Openra: Authentication

We could have statistics like matches won/lost once this is done.

I suggest to collaborate with http://cncnet.org/ on that one to bring the communities together. @hifi what is your opinion?

You can find a bit-rotted work-in-progress login screen at https://github.com/TM-PD/FirstDance/commit/6e5d66679f1fc399a07e41fc31637e2a2e92fcf3

login entering server? this issue can be also related: #2290

Suggest to do this with IRC instead. #2088

http://www.playgrid.com may be an alternative if we want to go with a professional backend. However @PlayGrid is built for proprietary games and relies on keeping API keys secret etc.

Seeing #9990 proposed by @pchote and http://docs.openra.zone/tech/tesla/ by @GeertJohan I guess we need to decide which road to take.

I think it'll be easier and better to use #9990. I'm sorry to say that I don't have time to actively work on this anymore :(

I've run out of patience waiting for someone else to take the lead on this, so have prototyped a simple key-based system that I could build myself within a few days:

The short version:

1. Player generates a RSA key pair using a web interface integrated with the forum: private key is installed to the OpenRA support dir, public key is stored in the forum database. Each key pair has a unique integer ID and is associated with a forum account (accounts can have multiple keys).
2. Server sends the SHA1 of a random blob of data as part of the HandshakeRequest when joining.
3. Player signs the hash with private key, and returns that + key pair ID in the HandshakeResponse.
4. Server uses the key pair ID to fetch the public key from the forum with a GET request.
5. Server validates the signature using the public key: if it passes then the client is trusted to be the person who owns the forum account associated with the key pair.

Proof of concept code at: https://github.com/OpenRA/OpenRA/compare/bleed...pchote:authentication-prototype?expand=1

I have ideas for a relatively simple UI for generating/managing/installing keys, and also for authenticating servers (so we can have trustworthy player stats). Before I take the time to elaborate on these it would be useful if someone with more experience on security could verify that this basic approach isn't full of holes.

Good idea. http://www.urbanterror.info/support/232-auth-accounts/ has a similar maybe simpler system.

@chrisforbes raised a concern about the initial step, requiring players to download and install a private key from a server is at best ugly, and is completely broken if the transaction is not done over https.

I've reorganized my plan to avoid that step, and also avoid the server to poll the forum:

1. Player generates a keypair from the ingame "login" menu. These are written to a local file in the support dir, and the public key is presented in a text field in the ingame UI and a "copy to clipboard" button.
2. Player copies the key and adds it to their forum account. Again, accounts can have multiple fingerprints associated with them, but each fingerprint can only be associated with one acccount.
3. Server sends the SHA1 of a random blob of data as part of the HandshakeRequest when joining.
4. Player signs the hash with private key, and returns that + their public key in the HandshakeResponse.
5. Server validates the signature using the public key: if it passes then the client is trusted to be the person who owns the public key (note: the server doesn't care whether or not that key is associated with a forum account). The server then calculates the key fingerprint and assigns it to the Client.PlayerID.
6. Other players use the fingerprint to look up the player details (forum name, stats, badges, etc) from the LobbyLogic as usual.

The test code at pchote:authentication-prototype has been updated to match.

I'm not convinced your solution is the best way to go about it, for mainly two reasons:

1. I think it's too complicated, especially the 'copying fingerprint from within the game to the forum account' bit.
2. I don't like its reliance on the forum. Ideally, it should all work from within the game.

My alternative proposal is based on a small web API (probably running on compo.openra.net (let's just rename that, though!)). The rest is all ingame UI.

First of all, the settings dialog would get a new 'Player' tab, where the player name and color would go. That tab would have a button saying "Add online account". Clicking that will cause the following sequence of events to unfold:

• Game retrieves public key of web API.
• User gets asked for a password.
• A RSA key pair is generated
• The private key is stored in the support dir
• The public key of the web API is used to encrypt the password
• The user's public key and encrypted password are sent to the web api, which stores both of them.

Once an online account is associated with the player, the player name field gets disabled so the name cannot be changed anymore. The player settings dialog would also include a checkbox to enable authenticating when the game starts. Otherwise there would be button somewhere for manual authentication.

The password that's given on registration would only be used to re-generate a key pair if the previous one was lost. The steps would basically be the same as for new registrations, except that the web API would decline the request if the password that was given doesn't match the one that is already stored.

