From 4d6482c4415bffae75d9233e4b3a78d430d5ded8 Mon Sep 17 00:00:00 2001 From: mountain Date: Mon, 20 May 2024 14:00:49 +0900 Subject: [PATCH 01/12] =?UTF-8?q?=EA=B3=84=EC=A0=95=20=EC=A0=9C=EC=9E=AC?= =?UTF-8?q?=20=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/api.go | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/core/api.go b/core/api.go index 6f9b2d7..9642822 100644 --- a/core/api.go +++ b/core/api.go @@ -169,7 +169,11 @@ func (caller apiCaller) blockAPI(w http.ResponseWriter, r *http.Request) error { json.NewEncoder(w).Encode(mg.bl.all()) } else if !target.IsZero() { if blocked, ok := mg.bl.get(target); ok && blocked != nil { - json.NewEncoder(w).Encode(blocked) + if !blocked.Expired() { + json.NewEncoder(w).Encode(blocked) + } else { + mg.bl.remove(target) + } } } } else if r.Method == "PUT" { @@ -200,7 +204,6 @@ func (caller apiCaller) blockAPI(w http.ResponseWriter, r *http.Request) error { logger.Println("account is blocked :", meta) bi.Accid = accid - caller.mg.bl.add(&bi) mg.sessionProvider.RevokeAll(accid) } } @@ -226,8 +229,6 @@ func (caller apiCaller) blockAPI(w http.ResponseWriter, r *http.Request) error { if err != nil { return err } - - caller.mg.bl.remove(idobj) } return nil } -- 2.50.1.windows.1 From 44644a6a97907202976fa0cdccdb4909ff2621ab Mon Sep 17 00:00:00 2001 From: mountain Date: Mon, 20 May 2024 14:00:49 +0900 Subject: [PATCH 02/12] =?UTF-8?q?=EA=B3=84=EC=A0=95=20=EC=A0=9C=EC=9E=AC?= =?UTF-8?q?=20=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -- 2.50.1.windows.1 From ed7ebaf4b3c7a5e05307cf4245838d1c207d8ecd Mon Sep 17 00:00:00 2001 From: rehjinh Date: Tue, 11 Jun 2024 11:54:17 +0900 Subject: [PATCH 03/12] =?UTF-8?q?Maingate=20-=20Hybeim=20SDK=EB=A5=BC=20?= =?UTF-8?q?=ED=86=B5=ED=95=9C=20Steam=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20?= =?UTF-8?q?=EC=B2=98=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/maingate.go | 10 +++ core/platformhybeim.go | 163 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 173 insertions(+) create mode 100644 core/platformhybeim.go diff --git a/core/maingate.go b/core/maingate.go index 6200238..4c81add 100644 --- a/core/maingate.go +++ b/core/maingate.go @@ -57,6 +57,7 @@ const ( AuthPlatformMicrosoft = "microsoft" AuthPlatformApple = "apple" AuthPlatformTwitter = "twitter" + AuthPlatformHybeim = "hybeim" ) const ( @@ -98,6 +99,11 @@ type maingateConfig struct { SteamAppId string `json:"steam_app_id"` SteamPublisherAuthKey string `json:"steam_publisher_authkey"` GlobalMaingateToken string `json:"maingate_api_token"` + HybeImProjectIdstring string `json:"hybeim_projectid"` + HybeImServiceIdstring string `json:"hybeim_serviceid"` + HybeImAccessKey string `json:"hybeim_acesskey"` + HybeImEndPoint string `json:"hybeim_Endpoint"` + Firebase_Google_Analytics_JS_SDK_Config } @@ -548,6 +554,8 @@ func (mg *Maingate) RegisterHandlers(ctx context.Context, serveMux *http.ServeMu serveMux.HandleFunc(gocommon.MakeHttpHandlerPattern(prefix, "authorize_sdk", AuthPlatformSteamSDK), mg.platform_steamsdk_authorize) + serveMux.HandleFunc(gocommon.MakeHttpHandlerPattern(prefix, "authorize_sdk", AuthPlatformHybeim), mg.platform_hybeim_authorize) + go mg.watchServiceCollection(ctx, serveMux, prefix) go mg.watchFileCollection(ctx, serveMux, prefix) // fsx := http.FileServer(http.Dir("console")) @@ -671,6 +679,8 @@ func (mg *Maingate) updateUserinfo(info usertokeninfo) (bool, string, string) { success, userid, email = mg.platform_google_getuserinfo(info) case AuthPlatformSteamSDK: success, userid, email = mg.platform_steamsdk_getuserinfo(info) + case AuthPlatformHybeim: + success, userid, email = mg.platform_hybeim_getuserinfo(info) case AuthPlatformFirebaseAuth: success, userid, email = mg.platform_firebase_getuserinfo(info) } diff --git a/core/platformhybeim.go b/core/platformhybeim.go new file mode 100644 index 0000000..710cd31 --- /dev/null +++ b/core/platformhybeim.go @@ -0,0 +1,163 @@ +package core + +import ( + "bytes" + "encoding/json" + "errors" + "fmt" + "io" + "io/ioutil" + "net/http" + "net/url" + "time" + + "repositories.action2quare.com/ayo/gocommon/logger" +) + +type HybeImSDKAuthInfo struct { + UserHybeimid string `json:"imid"` + UserLoginVerifyToken string `json:"loginVerifyToken"` +} + +type HybeImSDKLoginAuthInfo struct { + ServiceId string `json:"serviceId"` + UserLoginVerifyToken string `json:"loginVerifyToken"` +} + +type Hiveim_LoginVerifyResult struct { + State string `json:"state"` + ImId string `json:"imId"` + Provider string `json:"provider"` + Os string `json:"os"` + AppStore string `json:"appStore"` +} + +type Hiveim_LoginValidationResponse struct { + ResultCode string `json:"resultCode"` + ResultMessage string `json:"resultMessage"` + ResultData Hiveim_LoginVerifyResult `json:"resultData"` +} + +func (mg *Maingate) platform_hybeim_authorize(w http.ResponseWriter, r *http.Request) { + defer r.Body.Close() + + brinfo, err := mg.GetUserBrowserInfo(r) + if err != nil { + w.WriteHeader(http.StatusBadRequest) + logger.Error(err) + return + } + + var authinfo HybeImSDKAuthInfo + err = json.NewDecoder(r.Body).Decode(&authinfo) + if err != nil { + logger.Println("authinfo decoding fail:", err) + w.WriteHeader(http.StatusBadRequest) + return + } + + if !*noauth { + err = authenticateHybeImUser(config.HybeImProjectIdstring, config.HybeImServiceIdstring, config.HybeImAccessKey, config.HybeImEndPoint, authinfo.UserHybeimid, authinfo.UserLoginVerifyToken) + } + + if err == nil { + acceestoken_expire_time := time.Date(2999, 1, int(time.January), 0, 0, 0, 0, time.UTC).Unix() + + var info usertokeninfo + info.platform = AuthPlatformHybeim + info.userid = authinfo.UserHybeimid + info.token = authinfo.UserLoginVerifyToken + info.brinfo = brinfo + //info.accesstoken = respReferesh.AccessToken + info.accesstoken_expire_time = acceestoken_expire_time + mg.setUserToken(info) + + params := url.Values{} + params.Add("id", authinfo.UserHybeimid) + params.Add("authtype", AuthPlatformHybeim) + w.Write([]byte("?" + params.Encode())) + //http.Redirect(w, r, "actionsquare://login?"+Result, http.StatusSeeOther) + } else { + logger.Println(err) + http.Redirect(w, r, "actionsquare://error", http.StatusSeeOther) + } + +} + +func authenticateHybeImUser(projectid, serviceid, accesskey, endpoint, imid, UserLoginVerifyToken string) error { + + // endpoint + // qa = https://api-qa.pub-dev.hybegames.io + // prod = https://api.hybegames.com + + verifyurl := endpoint + "/member/api-game/v1/auth/login/verify" + + var param HybeImSDKLoginAuthInfo + param.UserLoginVerifyToken = UserLoginVerifyToken + param.ServiceId = serviceid + + dat, err := json.Marshal(param) + if err != nil { + panic(err) + } + + var respReferesh Hiveim_LoginValidationResponse + req, err := http.NewRequest("POST", verifyurl, bytes.NewBuffer(dat)) + if err != nil { + panic(err) + } + + req.Header.Add("X-Auth-Access-Key", accesskey) + req.Header.Add("X-Req-Pjid", projectid) + + client := &http.Client{} + resp, err := client.Do(req) + if err != nil { + panic(err) + } + defer resp.Body.Close() + + defer func() { + io.Copy(io.Discard, resp.Body) + resp.Body.Close() + }() + + body, e := ioutil.ReadAll(resp.Body) + if e != nil { + return e + } + + json.Unmarshal(body, &respReferesh) + + //fmt.Println(string(body)) + + var doc map[string]interface{} + if err := json.Unmarshal(body, &doc); err != nil { + return err + } + + if respReferesh.ResultCode != "SUCCESS" { + return errors.New("higveimSDK: ResultCode is not SUCCESS") + } + + if respReferesh.ResultData.State != "NORMAL" { + return errors.New("higveimSDK: State is not NORMAL") + } + + if respReferesh.ResultData.Provider != "STEAM" { + return errors.New("higveimSDK: Provider is not STEAM") + } + + if respReferesh.ResultData.ImId != imid { + return errors.New("higveimSDK: ImId is not match") + } + + return nil +} + +func (mg *Maingate) platform_hybeim_getuserinfo(info usertokeninfo) (bool, string, string) { + // Hybeim ( Steam )도 이메일 정보를 받을수 없기 때문에 userid로 리턴한다. + dummyEmail := fmt.Sprintf("%s@hibeim.id", info.userid) + return true, info.userid, dummyEmail + +} -- 2.50.1.windows.1 From fb1f55cb80cdf590bba9df173ce313e543211360 Mon Sep 17 00:00:00 2001 From: rehjinh Date: Tue, 11 Jun 2024 11:54:17 +0900 Subject: [PATCH 04/12] =?UTF-8?q?Maingate=20-=20Hybeim=20SDK=EB=A5=BC=20?= =?UTF-8?q?=ED=86=B5=ED=95=9C=20Steam=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20?= =?UTF-8?q?=EC=B2=98=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -- 2.50.1.windows.1 From 94ec900690120106123dfa98611b0404d4583724 Mon Sep 17 00:00:00 2001 From: rehjinh Date: Tue, 11 Jun 2024 14:55:32 +0900 Subject: [PATCH 05/12] =?UTF-8?q?hybeim=20SDK=20=EC=84=A4=EC=A0=95=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config_template.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/config_template.json b/config_template.json index 12d9724..eab1857 100644 --- a/config_template.json +++ b/config_template.json @@ -37,6 +37,11 @@ "firebase_google_analytics_jssdk_apiid": "", "firebase_google_analytics_jssdk_measurementid": "", + "hybeim_projectid": "", + "hybeim_serviceid": "", + "hybeim_acesskey": "", + "hybeim_Endpoint": "", + "maingate_global_admins" : [ "mountain@action2quare.com" ] -- 2.50.1.windows.1 From 779d7f910fe56b05620e9771e2e9ba206427de3d Mon Sep 17 00:00:00 2001 From: l2vator Date: Mon, 24 Jun 2024 15:42:37 +0900 Subject: [PATCH 06/12] =?UTF-8?q?*=20[=EC=98=A4=EC=8A=B9=EC=84=9D]=20fireb?= =?UTF-8?q?ase=EB=A5=BC=20=ED=86=B5=ED=95=9C=20guset=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=9D=B8=EC=8B=9C=20email=EC=97=90=20@guest.flag=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80=20=20-=20=EC=9C=84=EC=B9=98=20=EC=9D=B4=EB=8F=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/platformfirebaseauth.go | 4 ++++ core/service.go | 3 --- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/core/platformfirebaseauth.go b/core/platformfirebaseauth.go index 5741818..e97f63d 100644 --- a/core/platformfirebaseauth.go +++ b/core/platformfirebaseauth.go @@ -3,6 +3,7 @@ package core import ( "encoding/json" "errors" + "fmt" "log" "net/http" "net/url" @@ -263,6 +264,9 @@ func (mg *Maingate) platform_firebase_getuserinfo(info usertokeninfo) (bool, str } tempEmail := found["firebaseemail"].(string) + if found["firebaseprovider"].