They said it was not possible…
What I shared above was the entire idea, so why did I take heat for it in this developer community, you may ask? I don’t know. It’s a reasonable criticism of the current integration of the game servers feature, but for some reason, people were thinking I’m hating on Discord just to hate. On the contrary, I love Discord and have since I started using it in 2015. I’d work for Discord in a heartbeat if I could (and I have applied, but I’m also across the country).
I shared multiple variations of these ideas at different levels of complexity, and here are some of the responses I would get:
- “Still seems out of scope because they’d need to make some sort of oauth plugin for every game they want to support and that’s all heavily opinionated. Just roll with third party devs making it being easier”
- “I don’t think you understand how authentication works…It won’t be possible”
This is where it gets more ridiculous (I’m Matt, obviously).
Yes, I’m aware that in my comments I mention proxy in Minecraft, but the intent is more generalized across games and how, since ShockByte has full control over the stack, they should be able to build some nifty integrations. Especially considering ShockByte claims to partner with Minecraft, Rust, RiveM, and RedM.
Most games can’t do a proxy service like that
That comment stuck with me…then comments continued:
- “you can’t really make a general solution for this…it just doesn’t work”
- “the only solutions that i can think of that dont require knowledge of the game’s protocol are either hacky (IP whitelist) or modding the game server to support this”
Those members continued how it could be possible with “Discord VPN” (joking) and commenting how it’s “just a shockbyte minecraft server within discord slop.”
I pointed out that ShockByte, presumably, has full control over the stack and could easily invest some time into potentially building a solution, and a comment was made that really stuck out to me:
it is ignorant to think it is easy or worth it at all
They continued to assume my valid criticism of the lack of functionality to make a function like Discord Game Servers worthwhile to the general, and basically called me stupid for having that opinion.
I proved it was possible…
Those two comments stuck with me for a few hours, and while I was catching up on some emails, they did live rent-free in my head, not cause they upset me but because they just seemed factually wrong by my own instincts. I’m not thinking of a production-ready solution, just a technical approach. My goal is simple with this approach, not to actually do the validation, but prove that proxy services could be built, and it is one potential approach that could be worth the research for ShockByte and/or Discord.
So I got my butt off the couch, turned off The Flash (yes, I’m watching the entire Arrowverse series), and decided I wanted to challenge myself. Instead of keeping it easy and doing just Minecraft, I decided to do one that I’ve never played, FiveM. FiveM, if you didn’t know, is a GTA5 mod that allows modding and modded multiplayer servers. It’s common for GTA Roleplay on Twitch. Past that, I know nothing about it because before today I’ve never installed it or used it.
If you’re just looking to see if it worked, yes, it did. I was able to fully relay all data between the FiveM server and back to the client and was able to extract the initial authentication. It was a fully working FiveM instance and it’s a solution that could work.
What does this mean? The technical barriers aren’t as insurmountable as some developers claimed. ShockByte and Discord have the resources and expertise to build integrations that would actually justify the price premium. Until then, most community managers would be better off skipping this feature or hosting directly with ShockByte unless, like I mentioned earlier, they have a lot of boosts just sitting around and are willing to accept the cons.
The obvious security issues
What I’m doing is essentially a man in the middle and it has its downsides such as the fact that game servers can change and it’s finicky.
Ideally, I’d love to see a different, safer integration with the platform. Spitballing an idea, OAuth. Discord could offer an OAuth-based solution built directly into the community settings and send those configuration values and keys over to ShockByte, and they could deploy a protected, unmodifiable plugin on the game server that enforces access controls automatically. This is similar, in concept, to things that already exist. There’s no need to reinvent the wheel!
Just a wee bit technical
There’s really not a lot to this. I went in with absolutely zero knowledge of how to do this, no knowledge of FiveM, and no clue how to do it. So I used Go. The setup was easy for the FiveM server. I downloaded the binary and configured it. I ran the server and ran the client and could connect just fine. I installed GoLand by JetBrains and then created a new main.go and was ready to start writing some crappy code.
I should probably let you know that I wrote it on my Mac, which was on IP 192.168.10.149, and ran the game as well as the FiveM server on my gaming PC with the IP 192.168.10.9. This is only important so you know the logs, that’s all. I used the default FiveM port 30120 on both sides just to make it easier.
Now we begin. Game servers in general use UDP extensively; it’s fast and lightweight. While UDP does have some downsides, mainly unreliability in my experience, it’s just the best choice that I’ve seen. I’m not going to dive into the technicals on it because it’s out of scope for this, and I’d definitely have to brush up on my knowledge for modern networking, haha.
It comes down to 2 things at the end of the day:
- When receiving data from the client, send it to the game server
- When receiving data from the game server, send it back to the client
That’s it. So all I need to do is:
- Listen for UDP packets on a port from the client
- Check for a client connection to the server for that client and create a new one if none exists
- Relay the packet to the game server
- For relaying back to the client, just create a connection and listen for packets on that connection and send them back to the client.
Pretty simple. However, I didn’t realize, and this is the dumb part of me, that FiveM ALSO uses TCP for a variety of things, specifically what we need…the authentication. So I wrote a TCP server and started seeing all the data.
At that point, it was breaking the TCP packet down and splitting the authToken, cfxTicket and all the other values from each other, and decoding it from Base64 and stripping out the binary data, and BOOM. There it was, a simple fivem ID that’s provided in the cfxTicket. That was all I needed for this proof of concept.
464 lines of absolute garbage Go code later, I proved that ShockByte and Discord could absolutely look into building something that sits in between these game servers and extracts the authentication data. In the case of FiveM, ShockByte could work with FiveM to convert these IDs to Steam IDs, profiles, or direct Discord IDs (since they can link a Discord account to your FiveM account) and validate them against a community’s users.
Would this take work? Absolutely! I’m not saying it wouldn’t be an investment of time and money, but I think simple access controls based on Discord membership or roles could make Discord Game Servers actually a competitive product in the game server hosting space because of this first-party integration. If I, with zero knowledge or experience, could do it then there’s no excuse for ShockByte or Discord.
If you’re wondering where the code is, I’ve published a gist on GitHub:
Yes, my Go code is all over the place. This was only my second attempt at writing Go ever so I was struggling a bit and banging my head against the desk with the packet parsing. I had connections run wild too which is why I definitely overuse mutex for sure, haha.
If you’ve gotten this far, thank you for reading. I’d be happy to take feedback on my Go code as well. Go is an interesting language and I actually like the flow of Go.