoft.profile=Account Profile... 
 account.methods.microsoft.snapshot=HMCL Snapshot version does not support Microsoft login.
 account.methods.microsoft.waiting_browser=Waiting for authorization in opened browser window...
--- a/HMCL/src/main/resources/assets/lang/I18N_zh.properties
+++ b/HMCL/src/main/resources/assets/lang/I18N_zh.properties
@@ -96,8 +96,8 @@ account.methods.microsoft.error.missing_xbox_account=你的微軟帳號尚未關
 account.methods.microsoft.error.no_character=該帳號沒有包含 Minecraft Java 版購買記錄
 account.methods.microsoft.error.unknown=登入失敗，錯誤碼：%d
 account.methods.microsoft.logging_in=登入中...
-account.methods.microsoft.hint=您需要點擊登入按鈕，並在新打開的瀏覽器窗口中完成登入。
-account.methods.microsoft.manual=若登入頁面未能打開，您可以點擊此處複製連結，並手動在瀏覽器中打開網頁。
+account.methods.microsoft.hint=您需要點擊登錄按鈕，並在新打開的瀏覽器窗口中完成登錄，並輸入待會在此處顯示的設備代碼。
+account.methods.microsoft.manual=設備代碼為：<b>%s</b>。若登錄頁面未能打開，您可以點擊此處複製連結，並手動在瀏覽器中打開網頁。
 account.methods.microsoft.profile=帳戶設置頁
 account.methods.microsoft.snapshot=HMCL 快照版不支持微软登录
 account.methods.microsoft.waiting_browser=等待在新打開的瀏覽器窗口中完成登入...
--- a/HMCL/src/main/resources/assets/lang/I18N_zh_CN.properties
+++ b/HMCL/src/main/resources/assets/lang/I18N_zh_CN.properties
@@ -96,8 +96,8 @@ account.methods.microsoft.error.missing_xbox_account=你的微软帐户尚未关
 account.methods.microsoft.error.no_character=该帐户没有包含 Minecraft Java 版购买记录
 account.methods.microsoft.error.unknown=登录失败，错误码：%d
 account.methods.microsoft.logging_in=登录中...
-account.methods.microsoft.hint=您需要点击登录按钮，并在新打开的浏览器窗口中完成登录。
-account.methods.microsoft.manual=若登录页面未能打开，您可以点击此处复制链接，并手动在浏览器中打开网页。
+account.methods.microsoft.hint=您需要点击登录按钮，并在新打开的浏览器窗口中完成登录，并输入待会在此处显示的设备代码。
+account.methods.microsoft.manual=设备代码为：<b>%s</b>。若登录页面未能打开，您可以点击此处复制链接，并手动在浏览器中打开网页。
 account.methods.microsoft.profile=帐户设置页
 account.methods.microsoft.snapshot=HMCL 快照版不支持微软登录
 account.methods.microsoft.waiting_browser=等待在新打开的浏览器窗口中完成登录...