- Remove mocks of InetAddress in favor of using real InetAddress instances. This fixes test issues under JDK 19, where InetAddress has been changed to a sealed class
This commit added a simple check that check spigot.yml -> settings.bungeecord status by using AuthMe built-in method bukkitService.isBungeeCordConfiguredForSpigot() and disable hook if it enabled and not behind an BungeeCord proxy.
Register plugin message channel without BungeeCord proxy will allow attacker send fake login payload to treat AuthMe login with Plugin Message for him and bypass the user login.
This commit also updated SettingsWarner for new behavior.
* If a player is not registered then we send a LOGIN plugin message on join
* Make looking up a profile optionally quiet
This prevents an issue where a forcedLogin of a player that doesn't exist occurring when an unregistered player switches a server. The first login would tell AuthBungee that the player is logged in, and subsequent switches would have AuthBungee send a performLogin back that would then send an unregistered player error message to the player.
Co-authored-by: bundabrg <bundabrg@grieve.com.au>
Co-authored-by: Gabriele C <sgdc3.mail@gmail.com>
* Update the GeoIp database download method [BREAKING]
Now GeoIp database updates require a ClientID and a LicenseKey, which can be obtained for free at https://www.maxmind.com/en/accounts/current/license-key
* Codestyle
* #1874 Introduce individual ConsoleLogger instance per class
- Create ConsoleLoggerFactory from which a separate logger can be created for each class
- Allows to support individual log level settings in the future
* Fix CodeStyle issue
* Replace full class name with import
* Update usages after merge from master
- List is read-only and can be easily "upcast" to Collection<Player>
- Remove awkward hack that was needed for mocking the method previously (issues with generics)
* Migrate to GEO IP 2, because support will drop in April
* Change all links of maxmind to https
* Update maxmind database dependency and add javatar to extract
the database from the tar archive
(now only a small difference in jar file size -> ~80KB smaller)
* Verify downloaded archive using MD5 (There are no other checksums available)
* Migrate to Java NIO instead of old java file I/O (Feedback?)
* Internal Optional usage for nullable values (Feedback?)
Minor:
* Schedule a Bukkit async task instead of creating a thread manually
* Validate ip input string
* Extract validation into single method
* Close all resources safely using try-resources
* More https links
* Add documentation
* Set the same last modification as in the tar archive
* Fix tests
* Comment how the legacy API responded to unknown entries
* Document missing function param
* Document our maxmind dependency modifications
* Include time unit into constant
* More logging for downloading the database
* Add missing return if the database cannot be found
* Delete temporarily file after working with it
- Overloaded method with (String, String...) as args was problematic as it could be confusing on its own and also confusing with the (CommandSender, String...) flavor
