Mathias/MCDashWrapper
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implemented Authorization in the ProxyHandler.java

Browse Source
This commit is contained in:
Mathias Wagner 2024-02-15 17:10:56 +01:00
parent 636ff60c30
commit b5b93c4dbc
Signed by: Mathias
GPG Key ID: B8DC354B0A1F5B44
1 changed files with 37 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
src/main/java/de/gnmyt/mcdash/handler/ProxyHandler.java
View File

@ -5,6 +5,7 @@ import com.sun.net.httpserver.HttpHandler;
import de.gnmyt.mcdash.MCDashWrapper; import de.gnmyt.mcdash.MCDashWrapper;
import de.gnmyt.mcdash.api.Logger; import de.gnmyt.mcdash.api.Logger;
import de.gnmyt.mcdash.api.ServerManager; import de.gnmyt.mcdash.api.ServerManager;
import de.gnmyt.mcdash.api.UserManager;
import okhttp3.OkHttpClient; import okhttp3.OkHttpClient;
import okhttp3.Request; import okhttp3.Request;
import okhttp3.RequestBody; import okhttp3.RequestBody;
@ -16,25 +17,53 @@ import java.io.InputStream;
import java.io.OutputStream; import java.io.OutputStream;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.util.Base64; import java.util.Base64;
import java.util.List;
public class ProxyHandler implements HttpHandler { public class ProxyHandler implements HttpHandler {
private final static Logger LOG = new Logger(ProxyHandler.class); private final static Logger LOG = new Logger(ProxyHandler.class);
private final OkHttpClient client = new OkHttpClient(); private final OkHttpClient client = new OkHttpClient();
private final ServerManager serverManager = MCDashWrapper.getServerManager(); private final ServerManager serverManager = MCDashWrapper.getServerManager();
private final UserManager userManager = MCDashWrapper.getUserManager();
@Override @Override
public void handle(HttpExchange exchange) throws IOException { public void handle(HttpExchange exchange) throws IOException {
String uuid = exchange.getRequestURI().getPath().split("/")[2]; String uuid = exchange.getRequestURI().getPath().split("/")[2];
if (serverManager.getServer(uuid) == null) {
exchange.sendResponseHeaders(404, 0);
exchange.close();
return;
}
String pathWithoutUuid = exchange.getRequestURI().getPath().replace("/proxy/" + uuid, "") String pathWithoutUuid = exchange.getRequestURI().getPath().replace("/proxy/" + uuid, "")
+ (exchange.getRequestURI().getQuery() != null ? "?" + exchange.getRequestURI().getQuery() : ""); + (exchange.getRequestURI().getQuery() != null ? "?" + exchange.getRequestURI().getQuery() : "");
if (pathWithoutUuid.startsWith("/api")) {
List<String> authHeader = exchange.getRequestHeaders().get("Authorization");
if (authHeader == null) {
exchange.sendResponseHeaders(401, 0);
return;
}
String[] authCredentials;
try {
authCredentials = new String(Base64.getDecoder().decode(authHeader.get(0)
.replace("Basic ", ""))).split(":");
} catch (Exception e) {
exchange.sendResponseHeaders(401, 0);
return;
}
if (authCredentials.length != 2) {
exchange.sendResponseHeaders(401, 0);
return;
}
if (!userManager.isPasswordCorrect(authCredentials[0], authCredentials[1])) {
exchange.sendResponseHeaders(401, 0);
return;
}
if (serverManager.getServer(uuid) == null) {
exchange.sendResponseHeaders(404, 0);
exchange.close();
return;
}
}
RequestBody requestBody = exchange.getRequestMethod().equals("GET") ? null : RequestBody.create(IOUtils.toByteArray(exchange.getRequestBody()), null); RequestBody requestBody = exchange.getRequestMethod().equals("GET") ? null : RequestBody.create(IOUtils.toByteArray(exchange.getRequestBody()), null);