private async Task <AuthResponse <XuiDisplayClaims <Xui> > > DoUserAuth(string accessToken) { var key = EcDsa.ExportParameters(false); var authRequest = new AuthRequest { RelyingParty = "http://auth.xboxlive.com", TokenType = "JWT", Properties = new Dictionary <string, object>() { { "AuthMethod", "RPS" }, { "RpsTicket", "t=" + accessToken }, { "SiteName", "user.auth.xboxlive.com" }, { "ProofKey", new Dictionary <string, string>() { { "crv", "P-256" }, { "alg", "ES256" }, { "use", "sig" }, { "kty", "EC" }, { "x", UrlSafe(key.Q.X) }, { "y", UrlSafe(key.Q.Y) } } } } }; AuthResponse <XuiDisplayClaims <Xui> > authResponse; //using (var client = new HttpClient()) var client = GetClient(); { using (var r = new HttpRequestMessage(HttpMethod.Post, UserAuth)) { r.Headers.Add("x-xbl-contract-version", "1"); r.Content = SetHttpContent(authRequest, out var jsonData); Sign(r, jsonData); using (var response = await client .SendAsync(r, HttpCompletionOption.ResponseContentRead) .ConfigureAwait(false)) { response.EnsureSuccessStatusCode(); authResponse = JsonConvert.DeserializeObject <AuthResponse <XuiDisplayClaims <Xui> > >( await response.Content.ReadAsStringAsync()); Log.Debug($"User Auth Result: {JsonConvert.SerializeObject(authResponse)}"); } } } return(authResponse); }
private async Task <AuthResponse <XuiDisplayClaims <XstsXui> > > DoXsts(AuthResponse <DeviceDisplayClaims> deviceToken, AuthResponse <TitleDisplayClaims> titleToken, string userToken) { var key = EcDsa.ExportParameters(false); var authRequest = new AuthRequest { RelyingParty = "https://multiplayer.minecraft.net/", TokenType = "JWT", Properties = new Dictionary <string, object>() { { "UserTokens", new string[] { userToken } }, { "SandboxId", "RETAIL" }, { "ProofKey", new Dictionary <string, string>() { { "crv", "P-256" }, { "alg", "ES256" }, { "use", "sig" }, { "kty", "EC" }, { "x", UrlSafe(key.Q.X) }, { "y", UrlSafe(key.Q.Y) } } } } }; AuthResponse <XuiDisplayClaims <XstsXui> > titleAuthResponse; var client = GetClient(); //using (var client = new HttpClient()) { using (var r = new HttpRequestMessage(HttpMethod.Post, XblAuth)) { r.Headers.Add("x-xbl-contract-version", "1"); r.Content = SetHttpContent(authRequest, out var jsonData); Sign(r, jsonData); using (var response = await client .SendAsync(r, HttpCompletionOption.ResponseContentRead) .ConfigureAwait(false)) { response.EnsureSuccessStatusCode(); var rawResponse = await response.Content.ReadAsStringAsync(); titleAuthResponse = JsonConvert.DeserializeObject <AuthResponse <XuiDisplayClaims <XstsXui> > >( rawResponse); Log.Debug($"Xsts Auth: {rawResponse}"); } } } return(titleAuthResponse); }
private void Sign(HttpRequestMessage request, byte[] body) { var hash = SHA256.Create(); var time = TimeStamp(); byte[] p = new byte[8]; p[0] = (byte)(time >> 56); p[1] = (byte)(time >> 48); p[2] = (byte)(time >> 40); p[3] = (byte)(time >> 32); p[4] = (byte)(time >> 24); p[5] = (byte)(time >> 16); p[6] = (byte)(time >> 8); p[7] = (byte)time; //signer. byte[] signed; using (MemoryStream buffer = new MemoryStream()) { buffer.WriteByte(0); buffer.WriteByte(0); buffer.WriteByte(0); buffer.WriteByte(1); buffer.WriteByte(0); //Write time buffer.Write(p, 0, p.Length); buffer.WriteByte(0); //using (BinaryWriter writer = new BinaryWriter(buffer, Encoding.UTF8)) { buffer.Write(Encoding.UTF8.GetBytes("POST")); buffer.WriteByte((byte)0); buffer.Write(Encoding.UTF8.GetBytes(request.RequestUri.PathAndQuery)); buffer.WriteByte((byte)0); buffer.WriteByte((byte)0); buffer.Write(body); buffer.WriteByte((byte)0); } byte[] input = buffer.ToArray(); signed = EcDsa.SignHash(hash.ComputeHash(input)); } byte[] final; ; using (MemoryStream ms = new MemoryStream()) { ms.WriteByte(0); ms.WriteByte(0); ms.WriteByte(0); ms.WriteByte(1); //Write Time ms.Write(p, 0, p.Length); //Write signature ms.Write(signed, 0, signed.Length); final = ms.ToArray(); } request.Headers.Add("Signature", Convert.ToBase64String(final)); }
