Inactive [ADMN/SEC/GEN] OpenAuth 1.1 - Extensible administration and security [1.4.6R0.1]

OpenAuth, an extremely extensible and somewhat fun server administration and security plugin.
Version: 1.1

OpenAuth is a security and server administration tool written to help protect against player impersonation and keep servers secure. Over time, it has grown exponentially from its original purpose into a larger suite of tools that make administration interesting. All documentation for configuring the plugin is written in the header of the config.yml that will be generated on first run.

Features:

• Action sticks.
• Password protected logins.
• Full permissions support.
• Mildly simplistic command structure.
• Mixin and action loading system.
• (Almost completed) localisation support.
• Password complexity enforcement.
• Gamemode policy enforcement.
• Abstracted session per-user.
• User session expiration and user IP checks between logins.

Actions (with dev. info):

Actions are my idea of doing things with a wand-like item. A list of provided actions can be retrieved through /oa action list, and any of the actions listed can be applied with /oa action set <action>.

The actions API is pretty easy to use, and there are several ways to register actions for use in the plugin.
Action implementation, information, and documentation can be found on
Diffusion.
First way is to create a whole new plugin with a collection of actions that are registered through the Actions enum:

Code:

  import me.maiome.openauth.actions.*;
  ...
  Actions.registerAction(Class<T implements IAction> clazz);

Second way is to get a compiled version of OA, add it to your classpath, and compile single class files that implement the IAction interface.

Here's an example: Paste 62: TestStick.java.

After the class file is compiled, those will be placed in plugins/OpenAuth/actions/ in your CraftBukkit files and the plugin will load them automatically on startup.

Mixins (with dev. info):

Mixins are my quick little ways to add small features to the existing feature set (in this case, OpenAuth). There is next to no limitation on what can be done from within a mixin, which leads to a few security implications (eg., watch what mixins you install, make sure the place you're getting them from is legitimate, etc). Any mixins you download from my continuous integration server will be 100% non-malicious, so you always know that those are safe to use.

Now, a little dev. info on the mixins and their API. Mixins are here to inject additional code into an already existing framework with minimal setup so that the development experience is a little friendlier. These small pieces of code were not designed for hardcore expansion, so the structure has to be kept small (as in, you write one class and that is all you get, you may not use inner/anonymous classes).

Example of a mixin registering itself with OA's command handler: Mixin: Peek.java
Example of a mixin registering itself with CB as an event listener: Mixin: Smelter.java

To create a mixin, you must create a class that implements the IMixin interface and compile it with the following javac command (also, make sure to add anything else you may need to your classpath, also make sure you're compiling against the latest OpenAuth build):

Code:

javac -Xlint:deprecation -g -cp inc/bukkit.jar:inc/craftbukkit.jar:inc/worldedit.jar:OpenAuth.jar mixin/*.java

To install a mixin, place the .class file into plugins/OpenAuth/mixins/ in your CraftBukkit server directory.

Downloads and Details:
Latest at CI: Latest
Promoted/Stable Builds: Stable
Source Code: Github
Wiki: Phriction for OpenAuth
Project Info, Collaboration, Bug/Todo/Request Filing: Phabricator

Reporting Bugs, Filing a Todo/Request:

For bug reporting, I prefer that Phabricator be used, but Github would be fine as well. To file a report on Phabricator, sign in with either your Github or Facebook account and go to Maniphest, create a new task, assign it to the OpenAuth project, and assign the task to pirogoeth. And if you would like to be notified of replies, make sure that you are CC'd.

Basically the same as above goes for filing a todo/request.

Changelog:
Version 1.1:

• Password complexity.
• Mixin + action loading system.
• Gamemode policy system.
• Switch storage to SQLite instead of YAML config storage.
• Migrated to dm for building and such.
• JSONAPI support and whitelist handling methods.
• Etc..

Version 1.0:

• Initial release.

Coming Soon:

• Easier OA internal reload (T70)

Credits:
Pr0Failure for all his continued help across all my projects <3