search

unmojang / drasl

Yggdrasil-compatible API server for Minecraft
GNU General Public License v3.0
102 stars 17 forks source link

can't login to server using ely.by account #109

Open techexplorers123 opened 3 days ago

techexplorers123 commented 3 days ago

sorry if this is the wrong place to post. i can't login with ely.by account from my client. It says "Connection Lost. Invalid signature for profile public key. Try restarting your game." i used the links provided here for the api for the ely.by, and tooke the example from the page. I've noticed that the drasl when starting up complains about not being able to fech the public keys from the api. 2024/10/22 15:37:48 Request to fallback API server at https://account.ely.by/api/authlib-injector/minecraftservices/publickeys resulted in status code 404 i can login using mojang though i use docker to host the instance, and use apache server as reverse proxy here is my config

# Drasl default config file
# changed some parts to not reveal my server info
# Example: drasl.example.com
Domain = "auth.xxxx.in"

# Example: https://drasl.example.com
BaseURL = "https://auth.xxxx.in"

# List of usernames who automatically become admins of the Drasl instance
DefaultAdmins = ["admin"]
ForwardSkins = true
AllowChangingPlayerName = true
SignPublicKeys=false
[RegistrationNewPlayer]
Allow = true
AllowChoosingUUID = true
RequireInvite = true

[RegistrationExistingPlayer]
  Allow = true
  Nickname = "Mojang"
  SessionURL = "https://sessionserver.mojang.com"
  AccountURL = "https://api.mojang.com"
  SetSkinURL = "https://www.minecraft.net/msaprofile/mygames/editskin"
  RequireSkinVerification = true
  RequireInvite = true

[[FallbackAPIServers]]
  Nickname = "Ely.by"
  SessionURL = "https://account.ely.by/api/authlib-injector/sessionserver"
  AccountURL = "https://account.ely.by/api"
  ServicesURL = "https://account.ely.by/api/authlib-injector/minecraftservices"
  SkinDomains = ["ely.by", ".ely.by"]
  CacheTTLSeconds = 60

[[FallbackAPIServers]]
  Nickname = "Mojang"
  SessionURL = "https://sessionserver.mojang.com"
  AccountURL = "https://api.mojang.com"
  ServicesURL = "https://api.minecraftservices.com"
  SkinDomains = ["textures.minecraft.net"]
  CacheTTLSeconds = 60

DenyUnknownUsers = true

thanks for the help

evan-goode commented 1 day ago

Thanks, this is valid. I guess using Ely.by as a fallback API server hasn't worked since 1.19? The issue as I understand it is:

  1. Ely.by authlib-injector client does not fetch player certificates from Ely.by because Ely.by does not set feature.enable_profile_key here
  2. Ely.by authlib-injector client instead creates a dummy publicKeySignature/publicKeySignatureV2, AA== and sends that to the Minecraft server in the LoginHelloC2S packet
  3. The Minecraft server sees the invalid signature and disconnects the client: even though enforce-secure-profile=false is set, the server still checks the validity of publicKeySignature if the client provides a non-empty one.

I think using authlib-injector on the server too might be a workaround here, but when I tested that, it worked with Ely.by clients but not Mojang non-authlib-injector clients. I didn't look into it very far.

I filed https://github.com/yushijinhun/authlib-injector/pull/266 which should fix this by sending an empty publicKeySignature instead of a malformed one.