private void Sign(HttpRequestMessage request, byte[] body) { var hash = SHA256.Create(); //EcdsaUsingSha a = new EcdsaUsingSha(256); //ISigner signer = SignerUtilities.GetSigner("SHA-256withECDSA"); //signer.Init(true, EcDsa.Private); // byte[] buf = new byte[]{0,0,0,1,0}; var time = TimeStamp(); byte[] p = new byte[8]; p[0] = (byte)(time >> 56); p[1] = (byte)(time >> 48); p[2] = (byte)(time >> 40); p[3] = (byte)(time >> 32); p[4] = (byte)(time >> 24); p[5] = (byte)(time >> 16); p[6] = (byte)(time >> 8); p[7] = (byte)time; //signer. byte[] signed; using (MemoryStream buffer = new MemoryStream()) { buffer.WriteByte(0); buffer.WriteByte(0); buffer.WriteByte(0); buffer.WriteByte(1); buffer.WriteByte(0); //Write time buffer.Write(p, 0, p.Length); buffer.WriteByte(0); using (BinaryWriter writer = new BinaryWriter(buffer, Encoding.UTF8)) { writer.Write("POST"); writer.Write((byte)0); writer.Write(request.RequestUri.PathAndQuery); writer.Write((byte)0); //if (request.Headers.Authorization != null && request.Headers.Authorization.Parameter != null) //{ //writer.Write((byte)0); //} //else //{ // writer.Write(""); //} writer.Write((byte)0); writer.Write(body); writer.Write((byte)0); } byte[] input = buffer.ToArray(); //input = hash.ComputeHash(input); //signer.BlockUpdate(input, 0, input.Length); //signed = signer.GenerateSignature(); signed = EcDsa.SignHash(hash.ComputeHash(input)); } byte[] final; ; using (MemoryStream ms = new MemoryStream()) { ms.WriteByte(0); ms.WriteByte(0); ms.WriteByte(0); ms.WriteByte(1); //Write Time ms.Write(p, 0, p.Length); //Write signature ms.Write(signed, 0, signed.Length); final = ms.ToArray(); } request.Headers.Add("Signature", Convert.ToBase64String(final)); }
private async Task <AuthResponse <DeviceDisplayClaims> > DoDeviceAuth(string token) { var id = Guid.NewGuid().ToString(); var serial = Guid.NewGuid().ToString(); var key = EcDsa.ExportParameters(false); var authRequest = new AuthRequest { RelyingParty = "http://auth.xboxlive.com", TokenType = "JWT", Properties = new Dictionary <string, object>() { // {"RpsTicket", token}, // {"SiteName", "user.auth.xboxlive.com"}, { "DeviceType", "Nintendo" }, { "Id", id }, { "SerialNumber", serial }, { "Version", "0.0.0.0" }, { "AuthMethod", "ProofOfPossession" }, { "ProofKey", new Dictionary <string, string>() { { "crv", "P-256" }, { "alg", "ES256" }, { "use", "sig" }, { "kty", "EC" }, { "x", UrlSafe(key.Q.X) }, { "y", UrlSafe(key.Q.Y) } } } } }; AuthResponse <DeviceDisplayClaims> deviceAuthResponse; //using (var client = new HttpClient()) var client = GetClient(); using (var r = new HttpRequestMessage(HttpMethod.Post, DeviceAuth)) { r.Headers.Add("x-xbl-contract-version", "1"); //var json = JsonConvert.SerializeObject(authRequest); //Console.WriteLine($"Device Request: " + json); r.Content = SetHttpContent(authRequest, out var jsonData); Sign(r, jsonData); Console.WriteLine(); Console.WriteLine($"Request data: {r.Content.ReadAsStringAsync().Result}"); using (var response = await client .SendAsync(r, HttpCompletionOption.ResponseContentRead) .ConfigureAwait(false)) { var resp = await response.Content.ReadAsStringAsync(); Console.WriteLine($"DEV AUTH: {resp}"); response.EnsureSuccessStatusCode(); deviceAuthResponse = JsonConvert.DeserializeObject <AuthResponse <DeviceDisplayClaims> >( resp); Console.WriteLine($"Device Auth: {JsonConvert.SerializeObject(deviceAuthResponse)}"); Console.WriteLine(); } } return(deviceAuthResponse); }
private void Sign(HttpRequestMessage request, byte[] body) { var hash = SHA256.Create(); var time = TimeStamp(); byte[] p = new byte[8]; p[0] = (byte)(time >> 56); p[1] = (byte)(time >> 48); p[2] = (byte)(time >> 40); p[3] = (byte)(time >> 32); p[4] = (byte)(time >> 24); p[5] = (byte)(time >> 16); p[6] = (byte)(time >> 8); p[7] = (byte)time; //signer. byte[] signed; using (MemoryStream buffer = new MemoryStream()) { buffer.WriteByte(0); buffer.WriteByte(0); buffer.WriteByte(0); buffer.WriteByte(1); buffer.WriteByte(0); //Write time buffer.Write(p, 0, p.Length); buffer.WriteByte(0); //using (BinaryWriter writer = new BinaryWriter(buffer, Encoding.UTF8)) { buffer.Write(Encoding.UTF8.GetBytes("POST")); buffer.WriteByte((byte)0); buffer.Write(Encoding.UTF8.GetBytes(request.RequestUri.PathAndQuery)); buffer.WriteByte((byte)0); buffer.WriteByte((byte)0); buffer.Write(body); buffer.WriteByte((byte)0); } byte[] input = buffer.ToArray(); signed = EcDsa.SignHash(hash.ComputeHash(input)); //var signer = SignerUtilities.GetSigner(NistObjectIdentifiers.IdEcdsaWithSha3_256); //signer.Init(true, (ECPrivateKeyParameters)BouncyKeyPair.Private); //signer.BlockUpdate(input, 0, input.Length); //var hashed = hash.ComputeHash(input); //signer.BlockUpdate(hashed, 0, hashed.Length); //signed = signer.GenerateSignature(); } byte[] final; ; using (MemoryStream ms = new MemoryStream()) { ms.WriteByte(0); ms.WriteByte(0); ms.WriteByte(0); ms.WriteByte(1); //Write Time ms.Write(p, 0, p.Length); //Write signature ms.Write(signed, 0, signed.Length); final = ms.ToArray(); } request.Headers.Add("Signature", Convert.ToBase64String(final)); }