From c2cd3865a77b00c88f1834c5b037c567867f3ca6 Mon Sep 17 00:00:00 2001
From: Joseph Hirschfeld <joe@ibj.io>
Date: Wed, 2 Mar 2016 16:31:11 -0500
Subject: [PATCH] Add time validation each time the plugin starts

---
 pom.xml                                       |  2 +-
 .../mcauthenticator/MCAuthenticator.java      | 41 +++++++++++++++++++
 2 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index a9aecb1..565ce09 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
 
     <groupId>com.aaomidi.mcauthenticator</groupId>
     <artifactId>MCAuthenticator</artifactId>
-    <version>1.0.2-SNAPSHOT</version>
+    <version>1.0.2</version>
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
diff --git a/src/main/java/com/aaomidi/mcauthenticator/MCAuthenticator.java b/src/main/java/com/aaomidi/mcauthenticator/MCAuthenticator.java
index 114463d..66164fc 100644
--- a/src/main/java/com/aaomidi/mcauthenticator/MCAuthenticator.java
+++ b/src/main/java/com/aaomidi/mcauthenticator/MCAuthenticator.java
@@ -18,9 +18,16 @@
 
 import java.io.File;
 import java.io.IOException;
+import java.io.InputStream;
 import java.net.ConnectException;
+import java.net.HttpURLConnection;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.nio.charset.Charset;
 import java.sql.SQLException;
 import java.sql.SQLTimeoutException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
 import java.util.logging.Level;
 
 /**
@@ -57,6 +64,40 @@ public void onEnable() {
 
         this.configurationFile = new File(getDataFolder(), "config.yml");
         reload();
+
+        validateServerTime();
+    }
+
+    private void validateServerTime() {
+        // Since 1.0.2
+        try {
+            String TIME_SERVER = "http://icanhazepoch.com";
+            HttpURLConnection timeCheckQuery =
+                    (HttpURLConnection) new URL(TIME_SERVER).openConnection();
+            timeCheckQuery.connect();
+            int responseCode = timeCheckQuery.getResponseCode();
+            if (responseCode != 200) {
+                getLogger().info("Could not validate the server's time! Ensure" +
+                        " that the server's time is within specification!");
+                return;
+            }
+            byte[] response = new byte[1024]; // Response should never be over 1kB
+            InputStream inputStream = timeCheckQuery.getInputStream();
+            int len = inputStream.read(response);
+            String rsp = new String(response, 0, len, Charset.defaultCharset()).trim();
+            Long unixSeconds = Long.parseLong(rsp);
+            long myUnixSeconds = (System.currentTimeMillis() / 1000);
+            int diff = (int) (unixSeconds - myUnixSeconds);
+            if (Math.abs(diff) > 30) {
+                getLogger().severe("Your server's Unix time is off by "
+                        + Math.abs(diff) + " seconds! 2FA may not work! Please "
+                        + "correct this to make sure 2FA works.");
+            }
+        } catch (IOException | NumberFormatException e) {
+            getLogger().log(Level.WARNING, "Was not able to validate the server's" +
+                    " Unix time against an external service: Please ensure your" +
+                    " server's time is set correctly or 2FA may not operate right.", e);
+        }
     }
 
     private void registerEvent(Listener listener) {