Merge pull request #359 from yushijinhun/fixes

Fix bugs with yggdrasil authentication.

HMCL/src/main/java/org/jackhuang/hmcl/game/LauncherHelper.java

@@ -22,6 +22,7 @@ import org.jackhuang.hmcl.Launcher;
 import org.jackhuang.hmcl.auth.Account;
 import org.jackhuang.hmcl.auth.AuthInfo;
 import org.jackhuang.hmcl.auth.AuthenticationException;
+import org.jackhuang.hmcl.auth.CredentialExpiredException;
 import org.jackhuang.hmcl.auth.ServerDisconnectException;
 import org.jackhuang.hmcl.download.DefaultDependencyManager;
 import org.jackhuang.hmcl.download.MaintainTask;
@@ -106,14 +107,12 @@ public final class LauncherHelper {
                 .then(Task.of(Schedulers.javafx(), () -> emitStatus(LoadingState.LOGGING_IN)))
                 .then(Task.of(Launcher.i18n("account.methods"), variables -> {
                     try {
-                        try {
+                        variables.set("account", account.logIn());
-                            variables.set("account", account.logIn());
+                    } catch (CredentialExpiredException e) {
-                        } catch (ServerDisconnectException e) {
-                            variables.set("account",
-                                    account.playOffline().orElseThrow(() -> e));
-                        }
-                    } catch (AuthenticationException e) {
                         variables.set("account", DialogController.logIn(account));
+                    } catch (AuthenticationException e) {
+                        variables.set("account",
+                                account.playOffline().orElseThrow(() -> e));
                     }
                 }))
                 .then(Task.of(Schedulers.javafx(), () -> emitStatus(LoadingState.LAUNCHING)))

HMCLCore/src/main/java/org/jackhuang/hmcl/auth/Account.java

@@ -47,10 +47,9 @@ public abstract class Account {
     /**
      * Login with stored credentials.
      *
-     * @throws ServerDisconnectException if an network error has occurred, in which case password login won't be tried.
+     * @throws CredentialExpiredException when the stored credentials has expired, in which case a password login will be performed
-     * @throws AuthenticationException if an error has occurred. If it's not a {@link ServerDisconnectException}, password login will be tried.
      */
-    public abstract AuthInfo logIn() throws ServerDisconnectException, AuthenticationException;
+    public abstract AuthInfo logIn() throws CredentialExpiredException, AuthenticationException;
 
     /**
      * Login with specified password.

HMCLCore/src/main/java/org/jackhuang/hmcl/auth/CredentialExpiredException.java

@@ -0,0 +1,42 @@
+/*
+ * Hello Minecraft! Launcher.
+ * Copyright (C) 2018  huangyuhui <huanghongxun2008@126.com>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see {http://www.gnu.org/licenses/}.
+ */
+package org.jackhuang.hmcl.auth;
+
+/**
+ * Thrown when the stored credentials has expired.
+ * This exception indicates that a password login should be performed.
+ *
+ * @author yushijinhun
+ * @see Account#logIn()
+ */
+public class CredentialExpiredException extends AuthenticationException {
+
+    public CredentialExpiredException() {}
+
+    public CredentialExpiredException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public CredentialExpiredException(String message) {
+        super(message);
+    }
+
+    public CredentialExpiredException(Throwable cause) {
+        super(cause);
+    }
+}

HMCLCore/src/main/java/org/jackhuang/hmcl/auth/ServerResponseMalformedException.java

@@ -1,3 +1,20 @@
+/*
+ * Hello Minecraft! Launcher.
+ * Copyright (C) 2018  huangyuhui <huanghongxun2008@126.com>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see {http://www.gnu.org/licenses/}.
+ */
 package org.jackhuang.hmcl.auth;
 
 public class ServerResponseMalformedException extends AuthenticationException {

HMCLCore/src/main/java/org/jackhuang/hmcl/auth/yggdrasil/YggdrasilAccount.java

@@ -66,40 +66,54 @@ public class YggdrasilAccount extends Account {
     @Override
     public AuthInfo logIn() throws AuthenticationException {
         if (!canPlayOnline()) {
-            logInWithToken();
+            if (service.validate(session.getAccessToken(), session.getClientToken())) {
-            selectProfile(new SpecificCharacterSelector(characterUUID));
+                isOnline = true;
+            } else {
+                try {
+                    updateSession(service.refresh(session.getAccessToken(), session.getClientToken(), null), new SpecificCharacterSelector(characterUUID));
+                } catch (RemoteAuthenticationException e) {
+                    if ("ForbiddenOperationException".equals(e.getRemoteName())) {
+                        throw new CredentialExpiredException(e);
+                    } else {
+                        throw e;
+                    }
+                }
+            }
         }
         return session.toAuthInfo();
     }
 
     @Override
-    public final AuthInfo logInWithPassword(String password) throws AuthenticationException {
+    public AuthInfo logInWithPassword(String password) throws AuthenticationException {
         return logInWithPassword(password, new SpecificCharacterSelector(characterUUID));
     }
 
     protected AuthInfo logInWithPassword(String password, CharacterSelector selector) throws AuthenticationException {
-        session = service.authenticate(username, password, UUIDTypeAdapter.fromUUID(UUID.randomUUID()));
+        updateSession(service.authenticate(username, password, UUIDTypeAdapter.fromUUID(UUID.randomUUID())), selector);
-        selectProfile(selector);
         return session.toAuthInfo();
     }
 
-    private void selectProfile(CharacterSelector selector) throws AuthenticationException {
+    /**
-        if (session.getSelectedProfile() == null) {
+     * Updates the current session. This method shall be invoked after authenticate/refresh operation.
-            if (session.getAvailableProfiles() == null || session.getAvailableProfiles().length <= 0)
+     * {@link #session} field shall be set only using this method. This method ensures {@link #session}
+     * has a profile selected.
+     *
+     * @param acquiredSession the session acquired by making an authenticate/refresh request
+     */
+    private void updateSession(YggdrasilSession acquiredSession, CharacterSelector selector) throws AuthenticationException {
+        if (acquiredSession.getSelectedProfile() == null) {
+            if (acquiredSession.getAvailableProfiles() == null || acquiredSession.getAvailableProfiles().length == 0)
                 throw new NoCharacterException(this);
 
-            session = service.refresh(session.getAccessToken(), session.getClientToken(), selector.select(this, Arrays.asList(session.getAvailableProfiles())));
+            this.session = service.refresh(
+                    acquiredSession.getAccessToken(),
+                    acquiredSession.getClientToken(),
+                    selector.select(this, Arrays.asList(acquiredSession.getAvailableProfiles())));
+        } else {
+            this.session = acquiredSession;
         }
 
-        characterUUID = session.getSelectedProfile().getId();
+        this.characterUUID = this.session.getSelectedProfile().getId();
-    }
-
-    private void logInWithToken() throws AuthenticationException {
-        if (service.validate(session.getAccessToken(), session.getClientToken())) {
-            isOnline = true;
-            return;
-        }
-        session = service.refresh(session.getAccessToken(), session.getClientToken(), null);
     }
 
     @Override

HMCLCore/src/main/java/org/jackhuang/hmcl/auth/yggdrasil/YggdrasilService.java

@@ -84,7 +84,10 @@ public class YggdrasilService {
             requireEmpty(request(provider.getValidationURL(), createRequestWithCredentials(accessToken, clientToken)));
             return true;
         } catch (RemoteAuthenticationException e) {
-            return false;
+            if ("ForbiddenOperationException".equals(e.getRemoteName())) {
+                return false;
+            }
+            throw e;
         }
     }