(string) == "guest" { + tempEmail = fmt.Sprintf("%s@guest.flag", info.userid) + } return true, info.userid, tempEmail diff --git a/core/service.go b/core/service.go index 0fca7d3..dc123dc 100644 --- a/core/service.go +++ b/core/service.go @@ -679,9 +679,6 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request) } if authtype != newType || uid != newId { - if authtype == "firebase" && newType == "guest" { - email = fmt.Sprintf("%s@guest.flag", uid) - } authtype = newType uid = newId } -- 2.50.1.windows.1 From 6cb1d4b2695254d2d0a20dec4b3488af67328cba Mon Sep 17 00:00:00 2001 From: l2vator Date: Thu, 27 Jun 2024 15:18:09 +0900 Subject: [PATCH 07/12] =?UTF-8?q?[=EC=98=A4=EC=8A=B9=EC=84=9D]=20Account?= =?UTF-8?q?=20Link=20-=20Firebase::Anonymously(guest)=20=EC=97=90=EC=84=9C?= =?UTF-8?q?=20Firebase=20=EB=A5=BC=20=ED=86=B5=ED=95=9C=20=EB=8B=A4?= =?UTF-8?q?=EB=A5=B8=20Platform=20=EC=9C=BC=EB=A1=9C=20Link=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/service.go | 55 ++++++++++++++++++++++++++++++++++++------------- 1 file changed, 41 insertions(+), 14 deletions(-) diff --git a/core/service.go b/core/service.go index dc123dc..c5f8210 100644 --- a/core/service.go +++ b/core/service.go @@ -296,6 +296,32 @@ func (sh *serviceDescription) link(w http.ResponseWriter, r *http.Request) { return } + bfinfo, err := sh.getUserBrowserInfo(r) + if err != nil { + logger.Error("getUserBrowserInfo failed :", err) + w.WriteHeader(http.StatusBadRequest) + return + } + + guestlink := (oldAuth.Platform == "guest") + if !guestlink { + _, err = sh.readProfile(oldType, oldId, bfinfo) + if err != nil { + logger.Error("readProfile(old) failed :", err) + w.WriteHeader(http.StatusBadRequest) + return + } + } else { + logger.Println("from guest acc to real acc link : ", oldId, bfinfo, newType, newId, bfinfo) + } + + oldType, oldId, err = sh.getProviderInfo(oldType, oldId) + if err != nil { + logger.Error("getProviderInfo failed :", err) + w.WriteHeader(http.StatusBadRequest) + return + } + // fmt.Println("=================") // fmt.Println(oldType) // fmt.Println(oldId) @@ -314,20 +340,6 @@ func (sh *serviceDescription) link(w http.ResponseWriter, r *http.Request) { return } - bfinfo, err := sh.getUserBrowserInfo(r) - if err != nil { - logger.Error("getUserBrowserInfo failed :", err) - w.WriteHeader(http.StatusBadRequest) - return - } - - _, err = sh.readProfile(oldType, oldId, bfinfo) - if err != nil { - logger.Error("readProfile(old) failed :", err) - w.WriteHeader(http.StatusBadRequest) - return - } - email, err := sh.readProfile(newType, newId, bfinfo) if err != nil { logger.Error("readProfile(new) failed :", err) @@ -345,6 +357,7 @@ func (sh *serviceDescription) link(w http.ResponseWriter, r *http.Request) { if err != nil { logger.Error("getProviderInfo failed :", err) w.WriteHeader(http.StatusBadRequest) + return } createtime := primitive.NewDateTimeFromTime(time.Now().UTC()) @@ -385,6 +398,20 @@ func (sh *serviceDescription) link(w http.ResponseWriter, r *http.Request) { return } + if guestlink { + //기존 게스트 링크 삭제 + link, err = sh.mongoClient.FindOneAndDelete(CollectionLink, bson.M{ + "platform": oldType, + "uid": oldId, + }, options.FindOneAndDelete().SetProjection(bson.M{"_id": 1})) + + if err == nil { + sh.mongoClient.Delete(CollectionAccount, bson.M{ + "_id": link["_id"].