adb: add configurable auth id lifetime

2023-11-30 18:22:01 -05:00 · 2023-11-30 18:22:01 -05:00 · ed2d306dee
commit ed2d306dee
parent ffc0f2fa5e
4 changed files with 11 additions and 4 deletions
--- a/core/aimedb.py
+++ b/core/aimedb.py
@ -182,7 +182,7 @@ class AimedbProtocol(Protocol):
        )

        if user_id and user_id > 0 and self.config.aimedb.id_secret:
-            auth_key = create_sega_auth_key(user_id, req.head.game_id, req.head.store_id, req.head.keychip_id, self.config.aimedb.id_secret)
+            auth_key = create_sega_auth_key(user_id, req.head.game_id, req.head.store_id, req.head.keychip_id, self.config.aimedb.id_secret, self.config.aimedb.id_lifetime_seconds)
            if auth_key is not None:
                auth_key_extra_len = 256 - len(auth_key)
                auth_key_full = auth_key.encode() + (b"\0" * auth_key_extra_len)
@ -254,7 +254,7 @@ class AimedbProtocol(Protocol):
        resp = ADBFelicaLookup2Response.from_req(req.head, user_id, access_code)

        if user_id and user_id > 0 and self.config.aimedb.id_secret:
-            auth_key = create_sega_auth_key(user_id, req.head.game_id, req.head.store_id, req.head.keychip_id, self.config.aimedb.id_secret)
+            auth_key = create_sega_auth_key(user_id, req.head.game_id, req.head.store_id, req.head.keychip_id, self.config.aimedb.id_secret, self.config.aimedb.id_lifetime_seconds)
            if auth_key is not None:
                auth_key_extra_len = 256 - len(auth_key)
                auth_key_full = auth_key.encode() + (b"\0" * auth_key_extra_len)
--- a/core/config.py
+++ b/core/config.py
@ -320,6 +320,12 @@ class AimedbConfig:
            self.__config, "core", "aimedb", "id_secret", default=""
        )

+    @property
+    def id_lifetime_seconds(self) -> int:
+        return CoreConfig.get_config_field(
+            self.__config, "core", "aimedb", "id_lifetime_seconds", default=86400
+        )
+

 class MuchaConfig:
    def __init__(self, parent_config: "CoreConfig") -> None:
--- a/core/utils.py
+++ b/core/utils.py
@ -64,10 +64,10 @@ class Utils:
        
        return cls.real_title_port_ssl

-def create_sega_auth_key(aime_id: int, game: str, place_id: int, keychip_id: str, b64_secret: str, err_logger: str = 'aimedb') -> Optional[str]:
+def create_sega_auth_key(aime_id: int, game: str, place_id: int, keychip_id: str, b64_secret: str, exp_seconds: int = 86400, err_logger: str = 'aimedb') -> Optional[str]:
    logger = logging.getLogger(err_logger)
    try:
-        return jwt.encode({ "aime_id": aime_id, "game": game, "place_id": place_id, "keychip_id": keychip_id, "exp": int(datetime.now(tz=timezone.utc).timestamp()) + 86400 }, b64decode(b64_secret), algorithm="HS256")
+        return jwt.encode({ "aime_id": aime_id, "game": game, "place_id": place_id, "keychip_id": keychip_id, "exp": int(datetime.now(tz=timezone.utc).timestamp()) + exp_seconds }, b64decode(b64_secret), algorithm="HS256")
    except jwt.InvalidKeyError:
        logger.error("Failed to encode Sega Auth Key because the secret is invalid!")
        return None
--- a/example_config/core.yaml
+++ b/example_config/core.yaml
@ -57,6 +57,7 @@ aimedb:
  port: 22345
  key: ""
  id_secret: ""
+  id_lifetime_seconds: 86400

 mucha:
  enable: False