The end game and reason why I'd like a separate service to the forum is that I would like this web API to eventually grow into a website where event organizers can create leagues, tournaments, or ladders, assign users to them (taken from the player list the site already has), and the game would automatically upload match results. Players could query the site for the events they're enlisted in and choose one in the MP browser. The site would, almost by accident, also be able to provide player stats, which could be shown ingame in a player profile screen.

That seems like a pile of extra work just to avoid asking users to copy a code into a website, IMO.

We can defer the argument of forum vs stand-alone website until later: this won't affect the in-game implementation. I would much prefer that the _forum_ became that website – why would we want to separate that out from the place where we want players to discuss the game? In any case, we need to replace sleipnir's stuff with a proper openra forum and this would be a great motivation to actually progress on that.

Here's a sneak peek of the UI prototype i've built. It is functional except for the logged-in stats, which are generated from a fake file on the backend.

Here's a more refined, and hopefully final (edit: it wasn't) menu UI layout. I decided that it was better to have this as a standalone widget in the corner of the menus (ingame and main) instead of combining it with the battlefield news.

The code is available at pchote:authentication-prototype. If you want to test it, copy your key fingerprint here and i'll link your profile manually.

The UI for viewing other players' profiles will be next.

Edit: I've since changed the wording, and have the player copying the full public key instead of just the fingerprint. Will update with a new screenshot later when it is clear that things won't need to change again.

Here's an ingame mockup of the lobby UI that I am working towards.

The button row will be hidden for non-admins, and the panel for anonymous players will show "Anonymous // from <country>" instead of the name and rank.

Based on feedback from IRC i'll remove the IP and country from the ping tooltip: they are no longer required for verifying users, and are being (ab)used in ways that we don't really want.

I think we indeed should remove the IPs not sure about country tho. It usually gives a good answer to "why their ping is that bad". Maybe this should be changed to a setting that is default to yes, but notify the player at first start like system information collecting message.

Distance-to-country is only a part (and not the main one) of what causes players to lag. OpenRA can perfectly handle around-the-world (EU - NZ) games with no lag. It has been pointed out to me that some shitty game admins routinely kick any players who aren't from the US or EU based only on their country, and that is behaviour that we should stamp out.

Here's the (hopefully) final lobby layout. The kick/spec/admin buttons are still there for admins, but this screenshot was made from a regular player. Players must enter a reason when they sadface somebody, and they can/will be moderated on the server-side before they are applied to reputation.

You can now register (and revoke) keys through the User Control Panel on sleipnirstuff.com, so anybody can test this now without relying on me to manage your keys.

when you cut off your internet , youll get a message that is slightly off

Player generates a keypair from the ingame "login" menu. These are written to a local file in the >support dir, and the public key is presented in a text field in the ingame UI and a "copy to clipboard" >button.

A second Private Key could be generated on the clients Hardware info. And sends public keys from it to the Masterserver other Players in the lobby could download the public keys from the masterserver like this scheme:

• player joins the lobby...
• when the Game starts the Client downloads all public keys
• The Client begins the per connection based encryption handshake.

In this Case everyone would say Why?! Because when we have Account-Names verified by sha1 keys the connection remains in a weak encryption. The Client can then encrypt each Player connection with another Public Key :)

I have no idea what you're trying to suggest there. Can you rephrase more clearly where you think the issue is?

we could combine the authentication with connection based encryption... in a shorter answer. The Player starts a multiplayer Game and shares the public key to other players. The used Key Pair could be based on the Login authentication and Hardware hash

That will be provided by https for the client <-> forum requests.

This is my current layout for the ingame score screen. I don't like how cluttered it is going to look when there are a bunch of authenticated players, but I don't have a better solution right now.

@pchote : this will do

Release early, release often. https://en.wikipedia.org/wiki/Iterative_design#Application:_Human_computer_interfaces

I wanted to share some of my thoughts about authentication and ranking, giving that #2815 is closed I will do so here, I hope that's ok?

Have you guys looked at all at the Xonotic (open source fps) player ranking/tracking?
It is completely transparent to the player.
When you first start the game it asks you if you would like to record you statistics publicly.
And that's all it ever asks or shows to the user.
In the background it makes a public/private key pair and uses that to track the player. (players can still change names and all that)
The stats are then viewable at http://stats.xonotic.org/
All there code is open source: https://gitlab.com/groups/xonotic (XonStat and XonStatDB repo's)

I can also imagine that most people simple want a balanced game and don't want to see exactly how they are doing. ( Seeing you won 3 games and lost 16 isn't fun! )
So the mock ups shown here kind of make me nervous that it will scare away a lot of casual players.

