From 14a5fe6d7264b4e40c9e0e30a4bc1a672483b079 Mon Sep 17 00:00:00 2001 From: James Quinley Date: Thu, 27 Apr 2023 19:23:36 -0700 Subject: [PATCH] This version is now on prod. -Removes Path features, will refuse to sync those to old clients, and it has been replaced with an error message -Path is removed from online api -Any sync writes that attempt to write path will be shown to complete but will not be saved to the account database. -IP addresses are not assumed, any client besides the web API not sending them will be given limited features, and some things like: Account Creation, Account Deletion, and Account Migration will be disabled until the user updates the client. --- .../Asecure/electronicMailHandler.java | 2 +- .../delegationServices.java | 34 ++++--------------- .../DelegationServices/localNet.java | 8 ++--- 3 files changed, 12 insertions(+), 32 deletions(-) diff --git a/src/main/java/com/jamesquinley/Asecure/electronicMailHandler.java b/src/main/java/com/jamesquinley/Asecure/electronicMailHandler.java index fd096b8..02eb34f 100644 --- a/src/main/java/com/jamesquinley/Asecure/electronicMailHandler.java +++ b/src/main/java/com/jamesquinley/Asecure/electronicMailHandler.java @@ -167,7 +167,7 @@ public class electronicMailHandler { message.setSubject("Obsidian Core Account Login Notice | " + Date); message.setText("Something seems fishy, a login was detected at a new location " + Adr +" "+ "(at " + dateFormat.format(dt) + " PST)" + ".\nIf this was you ignore this email, if it wasn't you, please contact us (Respond to this email).\n\n\n\n" + "\nThis email (" + receiverEmail + ") is linked to the Obsidian Core account: "+ User + " \nThese security emails can't be opted out of.\n\nThis was sent on behalf of Obsidian Core Studios by our super cool login robots.\n\n\n\n" + - "The MAC address used has been set as your account's default, as well as past logins ("+Adr + ")"); + "The IP address used has been set as your account's default, as well as past logins ("+Adr + ")"); Transport.send(message); System.out.println("Alert Sent"); diff --git a/src/main/java/com/jamesquinley/DelegationServices/delegationServices.java b/src/main/java/com/jamesquinley/DelegationServices/delegationServices.java index 4647c16..a54f84a 100644 --- a/src/main/java/com/jamesquinley/DelegationServices/delegationServices.java +++ b/src/main/java/com/jamesquinley/DelegationServices/delegationServices.java @@ -257,7 +257,6 @@ public class delegationServices { Document accountServer; String Token; String Fname; - String Path; String UserName; String Email; try { @@ -268,7 +267,6 @@ public class delegationServices { Token = (String) accountServer.get("Token"); Fname = (String) accountServer.get("FName"); - Path = (String) accountServer.get("Path"); Email = (String) accountServer.get("Email"); UserName = (String) accountServer.get("User"); BasicDBObject searchQuery = new BasicDBObject(); @@ -287,7 +285,7 @@ public class delegationServices { updateQuery2.append("$set", new BasicDBObject().append("Fname", Fname)); updateQuery3.append("$set", - new BasicDBObject().append("Path", Path)); + new BasicDBObject().append("Path", "Path has been removed from the service, please update to remove this message.")); updateQuery4.append("$set", new BasicDBObject().append("User", UserName)); updateQuery7.append("$set", @@ -358,7 +356,6 @@ public class delegationServices { Document accountServer; String Token; String Fname; - String Path; String UserName; try { accountServer = accountS.find(eq("Token", CTOKEN)).first(); @@ -367,7 +364,6 @@ public class delegationServices { if (accountServer.get("Status").equals(true)) { if (Token.equals(CTOKEN)) { Token = (String) Lrequest.get("Token"); - Path = (String) Lrequest.get("Path"); System.out.println("Got info."); BasicDBObject searchQuery = new BasicDBObject(); searchQuery.append("Token", Token); @@ -380,7 +376,7 @@ public class delegationServices { updateQuery.append("$set", new BasicDBObject().append("type", 12)); updateQuery3.append("$set", - new BasicDBObject().append("Path", Path)); + new BasicDBObject().append("DummyWriteSyncData", "1")); updateQuery6.append("$set", new