Store reusable credentials and login with those

Author: devgianlu

.gitignore

@@ -3,6 +3,7 @@ out/
 target/
 *iml
 config.toml
+credentials.json
 /cache/
 .settings/
 .project

api/src/main/java/xyz/gianlu/librespot/api/Main.java

@@ -21,7 +21,7 @@ public static void main(String[] args) throws IOException, MercuryClient.Mercury
         LogManager.getRootLogger().setLevel(conf.loggingLevel());
 
         SessionWrapper wrapper;
-        if (conf.authStrategy() == AuthConfiguration.Strategy.ZEROCONF)
+        if (conf.authStrategy() == AuthConfiguration.Strategy.ZEROCONF && !conf.hasStoredCredentials())
             wrapper = SessionWrapper.fromZeroconf(ZeroconfServer.create(conf));
         else
             wrapper = SessionWrapper.fromSession(new Session.Builder(conf).create());

common/src/main/java/xyz/gianlu/librespot/common/Utils.java

@@ -20,10 +20,7 @@
 import java.nio.ByteBuffer;
 import java.security.Permission;
 import java.security.PermissionCollection;
-import java.util.Arrays;
-import java.util.List;
-import java.util.Map;
-import java.util.Random;
+import java.util.*;
 
 /**
  * @author Gianlu
@@ -285,4 +282,14 @@ public static String mixersToString(List<Mixer> list) {
 
         return builder.toString();
     }
+
+    @NotNull
+    public static String toBase64(@NotNull ByteString bytes) {
+        return Base64.getEncoder().encodeToString(bytes.toByteArray());
+    }
+
+    @NotNull
+    public static ByteString fromBase64(@NotNull String str) {
+        return ByteString.copyFrom(Base64.getDecoder().decode(str.getBytes()));
+    }
 }

core/src/main/java/xyz/gianlu/librespot/FileConfiguration.java

@@ -346,6 +346,18 @@ public Strategy authStrategy() {
         return config.getEnum("auth.strategy", Strategy.class);
     }
 
+    @Override
+    public boolean storeCredentials() {
+        return config.get("auth.storeCredentials");
+    }
+
+    @Override
+    public @Nullable File credentialsFile() {
+        String path = config.get("auth.credentialsFile");
+        if (path == null || path.isEmpty()) return null;
+        return new File(path);
+    }
+
     @Override
     public boolean zeroconfListenAll() {
         return config.get("zeroconf.listenAll");

core/src/main/java/xyz/gianlu/librespot/Main.java

@@ -17,7 +17,7 @@ public class Main {
     public static void main(String[] args) throws IOException, GeneralSecurityException, Session.SpotifyAuthenticationException, MercuryClient.MercuryException {
         AbsConfiguration conf = new FileConfiguration(args);
         LogManager.getRootLogger().setLevel(conf.loggingLevel());
-        if (conf.authStrategy() == AuthConfiguration.Strategy.ZEROCONF) {
+        if (conf.authStrategy() == AuthConfiguration.Strategy.ZEROCONF && !conf.hasStoredCredentials()) {
             ZeroconfServer server = ZeroconfServer.create(conf);
             Runtime.getRuntime().addShutdownHook(new Thread(() -> {
                 try {

core/src/main/java/xyz/gianlu/librespot/core/AuthConfiguration.java

@@ -3,6 +3,8 @@
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 
+import java.io.File;
+
 /**
  * @author Gianlu
  */
@@ -19,6 +21,16 @@ public interface AuthConfiguration {
     @NotNull
     Strategy authStrategy();
 
+    boolean storeCredentials();
+
+    @Nullable
+    File credentialsFile();
+
+    default boolean hasStoredCredentials() {
+        File file = credentialsFile();
+        return storeCredentials() && file != null && file.exists() && file.canRead();
+    }
+
     enum Strategy {
         FACEBOOK, BLOB,
         USER_PASS, ZEROCONF

core/src/main/java/xyz/gianlu/librespot/core/Session.java

@@ -1,5 +1,7 @@
 package xyz.gianlu.librespot.core;
 
