I have a multiplayer game running on a Java server and I want to migrate to using Unity as a client and Playfab as a login/authentication service.
Since the game already existed, all I've got to do is rework the communications between the Unity client and the Java server and I've decided to use Playfab in order to secure login/authentication.
I understand that the regular way of doing this would be to have my Java server register as a Playfab custom server and use the matchmaking api, but on one hand I feel like there might be a simpler solution and on the other I'm not really sure how to go about doing it(since it seems my server would have to comply to rather strict specifications).
What I was originally going to do(my 'original solution') was have the client login to Playfab, then cloudscript would send a REST request to the server telling them that client has logged in and a response to the client telling them the server's address. From there, the client would establish a socket connection to the server and the game would run through that(I have TLS setup and the server is super-authoritative, so that should work fine).
The problems with that approach were mostly that I'm not sure how the server would ensure the client trying to connect is the right one. I have the client's playerID, but that's easy to duplicate. I could also give a temporary secret key, but I'm not sure how secure that'd be. Finally, I could get the client's IP, but that sounds like a bad idea for a number of reasons.
So my questions are mostly:
1- How workable/flawed is my 'original solution'? I have studied a bit, but it's the first time I'm actually trying to use something like Playfab as the middleman, so chances are I'm overlooking a lot of stupid stuff.
2- Would it be possible to use Playfab's "custom server" api with my already existing java server? What would I have to do in order to do that?
3- Is there a simpler way to use Playfab as a middleman for authentication? All I need is to go from getting the user logged in(I already have the playfab client running fine on Unity) to have them authenticated/identified with the Java server.
A small note is that I'm currently using Playfab's free version. While Playfab does have quite a lot of interesting features and I'll probably check those in the future, right now all I need is authentication and I'd rather slowly scale my plan as the game and its playerbase grows.