(primitive.ObjectID), + }) + } + } + logger.Println("link success :", r.URL.Query()) } -- 2.50.1.windows.1 From 0c744d634d9867b190373d53c00673fe18a07f46 Mon Sep 17 00:00:00 2001 From: rehjinh Date: Tue, 2 Jul 2024 10:53:41 +0900 Subject: [PATCH 08/12] =?UTF-8?q?=EA=B3=84=EC=A0=95=EC=A1=B0=ED=9A=8C=20ap?= =?UTF-8?q?i=20=EC=B6=94=EA=B0=80=20accid=20->=20platform,=20uid=20?= =?UTF-8?q?=EC=A1=B0=ED=9A=8C=ED=95=98=EB=8A=94=20api=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/api.go | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/core/api.go b/core/api.go index 9642822..95903a0 100644 --- a/core/api.go +++ b/core/api.go @@ -387,6 +387,58 @@ func (caller apiCaller) couponAPI(w http.ResponseWriter, r *http.Request) error return nil } +type accountlinkinfo struct { + Uid string `json:"uid"` + Platform string `json:"platform"` +} + +func (caller apiCaller) userinfoAPI(w http.ResponseWriter, r *http.Request) error { + mg := caller.mg + if r.Method == "GET" { + // 계정 조회 + accid, _ := gocommon.ReadObjectIDFormValue(r.Form, "accid") + if len(accid) == 0 { + logger.Println("[userinfoAPI] accid is empty") + w.WriteHeader(http.StatusBadRequest) + return nil + } + + all, err := mg.mongoClient.FindAll(CollectionAccount, bson.M{ + "accid": accid, + }, options.Find().SetProjection(bson.M{"_id": 1, "accid": 1})) + + if err != nil { + return err + } + + var linkinfos []accountlinkinfo + for _, doc := range all { + id := doc["_id"].(primitive.ObjectID) + + link, err := mg.mongoClient.FindOne(CollectionLink, bson.M{ + "_id": id, + }, options.FindOne().SetProjection(bson.M{"_id": 1, "platform": 1, "uid": 1})) + + if err != nil { + logger.Error("link failed. FindOneAndUpdate link err:", err) + w.WriteHeader(http.StatusInternalServerError) + return err + } + + var info accountlinkinfo + info.Platform = link["platform"].(string) + info.Uid = link["uid"].(string) + linkinfos = append(linkinfos, info) + } + + enc := json.NewEncoder(w) + enc.Encode(linkinfos) + + } + + return nil +} + var errApiTokenMissing = errors.New("mg-x-api-token is missing") func (caller apiCaller) configAPI(w http.ResponseWriter, r *http.Request) error { @@ -513,6 +565,8 @@ func (mg *Maingate) api(w http.ResponseWriter, r *http.Request) { err = caller.blockAPI(w, r) } else if strings.HasSuffix(r.URL.Path, "/coupon") { err = caller.couponAPI(w, r) + } else if strings.HasSuffix(r.URL.Path, "/userinfo") { + err = caller.userinfoAPI(w, r) } if err != nil { -- 2.50.1.windows.1 From 1610d6521559cc440f6a0dbb1177d484a3f92e0f Mon Sep 17 00:00:00 2001 From: rehjinh Date: Tue, 2 Jul 2024 10:53:41 +0900 Subject: [PATCH 09/12] =?UTF-8?q?=EA=B3=84=EC=A0=95=EC=A1=B0=ED=9A=8C=20ap?= =?UTF-8?q?i=20=EC=B6=94=EA=B0=80=20accid=20->=20platform,=20uid=20?= =?UTF-8?q?=EC=A1=B0=ED=9A=8C=ED=95=98=EB=8A=94=20api=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -- 2.50.1.windows.1 From e4b4cf08622f9fcd9e83df485e1191162775351c Mon Sep 17 00:00:00 2001 From: l2vator Date: Wed, 3 Jul 2024 14:44:53 +0900 Subject: [PATCH 10/12] =?UTF-8?q?[=EC=98=A4=EC=8A=B9=EC=84=9D]=20Account?= =?UTF-8?q?=20Link=20-=20func=20link()=EC=95=88=EC=97=90=EC=84=9C=20Collec?= =?UTF-8?q?tionLink=EC=97=90=20=EC=9D=B4=EB=AF=B8=20link=EB=90=9C=20?= =?UTF-8?q?=EA=B3=84=EC=A0=95=EC=9D=B4=20=EC=9E=88=EB=8A=94=EA=B2=BD?= =?UTF-8?q?=EC=9A=B0,=20json=EC=9C=BC=EB=A1=9C=20'{"alreadylink":true}'=20?= =?UTF-8?q?=EB=B0=98=ED=99=98=ED=95=98=EB=8F=84=EB=A1=9D=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/service.