BasicDBObject().append("status", true)); dCollection.updateOne(SqS, updateQuery); @@ -459,7 +455,6 @@ public class delegationServices { String Password; String Token; String Fname; - String Path; String UserName; String Email; String keychainUUID; @@ -533,7 +528,6 @@ public class delegationServices { System.out.println("R3c"); Token = (String) accountServer.get("Token"); Fname = (String) accountServer.get("FName"); - Path = (String) accountServer.get("Path"); Email = (String) accountServer.get("Email"); UserName = (String) accountServer.get("User"); lastNet = (String) accountServer.get("lastNet"); @@ -560,7 +554,7 @@ public class delegationServices { updateQuery2.append("$set", new BasicDBObject().append("Fname", Fname)); updateQuery3.append("$set", - new BasicDBObject().append("Path", Path)); + new BasicDBObject().append("Path", "Path has been removed from the service, please update to remove this message.")); updateQuery4.append("$set", new BasicDBObject().append("User", UserName)); updateQuery5.append("$set", @@ -814,7 +808,6 @@ public class delegationServices { String TKN; String Password; String Fname; - String Path; String UserName; String Email; String keychainUUID; @@ -827,7 +820,6 @@ public class delegationServices { TKN = (String) accountServer.get("Token"); Password = (String) accountServer.get("Password"); Fname = (String) accountServer.get("FName"); - Path = (String) accountServer.get("Path"); Email = (String) accountServer.get("Email"); UserName = (String) accountServer.get("User"); lastNet = (String) accountServer.get("lastNet"); @@ -849,7 +841,7 @@ public class delegationServices { updateQuery2.append("$set", new BasicDBObject().append("Fname", Fname)); updateQuery3.append("$set", - new BasicDBObject().append("Path", Path)); + new BasicDBObject().append("Path", "Path has been removed from the service, please update to remove this message.")); updateQuery4.append("$set", new BasicDBObject().append("User", UserName)); updateQuery7.append("$set", @@ -962,7 +954,6 @@ public class delegationServices { String TKN; String Password; String Fname; - String Path; String UserName; String Email; String Uid; @@ -978,7 +969,6 @@ public class delegationServices { TKN = (String) accountServer.get("Token"); Password = (String) accountServer.get("Password"); Fname = (String) accountServer.get("FName"); - Path = (String) accountServer.get("Path"); Email = (String) accountServer.get("Email"); // Uid = (String) accountServer.get("Uid"); UserName = (String) accountServer.get("User"); @@ -1008,7 +998,7 @@ public class delegationServices { updateQuery2.append("$set", new BasicDBObject().append("Fname", Fname)); updateQuery3.append("$set", - new BasicDBObject().append("Path", Path)); + new BasicDBObject().append("Path", "API_DENY_PATHFETCH")); updateQuery4.append("$set", new BasicDBObject().append("User", UserName)); updateQuery5.append("$set", @@ -1230,7 +1220,6 @@ public class delegationServices { createForm.append("Email", Email); createForm.append("FName", FName); createForm.append("Entitlements", "NA"); - createForm.append("Path", "C:\\ObsidianCoreStudios\\Application\\"); createForm.append("Freinds", " "); createForm.append("Token", Token); createForm.append("UUID", UUID); @@ -1349,7 +1338,6 @@ public class delegationServices { createForm.append("Password", Password); createForm.append("FName", FName); createForm.append("Entitlements", "NA"); - createForm.append("Path", "C:\\ObsidianCoreStudios\\Launcher\\AOTSK\\"); createForm.append("Token", Token); createForm.append("Control", 1); accountS.insertOne(createForm); @@ -1938,7 +1926,7 @@ public class delegationServices { Object objid = Lrequest.get("_id"); System.out.println(objid); Document accountServer; - String Password; String Token;String Fname; String Path; String UserName; String Email; String keychainUUID; Boolean accountKeyStatus = false; + String Password; String Token;String Fname; String UserName; String Email; String keychainUUID; Boolean accountKeyStatus = false; try { accountServer = accountS.find(eq("User", username)).first(); Password = (String) accountServer.get("Password"); @@ -2008,7 +1996,6 @@ public class delegationServices { System.out.println("R3c"); Token = (String) accountServer.get("Token"); Fname = (String) accountServer.get("FName"); - Path = (String) accountServer.get("Path"); Email = (String) accountServer.get("Email"); UserName = (String) accountServer.get("User"); lastNet = (String) accountServer.get("lastNet"); @@ -2035,7 +2022,7 @@ public class delegationServices { updateQuery2.append("$set", new BasicDBObject().append("Fname", Fname)); updateQuery3.append("$set", - new BasicDBObject().append("Path", Path)); + new BasicDBObject().append("Path", "Path has been removed from the service, please update to remove this message.")); updateQuery4.append("$set", new BasicDBObject().append("User", UserName)); updateQuery7.append("$set", @@ -2124,7 +2111,6 @@ public class delegationServices { String TKN; String Password; String Fname; - String Path; String UserName; String Email; String keychainUUID; @@ -2139,7 +2125,6 @@ public class delegationServices { TKN = (String) accountServer.get("Token"); Password = (String) accountServer.get("Password"); Fname = (String) accountServer.get("FName"); - Path = (String) accountServer.get("Path"); Email = (String) accountServer.get("Email"); UserName = (String) accountServer.get("User"); validSession = (String) accountServer.get("session"); @@ -2149,7 +2134,6 @@ public class delegationServices { BasicDBObject updateQuery = new BasicDBObject(); BasicDBObject updateQuery2 = new BasicDBObject(); - BasicDBObject updateQuery3 = new BasicDBObject(); BasicDBObject updateQuery4 = new BasicDBObject(); BasicDBObject updateQuery6 = new BasicDBObject(); BasicDBObject updateQuery7 = new BasicDBObject(); @@ -2159,8 +2143,6 @@ public class delegationServices { new BasicDBObject().append("type", 8)); updateQuery2.append("$set", new BasicDBObject().append("Fname", Fname)); - updateQuery3.append("$set", - new BasicDBObject().append("Path", Path)); updateQuery4.append("$set", new BasicDBObject().append("User", UserName)); updateQuery7.append("$set", @@ -2175,7 +2157,6 @@ public class delegationServices { dCollection.updateOne(searchQuery, updateQuery8); dCollection.updateOne(searchQuery, updateQuery); dCollection.updateOne(searchQuery, updateQuery2); - dCollection.updateOne(searchQuery, updateQuery3); dCollection.updateOne(searchQuery, updateQuery4); dCollection.updateOne(searchQuery, updateQuery8); dCollection.updateOne(searchQuery, updateQuery7); @@ -2259,7 +2240,6 @@ public class delegationServices { String TKN; String Password; String Fname; - String Path; String UserName; String Email; String keychainUUID; diff --git a/src/main/java/com/jamesquinley/DelegationServices/localNet.java b/src/main/java/com/jamesquinley/DelegationServices/localNet.java index 5651c34..0d595f8 100644 --- a/src/main/java/com/jamesquinley/DelegationServices/localNet.java +++ b/src/main/java/com/jamesquinley/DelegationServices/localNet.java @@ -7,20 +7,20 @@ import com.mongodb.BasicDBObject; import static com.jamesquinley.DelegationServices.delegationServices.accountS; public class localNet { - public static void macRead (String NewMac, String OldMac, String email, String UName, String Token) + public static void macRead (String NewIp, String OldIp, String email, String UName, String Token) { - if (OldMac.contains(NewMac)) + if (OldIp.contains(NewIp)) { System.out.println("User Logged In From A Known Computer, not sending email"); } else { System.out.println("Hey this user Logged In From A new Location, dispatching email!"); - secureCalls.locationBasedEmail(email,UName,NewMac, OldMac); + secureCalls.locationBasedEmail(email,UName,NewIp, OldIp); System.out.println("Switching Trusted Net To New Local"); BasicDBObject searchQuery = new BasicDBObject(); searchQuery.append("Token", Token); BasicDBObject updateQuery = new BasicDBObject(); - updateQuery.append("$set", new BasicDBObject().append("lastNet", OldMac +" "+ NewMac)); + updateQuery.append("$set", new BasicDBObject().append("lastNet", OldIp +" "+ NewIp)); accountS.updateOne(searchQuery, updateQuery); } }