RBLXDSS-1: Possible Support for ApiKey Authentication

[jf-06]

With the light of OpenCloud, comes more and more services for tasks that could've been done before, but at the root level.

Right now you can do authentication with a ASP.NET Forms Cookie which is dangerous as it gives root level access to your Roblox user with no restrictions.

What this issue aims to enact is to support authentication via ApiKeys within the new OpenCloud DataStores Service (gamepersistence-service-bedev2).

It should be implemented by determining if the given string on AuthenticationHelper is actually a forms cookie or an apiKey format. If it's an apiKey then we can't really check universe ownership (yet) so you'll have to ensure you have permissions to the universe you are trying to access as the methods will just throw. If we are using OpenCloud authentication, GlobalDataStore and DataStore2 will swap data providers to the OpenCloudProvider while still attempting to ensure data integrity and contract behaviour.

This change will also come fourth to the newest feature set to be added which is to drastically improve the code readability and self documentation.

More to come!

[jf-06]

i dont see a point for adding ApiKey Authentication feature as new roblox ip restriction aims to secure the account itself

from unauthorized ip.

https://devforum.roblox.com/t/ip-changes-invalidate-cookie

That's another reason why apiKey authentication is a good idea, because of Forms Cookie invalidation when you change region.

[OscarWoHA]

@nkpetko Could the reason I'm seeing this error using the OrderedDataStore functionality be that something changed in Roblox' APIs recently?

(node:29355) UnhandledPromiseRejectionWarning: 502: API Services rejected request with error. Error code: 0 Reason: The requested resource does not support http method 'POST'.

const dataStore = DataStoreService.GetOrderedDataStore("Redacted");

const data = await dataStore.GetSortedAsync(true, 10);

console.log(data);

[jf-06]

@OscarWoHA strange, I'll look into it now.

[jf-06]

@OscarWoHA I see what they did, they changed it to only support GET, I will try to implement a fix.

[OscarWoHA]

@OscarWoHA I see what they did, they changed it to only support GET, I will try to implement a fix.

Amazing! Thank you for the great work.

[jf-06]

@OscarWoHA I see what they did, they changed it to only support GET, I will try to implement a fix.

Amazing! Thank you for the great work.

9a5d6e0 should be the fix.

Please install this via:

$ npm install @mfd/[email protected] ––save

[OscarWoHA]

@nkpetko Facing a new issue. Seems like the response now returns with Value and Target as lowercase therefore triggering an "MALFORMED_RESPONSE" error, example response:

[
  { target: '684710155', value: 1, usn: '1' },
  { target: '1786643312', value: 1, usn: '1' }
]

https://github.com/nkpetko/RbxDataStoreService/blob/9a5d6e099b1cdd7aa21695fd98c22bacd66f5668/Source/Classes/DataStorePages.ts#L85

[jf-06]

@nkpetko Facing a new issue. Seems like the response now returns with Value and Target as lowercase therefore triggering an "MALFORMED_RESPONSE" error, example response:

[
  { target: '684710155', value: 1, usn: '1' },
  { target: '1786643312', value: 1, usn: '1' }
]

https://github.com/nkpetko/RbxDataStoreService/blob/9a5d6e099b1cdd7aa21695fd98c22bacd66f5668/Source/Classes/DataStorePages.ts#L85

Maybe 603e974 fixes this?

Install it with:

$ npm install @mfd/[email protected] ––save

(clear npm cache if you can't)

[jf-06]

@OscarWoHA did this end up fixing your issue?

[OscarWoHA]

@nkpetko Yep! Thanks a lot.