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/core/service.go b/core/service.go index c5f8210..6ec9943 100644 --- a/core/service.go +++ b/core/service.go @@ -360,6 +360,18 @@ func (sh *serviceDescription) link(w http.ResponseWriter, r *http.Request) { return } + found, err := sh.mongoClient.FindOne(CollectionLink, bson.M{"platform": newType, "uid": newId}, options.FindOne()) + if err != nil { + logger.Error("link failed. FindOne err:", err) + w.WriteHeader(http.StatusInternalServerError) + return + } + if found != nil { + logger.Println("link failed. already have service account: ", r.URL.Query()) + w.Write([]byte(`{"alreadylink":true}`)) + return + } + createtime := primitive.NewDateTimeFromTime(time.Now().UTC()) link, err := sh.mongoClient.FindOneAndUpdate(CollectionLink, bson.M{ "platform": newType, -- 2.50.1.windows.1 From ef086ddaa11a10b171c68acd031e0cf3339eb73f Mon Sep 17 00:00:00 2001 From: mountain Date: Wed, 10 Jul 2024 12:14:58 +0900 Subject: [PATCH 11/12] =?UTF-8?q?firebase=20=EC=84=A4=EC=A0=95=EC=97=90=20?= =?UTF-8?q?=EB=94=B0=EB=9D=BC=20=EC=9D=B8=EC=8A=A4=ED=84=B4=EC=8A=A4=20?= =?UTF-8?q?=EC=83=9D=EC=84=B1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/maingate.go | 43 +++++++++++++++++++++++++----------- core/platformfirebaseauth.go | 13 +++++++++-- 2 files changed, 41 insertions(+), 15 deletions(-) diff --git a/core/maingate.go b/core/maingate.go index 4c81add..90bcfc9 100644 --- a/core/maingate.go +++ b/core/maingate.go @@ -36,6 +36,7 @@ import ( var devflag = flagx.Bool("dev", false, "") var noauth = flagx.Bool("noauth", false, "") +var authtype = flagx.String("auth", "", "yes|no|both") var ( CollectionLink = gocommon.CollectionName("link") @@ -133,6 +134,11 @@ func (ga *globalAdmins) parse() { ga.modtime = gocommon.ConfigModTime() } +type firebaseClient struct { + firebaseAppClient *auth.Client + firebaseAppContext context.Context +} + // Maingate : type Maingate struct { mongoClient gocommon.MongoClient @@ -148,8 +154,8 @@ type Maingate struct { authorizationEndpoints map[string]string userinfoEndpoint map[string]string jwksUri map[string]string - firebaseAppClient *auth.Client - firebaseAppContext context.Context + + firebase *firebaseClient } var config maingateConfig @@ -186,18 +192,29 @@ func New(ctx context.Context) (*Maingate, error) { return nil, err } - if !*noauth { - opt := option.WithCredentialsFile(config.FirebaseAdminSDKCredentialFile) - firebaseApp, err := firebase.NewApp(context.Background(), nil, opt) - if err != nil { - logger.Error("firebase admin error initializing app failed :", err) - return nil, err - } + if *noauth && len(*authtype) == 0 { + *authtype = "no" + } - mg.firebaseAppContext = ctx - mg.firebaseAppClient, err = firebaseApp.Auth(mg.firebaseAppContext) - if err != nil { - logger.Println("FirebaseAppClient error getting Auth client:", err) + if *authtype == "yes" || *authtype == "both" { + if len(config.FirebaseAdminSDKCredentialFile) > 0 { + opt := option.WithCredentialsFile(config.FirebaseAdminSDKCredentialFile) + firebaseApp, err := firebase.NewApp(context.Background(), nil, opt) + if err != nil { + logger.Error("firebase admin error initializing app failed :", err) + return nil, err + } + + firebaseAppClient, err := firebaseApp.Auth(ctx) + if err != nil { + logger.Println("FirebaseAppClient error getting Auth client:", err) + return nil, err + } + + mg.firebase = &firebaseClient{ + firebaseAppContext: ctx, + firebaseAppClient: firebaseAppClient, + } } } diff --git a/core/platformfirebaseauth.go