I also don't think it is a good idea to let people choose between playing on tracked servers or not (or giving any choice really).
Because then you have the original problem again of not knowing if a game will be balanced or not.

My alternative proposal is to do the same thing as xonotic:
Never show any of this ranking stuff to the player beyond the minimum.
When the game is first run make the key-pair in the background, never mention it to the player.
Record the matches and report it to the backend, so you can rank the players.
Then in a game lobby you can add a military chevron next to the player name. For example the same 4 chevron ranks as used for the game units. (and maybe the amount of disconnects)
This way a player can easy see that they are somewhat equally ranked without having to be stressed out about it. They don't have to think about it and it's not overwhelming with details or embarrassing to a newbie.

And pro players can just go to the website too see the detailed stats that they are interested in.

As for the reputation system:
I don't really understand the system shown here.
If someone gets a bad reputation they can just make a new account... so how is it helpful?
And if players only have positive reputation then what does it mean? You have +4 reputation.... is that good? bad? Is +10 good? Will there be a minimum reputation that the community wants a player to have before they want to play with them? But that would then discriminate new players?
I think you're going to want to really consider with a reputation system is worth adding to openra...

Example of chevrons as rank, shows that this game is unbalanced but it's display is uninstructive and shouldn't scare casual players away too much.

Never show any of this ranking stuff to the player beyond the minimum.

That's matchmaking balance, not ranking.

The whole purpose of a rank is to make it very obvious to the player. It could be safely argued that the presence of public ranks, leaderboards and the like is a large part of why MOBA games became so popular and hooked players in in the first place.

Matchmaking balance, as you describe it, could be mandatory for "official servers" (trusted) but a visible ranking system should be opt-in with ranked servers/instances. Casual players won't be "scared away" when they can just join servers that are unranked but still have matchmaking available, but I don't personally see the point of catering to those extremely casual players who will be scared by rankings since OpenRA itself is not a casual game - but that's just my opinion.

I love the idea of giving OpenRA a public ranking/leaderboard system, with matchmaking servers dynamically starting maps and pulling similarly-ranked players in. It would pull a lot of players in, old and new, who don't care much at all for the traditional decentralized multiplayer system. Many gamers love old-school RTS but feel that the old-school networking/multiplayer is horrible and unrewarding. Still, moving in that direction opens up a whole can of worms for players and developers to deal with (e.g. hacked/cheat clients).

TL;DR: Rankings should be as visible and extravagantly glorious as possible, with world leaderboards and big fancy medals and the like, otherwise what's the point of competitive gaming? Restricting rankings to tournament events is what scares players off - not the existence of a global ranking system.

@cosmicdan I think you misunderstood me.
Perhaps I phrased it badly but what I meant was:

Never show any of this ranking stuff to the player beyond the minimum in the game client.

You can still have a dedicated website where you show all the stats and leader-boards you want.
I think the link I posted to http://stats.xonotic.org is a good example of that.

I don't see the advantage of display much stats in the client itself.
People who care about them are already using there web browser to go to the forums / openra resource site / game replays / ...
It won't be much more effort to go to a website to see all the stats and rankings.

But it will probably be easier to implement, possibly with some reusable code already available.
And it would be accessible on mobile devices too.

but I don't personally see the point of catering to those extremely casual players who will be scared by rankings since OpenRA itself is not a casual game - but that's just my opinion.

I guess that's where our viewpoints differ.
When I look at the server browser I often see 6 and 8 player team games. Those usually aren't very competitive in nature.
And those games are how I got into openra as well. There is not much pressure to play extremely well in a 8 or 10 player game. Hence they are a good way to slowly learn how to play the game.

I think if you don't cater to casual players then the player base will drop, and a dropping player base for a mostly multiplayer game is a death sentence. You need them for openra to stay alive, as it will become very difficult for new players to join the community if there are only skilled players already playing.

The whole purpose of a rank is to make it very obvious to the player.

I think the primary purpose of rank is for matchmaking. You can't know how balanced a game will be if you don't know how good the players are.

with matchmaking servers dynamically starting maps and pulling similarly-ranked players in.

