/// <summary>
        /// XSTS Authenticate
        /// </summary>
        /// <remarks>(Don't ask me what is XSTS, I DONT KNOW)</remarks>
        /// <param name="xblResponse"></param>
        /// <returns></returns>
        public XSTSAuthenticateResponse XSTSAuthenticate(XblAuthenticateResponse xblResponse)
        {
            var request = new ProxiedWebRequest(xsts);

            request.UserAgent = userAgent;
            request.Accept    = "application/json";
            request.Headers.Add("x-xbl-contract-version", "1");

            string payload = "{"
                             + "\"Properties\": {"
                             + "\"SandboxId\": \"RETAIL\","
                             + "\"UserTokens\": ["
                             + "\"" + xblResponse.Token + "\""
                             + "]"
                             + "},"
                             + "\"RelyingParty\": \"rp://api.minecraftservices.com/\","
                             + "\"TokenType\": \"JWT\""
                             + "}";
            var response = request.Post("application/json", payload);

            if (Settings.DebugMessages)
            {
                ConsoleIO.WriteLine(response.ToString());
            }
            if (response.StatusCode == 200)
            {
                string        jsonString = response.Body;
                Json.JSONData json       = Json.ParseJson(jsonString);
                string        token      = json.Properties["Token"].StringValue;
                string        userHash   = json.Properties["DisplayClaims"].Properties["xui"].DataArray[0].Properties["uhs"].StringValue;
                return(new XSTSAuthenticateResponse()
                {
                    Token = token,
                    UserHash = userHash
                });
            }
            else
            {
                if (response.StatusCode == 401)
                {
                    Json.JSONData json = Json.ParseJson(response.Body);
                    if (json.Properties["XErr"].StringValue == "2148916233")
                    {
                        throw new Exception("The account doesn't have an Xbox account");
                    }
                    else if (json.Properties["XErr"].StringValue == "2148916238")
                    {
                        throw new Exception("The account is a child (under 18) and cannot proceed unless the account is added to a Family by an adult");
                    }
                    else
                    {
                        throw new Exception("Unknown XSTS error code: " + json.Properties["XErr"].StringValue);
                    }
                }
                else
                {
                    throw new Exception("XSTS Authentication failed");
                }
            }
        }
Example #2
0
        /// <summary>
        /// Perform request to obtain access token by code or by refresh token
        /// </summary>
        /// <param name="postData">Complete POST data for the request</param>
        /// <returns></returns>
        private static LoginResponse RequestToken(string postData)
        {
            var request = new ProxiedWebRequest(tokenUrl);

            request.UserAgent = "MCC/" + Program.Version;
            var response = request.Post("application/x-www-form-urlencoded", postData);
            var jsonData = Json.ParseJson(response.Body);

            // Error handling
            if (jsonData.Properties.ContainsKey("error"))
            {
                throw new Exception(jsonData.Properties["error_description"].StringValue);
            }
            else
            {
                string accessToken  = jsonData.Properties["access_token"].StringValue;
                string refreshToken = jsonData.Properties["refresh_token"].StringValue;
                int    expiresIn    = int.Parse(jsonData.Properties["expires_in"].StringValue);

                // Extract email from JWT
                string payload     = JwtPayloadDecode.GetPayload(jsonData.Properties["id_token"].StringValue);
                var    jsonPayload = Json.ParseJson(payload);
                string email       = jsonPayload.Properties["email"].StringValue;
                return(new LoginResponse()
                {
                    Email = email,
                    AccessToken = accessToken,
                    RefreshToken = refreshToken,
                    ExpiresIn = expiresIn
                });
            }
        }
Example #3
0
        /// <summary>
        /// Xbox Live Authenticate
        /// </summary>
        /// <param name="loginResponse"></param>
        /// <returns></returns>
        public static XblAuthenticateResponse XblAuthenticate(Microsoft.LoginResponse loginResponse)
        {
            var request = new ProxiedWebRequest(xbl);

            request.UserAgent = userAgent;
            request.Accept    = "application/json";
            request.Headers.Add("x-xbl-contract-version", "0");

            var accessToken = loginResponse.AccessToken;

            if (Settings.LoginMethod == "browser")
            {
                // Our own client ID must have d= in front of the token or HTTP status 400
                // "Stolen" client ID must not have d= in front of the token or HTTP status 400
                accessToken = "d=" + accessToken;
            }

            string payload = "{"
                             + "\"Properties\": {"
                             + "\"AuthMethod\": \"RPS\","
                             + "\"SiteName\": \"user.auth.xboxlive.com\","
                             + "\"RpsTicket\": \"" + accessToken + "\""
                             + "},"
                             + "\"RelyingParty\": \"http://auth.xboxlive.com\","
                             + "\"TokenType\": \"JWT\""
                             + "}";
            var response = request.Post("application/json", payload);

            if (Settings.DebugMessages)
            {
                ConsoleIO.WriteLine(response.ToString());
            }
            if (response.StatusCode == 200)
            {
                string jsonString = response.Body;
                //Console.WriteLine(jsonString);