b/core/platformfirebaseauth.go index e97f63d..d7e52db 100644 --- a/core/platformfirebaseauth.go +++ b/core/platformfirebaseauth.go @@ -147,6 +147,11 @@ func (mg *Maingate) platform_firebaseauth_authorize_sdk(w http.ResponseWriter, r } func (mg *Maingate) platform_firebaseauth_authorize_raw(w http.ResponseWriter, brinfo, code, state, cookieSessionKey, memberId, nickname, provider, providerId, email, photourl, phonenumber string) (bool, string) { + if mg.firebase == nil { + logger.Println("mg.firebase is nil. check 'firebase_admin_sdk_credentialfile' config or 'authtype' parameter") + w.WriteHeader(http.StatusBadRequest) + return false, "" + } found, err := mg.mongoClient.FindOne(CollectionPlatformLoginToken, bson.M{ "platform": AuthPlatformFirebaseAuth, @@ -189,7 +194,7 @@ func (mg *Maingate) platform_firebaseauth_authorize_raw(w http.ResponseWriter, b return false, "" } - _, err = mg.firebaseAppClient.VerifyIDToken(mg.firebaseAppContext, code) + _, err = mg.firebase.firebaseAppClient.VerifyIDToken(mg.firebase.firebaseAppContext, code) if err != nil { log.Println("error verifying ID token:", err) return false, "" @@ -243,6 +248,10 @@ func (mg *Maingate) platform_firebaseauth_authorize_raw(w http.ResponseWriter, b } func (mg *Maingate) platform_firebase_getuserinfo(info usertokeninfo) (bool, string, string) { + if mg.firebase == nil { + logger.Println("mg.firebase is nil. check 'firebase_admin_sdk_credentialfile' config or 'authtype' parameter") + return false, "", "" + } found, err := mg.mongoClient.FindOne(CollectionFirebaseUserInfo, bson.M{ "firebaseuserid": info.userid, @@ -257,7 +266,7 @@ func (mg *Maingate) platform_firebase_getuserinfo(info usertokeninfo) (bool, str return false, "", "" } - _, err = mg.firebaseAppClient.VerifyIDToken(mg.firebaseAppContext, info.token) + _, err = mg.firebase.firebaseAppClient.VerifyIDToken(mg.firebase.firebaseAppContext, info.token) if err != nil { log.Println("error verifying ID token:", err) return false, "", "" -- 2.50.1.windows.1 From 8614d728fdd29ea9eecc9fefc2b6d673a414dbca Mon Sep 17 00:00:00 2001 From: mountain Date: Wed, 10 Jul 2024 14:54:13 +0900 Subject: [PATCH 12/12] =?UTF-8?q?noauth=EB=8C=80=EC=8B=A0=20authtype=20?= =?UTF-8?q?=ED=8C=8C=EB=9D=BC=EB=AF=B8=ED=84=B0=20=EC=82=AC=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/maingate.go | 8 ++++---- core/platformhybeim.go | 6 +----- core/platformsteam.go | 6 +----- core/service.go | 21 ++++++++++----------- 4 files changed, 16 insertions(+), 25 deletions(-) diff --git a/core/maingate.go b/core/maingate.go index 90bcfc9..6ba6aa1 100644 --- a/core/maingate.go +++ b/core/maingate.go @@ -36,7 +36,7 @@ import ( var devflag = flagx.Bool("dev", false, "") var noauth = flagx.Bool("noauth", false, "") -var authtype = flagx.String("auth", "", "yes|no|both") +var authtype = flagx.String("auth", "on", "on|off|both") var ( CollectionLink = gocommon.CollectionName("link") @@ -192,11 +192,11 @@ func New(ctx context.Context) (*Maingate, error) { return nil, err } - if *noauth && len(*authtype) == 0 { - *authtype = "no" + if len(*authtype) == 0 { + *authtype = "on" } - if *authtype == "yes" || *authtype == "both" { + if !*noauth && (*authtype == "on" || *authtype == "both") { if len(config.FirebaseAdminSDKCredentialFile) > 0 { opt := option.WithCredentialsFile(config.FirebaseAdminSDKCredentialFile) firebaseApp, err := firebase.NewApp(context.Background(), nil, opt) diff --git a/core/platformhybeim.go b/core/platformhybeim.go index 710cd31..a852bb4 100644 --- a/core/platformhybeim.go +++ b/core/platformhybeim.go @@ -56,11 +56,7 @@ func (mg *Maingate) platform_hybeim_authorize(w http.ResponseWriter, r *http.Req return } - if !