This sounds like a lot of work (not just code but also infrastructure)... Let's start small and see how far we get?

Rankings should be as visible and extravagantly glorious as possible, with world leaderboards and big fancy medals and the like, otherwise what's the point of competitive gaming?

I hope this is not just why people play competitive. It might be a nice addition, but nothing more.
And given that openra doesn't have much of that (not even in the tournament events) I think it isn't the main reason for the current community either.

The point of competitive (openra) games, is the trill and excitement they bring, the clever strategies and interesting plays being displayed in high skill games. Whether you are the one playing or just watching.
Who wins in the end is, for me, a small detail in comparison.

If it is fame you are looking for, then openra is not a game you want to play. Openra is always going to stay a small niche game with a small community.
Those MOBA games already exists, they are huge and can give you much more fame and visibility.

Restricting rankings to tournament events is what scares players off - not the existence of a global ranking system.

I don't fully understand this. Why would tournament events scare people off more then a global ranking system?

In the meantime there had been some discussion on IRC where we came to the conclusion that it is impossible to build and maintain a centralized system that could cater for stat tracking, match making, and player reputation simultaneously for every single OpenRA mod (both official and custom).

If this concept ever moves forward, it would/should reduce in scope to just the authentication part, with the in-game "profiles" simplified down to a name / tag / list of medals. This then has the advantage of being non-interactive, so can be shown as a tooltip without having to have the awkward drop down button interface.

Individual server hosts could then use the authentication API to run their own scoreboards, focusing just on the players / mods / etc that they are interested in. If there was legitimate interest from server hosts we could provide a dedicated server interface to insert player-specific details (e.g game stats) into the in-game player tooltip.

I don't see the advantage of display much stats in the client itself.
It won't be much more effort to go to a website to see all the stats and rankings.

To be frank, that's amateurish. If OpenRA wants to provide a central authority on player rankings but cannot provide an all-inclusive in-game portal on those stats, it will just look crappy.

I think if you don't cater to casual players then the player base will drop [...]

I wasn't so much saying that OpenRA shouldn't/doesn't cater to casual players; but rather that I don't understand how players who are so extremely casual as to be intimated by the mere presence of a visible ranking system at all could even be interested in a game like OpenRA. It'd be very nice to know which players on your/enemy teams are the more/less skilled players so you know who to look out for.

Personally I had the vision of players being ranked as officers, mirroring real life, prompting players to form ad-hoc diplomatic relations within their teams depending on the established power dynamics.

This sounds like a lot of work (not just code but also infrastructure)... Let's start small and see how far we get?

Of course, but having an awareness of direction is important. What kind of developer says "That's too much work, so let's completely ignore that idea"?

I hope this is not just why people play competitive.
[...]
If it is fame you are looking for, then openra is not a game you want to play. Openra is always going to stay a small niche game with a small community.

You tell me. Go and look at the most popular/viral competitive games out there. They're all quite shallow in regards to gameplay-mechanics - it's all about the prestige and fame. That's what (e)sport has always been about, really. There's nothing wrong with wanting to be remembered/recognized for something you love doing.

Those MOBA games already exists, they are huge and can give you much more fame and visibility.

OpenRA is trying to be an engine. The developer aspirations surely don't stop at reimplementing Westwood classics just so old gamers can relive nostalgia (if they did then that'd be really sad). Just like an engine, there is a potential for commercial adoption here. I really hope they change the name from OpenRA to something else one day, too.

MOBA <> RTS. How can you even make that comparison? A MOBA is more of a PvP ARPG than an RTS - it scratches a completely different itch. I would throw money at a classic RTS that had distributed ranking and matchmaking and I know many others who would too.

Why would tournament events scare people off more then a global ranking system?

Because "core" (hardcore-casual) players are intimated by that, but still want some competitive aspect. I am one of these types of gamers. I would love to see how I rank up against the greater community, but the formality of having to apply to tournaments, socialize, dedicate a schedule, etc. just turns me off the whole idea completely.

But yes, it's clear to me that we are vastly apart on the spectrum of why people play multiplayer games. Alas, it's all speculative talk now since...

it is impossible to build and maintain a centralized system

Not financially feasible. That's fair enough. Well, here's hoping someone wealthy and/or with a lot of free time can see this potential in the OpenRA engine though - I can keep dreaming!

I'll refrain from elaborating anymore on my opinions on how OpenRA could be :)