Upstream/VIAaaS
1
0
Fork 0
mirror of https://github.com/ViaVersion/VIAaaS.git synced 2025-02-18 02:02:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

allow changing the azure client id

Browse Source
This commit is contained in:
creeper123123321 2021-09-25 12:37:10 -03:00
parent f781b76525
commit 8e81ae539f
5 changed files with 24 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -32,7 +32,7 @@ Offline mode tutorial: https://youtu.be/lPdELnrxmp0
- It requires a CORS Proxy for calling Mojang APIs, which may make Mojang see that as suspicious and block your account - It requires a CORS Proxy for calling Mojang APIs, which may make Mojang see that as suspicious and block your account
password if the IP address seems suspect. password if the IP address seems suspect.
- Account credentials aren't sent to VIAaaS instance, though it's intermediated by CORS Proxy. - Account credentials aren't sent to VIAaaS instance, though it's intermediated by CORS Proxy.
- The web page receives and validates a the session hash from VIAaaS instance. - The web page receives and validates the session hash from VIAaaS instance.
## Setting up server instance ## Setting up server instance
@ -128,21 +128,21 @@ Fabric client:
- VIAaaS may trigger anti-cheats, due to block, item, movement and other differences between versions. USE AT OWN RISK. - VIAaaS may trigger anti-cheats, due to block, item, movement and other differences between versions. USE AT OWN RISK.
- Take care of browser local storage. Check for XSS vulnerabilities on your domain. - Take care of browser local storage. Check for XSS vulnerabilities on your domain.
- Check the security of CORS proxy, it will intermediate Mojang API calls. - Check the security of CORS proxy, it will be used for calls to Mojang API.
- Mojang may lock your account when API is called from a suspect IP address. - Mojang may lock your account when API is called from a suspect IP address.
## FAQ ## FAQ
### Accounts ### Accounts
#### My Microsoft account <18 years old is not able to log in, it's giving XSTS error: #### My Microsoft account <18 years old is not able to log in, it's showing XSTS error:
- Add your account to a family (see https://wiki.vg/Microsoft_Authentication_Scheme#Authenticate_with_XSTS) - Add your account to a family (see https://wiki.vg/Microsoft_Authentication_Scheme#Authenticate_with_XSTS)
#### Why a online webpage for online mode?: #### Why to use an online webpage for online mode?:
- It's easier to maintain in that way, because providing login via chat requires encoding and decoding more packets, - It's easier to maintain in that way, because providing login via chat requires encoding and decoding more packets,
which reduces maintanability. which reduces maintainability.
- It allows your account password and token to be kept with you. - It allows your account password and token to be kept with you.
#### How to use Microsoft Account?: #### How to use Microsoft Account?:
@ -181,3 +181,7 @@ Fabric client:
- See [DirtMultiVersion](https://github.com/DirtPowered/DirtMultiversion) and RK_01's ViaProxy server (lenni0451.net: - See [DirtMultiVersion](https://github.com/DirtPowered/DirtMultiversion) and RK_01's ViaProxy server (lenni0451.net:
25563) 25563)
#### Can I customize the files of HTTP server?
- Add files to ``config/web/`` directory

1
src/main/resources/web/index.html
View File

@ -45,6 +45,7 @@ script-src 'self' https://*.cloudflare.com/ https://alcdn.msauth.net/ https://*.
<script defer src="https://alcdn.msauth.net/browser/2.15.0/js/msal-browser.min.js" <script defer src="https://alcdn.msauth.net/browser/2.15.0/js/msal-browser.min.js"
integrity="sha384-/weuqUPkC0P9JxnstihEV1GHdWrheU9Qo3MbdTuxxKJM8l/cSTE5zGP5VBIM4TZN" integrity="sha384-/weuqUPkC0P9JxnstihEV1GHdWrheU9Qo3MbdTuxxKJM8l/cSTE5zGP5VBIM4TZN"
crossorigin="anonymous"></script> crossorigin="anonymous"></script>
<script defer src="js/config.js"></script>
<script defer src="js/page.js"></script> <script defer src="js/page.js"></script>
<link rel="prefetch" href="js/worker.js" as="worker"> <link rel="prefetch" href="js/worker.js" as="worker">
<link rel="prefetch" href="sw.js" as="serviceworker"> <link rel="prefetch" href="sw.js" as="serviceworker">

11
src/main/resources/web/js/config.js Normal file
View File

@ -0,0 +1,11 @@
// See https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-spa-app-registration
// You'll need to add your URL to Azure as a Single Page Application
// Azure Client ID
const azureClientId = "a370fff9-7648-4dbf-b96e-2b4f8d539ac2";
const whitelistedOrigin = [
"https://via-login.geyserconnect.net",
"https://via.re.yt.nom.br",
"https://viaaas.noxt.cf"
];

7
src/main/resources/web/js/page.js
View File

@ -585,13 +585,6 @@ function loginMc(user, pass) {
$("#form_add_mc input").val(""); $("#form_add_mc input").val("");
} }
// https://docs.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-javascript-auth-code
const azureClientId = "a370fff9-7648-4dbf-b96e-2b4f8d539ac2";
const whitelistedOrigin = [
"https://via-login.geyserconnect.net",
"https://via.re.yt.nom.br",
"https://viaaas.noxt.cf"
];
const loginRequest = {scopes: ["XboxLive.signin"]}; const loginRequest = {scopes: ["XboxLive.signin"]};
let redirectUrl = "https://viaversion.github.io/VIAaaS/src/main/resources/web/"; let redirectUrl = "https://viaversion.github.io/VIAaaS/src/main/resources/web/";
if (location.hostname === "localhost" || whitelistedOrigin.includes(location.origin)) { if (location.hostname === "localhost" || whitelistedOrigin.includes(location.origin)) {

5
src/main/resources/web/sw.js
View File

@ -15,6 +15,7 @@ self.addEventListener("install", evt => {
}); });
self.addEventListener("fetch", evt => { self.addEventListener("fetch", evt => {
return; // todo fix
if (!shouldCache(evt.request.url) if (!shouldCache(evt.request.url)
|| evt.request.method != "GET") return; || evt.request.method != "GET") return;
evt.respondWith( evt.respondWith(
@ -33,8 +34,8 @@ function shouldCache(it) {
} }
function cache(urls) { function cache(urls) {
// todo fix return; // todo fix
//return caches.open(CACHE).then(cache => cache.addAll(urls.filter(shouldCache))); return caches.open(CACHE).then(cache => cache.addAll(urls.filter(shouldCache)));
} }
function fromNetwork(request) { function fromNetwork(request) {