                Json.JSONData json     = Json.ParseJson(jsonString);
                string        token    = json.Properties["Token"].StringValue;
                string        userHash = json.Properties["DisplayClaims"].Properties["xui"].DataArray[0].Properties["uhs"].StringValue;
                return(new XblAuthenticateResponse()
                {
                    Token = token,
                    UserHash = userHash
                });
            }
            else
            {
                throw new Exception("XBL Authentication failed");
            }
        }
        /// <summary>
        /// Login to Minecraft using the XSTS token and user hash obtained before
        /// </summary>
        /// <param name="userHash"></param>
        /// <param name="xstsToken"></param>
        /// <returns></returns>
        public string LoginWithXbox(string userHash, string xstsToken)
        {
            var request = new ProxiedWebRequest(loginWithXbox);

            request.Accept = "application/json";

            string payload  = "{\"identityToken\": \"XBL3.0 x=" + userHash + ";" + xstsToken + "\"}";
            var    response = request.Post("application/json", payload);

            if (Settings.DebugMessages)
            {
                ConsoleIO.WriteLine(response.ToString());
            }

            string jsonString = response.Body;

            Json.JSONData json = Json.ParseJson(jsonString);
            return(json.Properties["access_token"].StringValue);
        }
        /// <summary>
        /// Perform login request
        /// </summary>
        /// <remarks>This step is to send the login request by using the PreAuth response</remarks>
        /// <param name="email">Microsoft account email</param>
        /// <param name="password">Account password</param>
        /// <param name="preAuth"></param>
        /// <returns></returns>
        public UserLoginResponse UserLogin(string email, string password, PreAuthResponse preAuth)
        {
            var request = new ProxiedWebRequest(preAuth.UrlPost, preAuth.Cookie);

            request.UserAgent = userAgent;

            string postData = "login="******"&loginfmt=" + Uri.EscapeDataString(email)
                              + "&passwd=" + Uri.EscapeDataString(password)
                              + "&PPFT=" + Uri.EscapeDataString(preAuth.PPFT);

            var response = request.Post("application/x-www-form-urlencoded", postData);

            if (Settings.DebugMessages)
            {
                ConsoleIO.WriteLine(response.ToString());
            }

            if (response.StatusCode >= 300 && response.StatusCode <= 399)
            {
                string url  = response.Headers.Get("Location");
                string hash = url.Split('#')[1];

                var request2  = new ProxiedWebRequest(url);
                var response2 = request2.Get();

                if (response2.StatusCode != 200)
                {
                    throw new Exception("Authentication failed");
                }

                if (string.IsNullOrEmpty(hash))
                {
                    if (confirm.IsMatch(response2.Body))
                    {
                        throw new Exception("Activity confirmation required");
                    }
                    else
                    {
                        throw new Exception("Invalid credentials or 2FA enabled");
                    }
                }
                var dict = Request.ParseQueryString(hash);

                //foreach (var pair in dict)
                //{
                //    Console.WriteLine("{0}: {1}", pair.Key, pair.Value);
                //}

                return(new UserLoginResponse()
                {
                    AccessToken = dict["access_token"],
                    RefreshToken = dict["refresh_token"],
                    ExpiresIn = int.Parse(dict["expires_in"])
                });
            }
            else
            {
                throw new Exception("Unexpected response. Check your credentials. Response code: " + response.StatusCode);
            }
        }
Example #6
0
        /// <summary>
        /// Perform login request
        /// </summary>
        /// <remarks>This step is to send the login request by using the PreAuth response</remarks>
        /// <param name="email">Microsoft account email</param>
        /// <param name="password">Account password</param>
        /// <param name="preAuth"></param>
        /// <returns></returns>
        public static Microsoft.LoginResponse UserLogin(string email, string password, PreAuthResponse preAuth)
        {
            var request = new ProxiedWebRequest(preAuth.UrlPost, preAuth.Cookie);

            request.UserAgent = userAgent;

            string postData = "login="******"&loginfmt=" + Uri.EscapeDataString(email)
                              + "&passwd=" + Uri.EscapeDataString(password)
                              + "&PPFT=" + Uri.EscapeDataString(preAuth.PPFT);

            var response = request.Post("application/x-www-form-urlencoded", postData);

            if (Settings.DebugMessages)
            {
                ConsoleIO.WriteLine(response.ToString());
            }

            if (response.StatusCode >= 300 && response.StatusCode <= 399)
            {
                string url  = response.Headers.Get("Location");
                string hash = url.Split('#')[1];

                var request2  = new ProxiedWebRequest(url);
                var response2 = request2.Get();

                if (response2.StatusCode != 200)
                {
                    throw new Exception("Authentication failed");
                }

                if (string.IsNullOrEmpty(hash))
                {
                    throw new Exception("Cannot extract access token");
                }
                var dict = Request.ParseQueryString(hash);

                //foreach (var pair in dict)
                //{
                //    Console.WriteLine("{0}: {1}", pair.Key, pair.Value);
                //}

                return(new Microsoft.LoginResponse()
                {
                    Email = email,
                    AccessToken = dict["access_token"],
                    RefreshToken = dict["refresh_token"],
                    ExpiresIn = int.Parse(dict["expires_in"])
                });
            }
            else
            {
                if (twoFA.IsMatch(response.Body))
                {
                    // TODO: Handle 2FA
                    throw new Exception("2FA enabled but not supported yet. Use browser sign-in method or try to disable 2FA in Microsoft account settings");
                }
                else if (invalidAccount.IsMatch(response.Body))
                {
                    throw new Exception("Invalid credentials. Check your credentials");
                }
                else
                {
                    throw new Exception("Unexpected response. Check your credentials. Response code: " + response.StatusCode);
                }
            }
        }