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
 import com.google.protobuf.ByteString;
 import com.spotify.Authentication;
 import com.spotify.Keyexchange;
@@ -353,6 +355,22 @@ private void authenticatePartial(@NotNull Authentication.LoginCredentials creden
                     authLock.notifyAll();
                 }
             }
+
+            if (conf().storeCredentials()) {
+                ByteString reusable = apWelcome.getReusableAuthCredentials();
+                Authentication.AuthenticationType reusableType = apWelcome.getReusableAuthCredentialsType();
+
+                JsonObject obj = new JsonObject();
+                obj.addProperty("username", apWelcome.getCanonicalUsername());
+                obj.addProperty("credentials", Utils.toBase64(reusable));
+                obj.addProperty("type", reusableType.name());
+
+                File storeFile = conf().credentialsFile();
+                if (storeFile == null) throw new IllegalArgumentException();
+                try (FileOutputStream out = new FileOutputStream(storeFile)) {
+                    out.write(obj.toString().getBytes());
+                }
+            }
         } else if (packet.is(Packet.Type.AuthFailure)) {
             throw new SpotifyAuthenticationException(Keyexchange.APLoginFailed.parseFrom(packet.payload));
         } else {
@@ -773,33 +791,41 @@ public Builder userPass(@NotNull String username, @NotNull String password) {
          */
         @NotNull
         public Session create() throws IOException, GeneralSecurityException, SpotifyAuthenticationException, MercuryClient.MercuryException {
+            if (authConf.storeCredentials()) {
+                File storeFile = authConf.credentialsFile();
+                if (storeFile != null && storeFile.exists()) {
+                    JsonObject obj = JsonParser.parseReader(new FileReader(storeFile)).getAsJsonObject();
+                    loginCredentials = Authentication.LoginCredentials.newBuilder()
+                            .setTyp(Authentication.AuthenticationType.valueOf(obj.get("type").getAsString()))
+                            .setUsername(obj.get("username").getAsString())
+                            .setAuthData(Utils.fromBase64(obj.get("credentials").getAsString()))
+                            .build();
+                }
+            }
+
             if (loginCredentials == null) {
-                if (authConf != null) {
-                    String blob = authConf.authBlob();
-                    String username = authConf.authUsername();
-                    String password = authConf.authPassword();
-
-                    switch (authConf.authStrategy()) {
-                        case FACEBOOK:
-                            facebook();
-                            break;
-                        case BLOB:
-                            if (username == null) throw new IllegalArgumentException("Missing authUsername!");
-                            if (blob == null) throw new IllegalArgumentException("Missing authBlob!");
-                            blob(username, Base64.getDecoder().decode(blob));
-                            break;
-                        case USER_PASS:
-                            if (username == null) throw new IllegalArgumentException("Missing authUsername!");
-                            if (password == null) throw new IllegalArgumentException("Missing authPassword!");
-                            userPass(username, password);
-                            break;
-                        case ZEROCONF:
-                            throw new IllegalStateException("Cannot handle ZEROCONF! Use ZeroconfServer.");
-                        default:
-                            throw new IllegalStateException("Unknown auth authStrategy: " + authConf.authStrategy());
-                    }
-                } else {
-                    throw new IllegalStateException("Missing credentials!");
+                String blob = authConf.authBlob();
+                String username = authConf.authUsername();
+                String password = authConf.authPassword();
+
+                switch (authConf.authStrategy()) {
+                    case FACEBOOK:
+                        facebook();
+                        break;
+                    case BLOB:
+                        if (username == null) throw new IllegalArgumentException("Missing authUsername!");
+                        if (blob == null) throw new IllegalArgumentException("Missing authBlob!");
+                        blob(username, Base64.getDecoder().decode(blob));
+                        break;
+                    case USER_PASS:
+                        if (username == null) throw new IllegalArgumentException("Missing authUsername!");
+                        if (password == null) throw new IllegalArgumentException("Missing authPassword!");
+                        userPass(username, password);
+                        break;
+                    case ZEROCONF:
+                        throw new IllegalStateException("Cannot handle ZEROCONF! Use ZeroconfServer.");
+                    default:
+                        throw new IllegalStateException("Unknown auth authStrategy: " + authConf.authStrategy());
                 }
             }
 

core/src/main/resources/default.toml

@@ -8,6 +8,8 @@ strategy = "ZEROCONF" # Strategy (USER_PASS, ZEROCONF, BLOB, FACEBOOK)
 username = "" # Spotify username (BLOB, USER_PASS only)
 password = "" # Spotify password (USER_PASS only)
 blob = "" # Spotify authentication blob (BLOB only)
+storeCredentials = false # Whether to store reusable credentials on disk (not a plain password)
+credentialsFile = "" # Credentials file (JSON)
 
 [zeroconf] ### Zeroconf ###
 listenPort = -1 # Listen on this port (`-1` for random)