Auth Server Use Case: Registring a server

From Peragro Tempus Wiki

Contents 1 Precondition 2 Main Flow 3 Alternative Flows 3.1 Server not reachable 4 Open questions 4.1 How does the game server know which user may register it? 5 Security considerations 5.1 Password exposure 6 Network Messages 6.1 Main Flow 7 Test Cases 7.1 Main flow test 7.2 Invalid server address

Precondition

• Client must be logged in.

Main Flow

1. Client sends a register request to auth server
2. Auth server sends a register request with a server id to the game server
3. Game server response with a randomly generated password
4. Auth server creates a server account with the id and password
5. Auth server sends response to client and game server.

Now the game server can be configured, the game server account is owned by its creator.

Alternative Flows

Server not reachable

1. Client sends a register request to auth server
2. Auth server sends a register request with a server id to the game server
3. Auth server sends error message to client

Open questions

How does the game server know which user may register it?

//TODO

Security considerations

Password exposure

The password exchange between auth server and game server can be intercepted.

Network Messages

Main Flow

• Step 1: RegisterServerRequestMessage
• Step 2: ServerAccountRegistrationRequestMessage
• Step 3: ServerAccountRegistrationResponseMessage
• Step 5: RegisterResponseMessage

Test Cases

Main flow test

Client sends a RegisterServerRequestMessage with valid server address

Expected result

Auth server gets added to the list

Invalid server address

Client sends a RegisterServerRequestMessage with a wrong server address

Expected result

Auth server sends error message to client.