*noauth { - err = authenticateHybeImUser(config.HybeImProjectIdstring, config.HybeImServiceIdstring, config.HybeImAccessKey, config.HybeImEndPoint, authinfo.UserHybeimid, authinfo.UserLoginVerifyToken) - } - - if err == nil { + if err = authenticateHybeImUser(config.HybeImProjectIdstring, config.HybeImServiceIdstring, config.HybeImAccessKey, config.HybeImEndPoint, authinfo.UserHybeimid, authinfo.UserLoginVerifyToken); err == nil { acceestoken_expire_time := time.Date(2999, 1, int(time.January), 0, 0, 0, 0, time.UTC).Unix() var info usertokeninfo diff --git a/core/platformsteam.go b/core/platformsteam.go index 4dfc2f7..66e5b5f 100644 --- a/core/platformsteam.go +++ b/core/platformsteam.go @@ -39,11 +39,7 @@ func (mg *Maingate) platform_steamsdk_authorize(w http.ResponseWriter, r *http.R return } - if !*noauth { - err = authenticateSteamUser(config.SteamPublisherAuthKey, config.SteamAppId, authinfo.UserSteamId, authinfo.UserAuthToken) - } - - if err == nil { + if err := authenticateSteamUser(config.SteamPublisherAuthKey, config.SteamAppId, authinfo.UserSteamId, authinfo.UserAuthToken); err == nil { acceestoken_expire_time := time.Date(2999, 1, int(time.January), 0, 0, 0, 0, time.UTC).Unix() var info usertokeninfo diff --git a/core/service.go b/core/service.go index 6ec9943..30aa1d9 100644 --- a/core/service.go +++ b/core/service.go @@ -653,7 +653,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request) } queryvals := r.URL.Query() - authtype := queryvals.Get("type") + reqauthtype := queryvals.Get("type") uid := queryvals.Get("id") sk := queryvals.Get("sk") @@ -692,9 +692,8 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request) } var email string - - if !*noauth { - if len(authtype) > 0 { + if !*noauth && (*authtype == "on" || *authtype == "both") { + if len(reqauthtype) > 0 { //email, err := sh.readProfile(authtype, uid, accesstoken) bfinfo, err := sh.getUserBrowserInfo(r) if err != nil { @@ -703,25 +702,25 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request) return } - email, err = sh.readProfile(authtype, uid, bfinfo) + email, err = sh.readProfile(reqauthtype, uid, bfinfo) if err != nil { logger.Error("readProfile failed :", err) w.WriteHeader(http.StatusBadRequest) return } - newType, newId, err := sh.getProviderInfo(authtype, uid) + newType, newId, err := sh.getProviderInfo(reqauthtype, uid) if err != nil { logger.Error("getProviderInfo failed :", err) w.WriteHeader(http.StatusBadRequest) return } - if authtype != newType || uid != newId { - authtype = newType + if reqauthtype != newType || uid != newId { + reqauthtype = newType uid = newId } - } else if *devflag { + } else if *authtype == "both" { email = fmt.Sprintf("%s@guest.flag", uid) } else { // authtype이 없으면 입장 불가 @@ -780,7 +779,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request) sk, err = sh.sessionProvider.New(&session.Authorization{ Account: accid, - Platform: authtype, + Platform: reqauthtype, Uid: uid, Email: email, }) @@ -796,7 +795,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request) "newAccount": newaccount, "accid": accid.Hex(), } - if *noauth { + if len(reqauthtype) == 0 { output["noauth"] = true } -- 2.50.1.windows.1