private async Task <AuthResponse <XuiDisplayClaims <Xui> > > DoUserAuth(string accessToken)
{
var key = EcDsa.ExportParameters(false);
var authRequest = new AuthRequest
{
RelyingParty = "http://auth.xboxlive.com",
TokenType = "JWT",
Properties = new Dictionary <string, object>()
{
{ "AuthMethod", "RPS" },
{ "RpsTicket", "t=" + accessToken },
{ "SiteName", "user.auth.xboxlive.com" },
{ "ProofKey", new Dictionary <string, string>()
{
{ "crv", "P-256" },
{ "alg", "ES256" },
{ "use", "sig" },
{ "kty", "EC" },
{ "x", UrlSafe(key.Q.X) },
{ "y", UrlSafe(key.Q.Y) }
} }
}
};
AuthResponse <XuiDisplayClaims <Xui> > authResponse;
//using (var client = new HttpClient())
var client = GetClient();
{
using (var r = new HttpRequestMessage(HttpMethod.Post,
UserAuth))
{
r.Headers.Add("x-xbl-contract-version", "1");
r.Content = SetHttpContent(authRequest, out var jsonData);
Sign(r, jsonData);
using (var response = await client
.SendAsync(r, HttpCompletionOption.ResponseContentRead)
.ConfigureAwait(false))
{
response.EnsureSuccessStatusCode();
authResponse =
JsonConvert.DeserializeObject <AuthResponse <XuiDisplayClaims <Xui> > >(
await response.Content.ReadAsStringAsync());
Log.Debug($"User Auth Result: {JsonConvert.SerializeObject(authResponse)}");
}
}
}
return(authResponse);
}
private async Task <AuthResponse <XuiDisplayClaims <XstsXui> > > DoXsts(AuthResponse <DeviceDisplayClaims> deviceToken, AuthResponse <TitleDisplayClaims> titleToken, string userToken)
{
var key = EcDsa.ExportParameters(false);
var authRequest = new AuthRequest
{
RelyingParty = "https://multiplayer.minecraft.net/",
TokenType = "JWT",
Properties = new Dictionary <string, object>()
{
{ "UserTokens", new string[] { userToken } },
{ "SandboxId", "RETAIL" },
{ "ProofKey", new Dictionary <string, string>()
{
{ "crv", "P-256" },
{ "alg", "ES256" },
{ "use", "sig" },
{ "kty", "EC" },
{ "x", UrlSafe(key.Q.X) },
{ "y", UrlSafe(key.Q.Y) }
} }
}
};
AuthResponse <XuiDisplayClaims <XstsXui> > titleAuthResponse;
var client = GetClient();
//using (var client = new HttpClient())
{
using (var r = new HttpRequestMessage(HttpMethod.Post,
XblAuth))
{
r.Headers.Add("x-xbl-contract-version", "1");
r.Content = SetHttpContent(authRequest, out var jsonData);
Sign(r, jsonData);
using (var response = await client
.SendAsync(r, HttpCompletionOption.ResponseContentRead)
.ConfigureAwait(false))
{
response.EnsureSuccessStatusCode();
var rawResponse = await response.Content.ReadAsStringAsync();
titleAuthResponse =
JsonConvert.DeserializeObject <AuthResponse <XuiDisplayClaims <XstsXui> > >(
rawResponse);
Log.Debug($"Xsts Auth: {rawResponse}");
}
}
}
return(titleAuthResponse);
}
private void Sign(HttpRequestMessage request, byte[] body)
{
var hash = SHA256.Create();
var time = TimeStamp();
byte[] p = new byte[8];
p[0] = (byte)(time >> 56);
p[1] = (byte)(time >> 48);
p[2] = (byte)(time >> 40);
p[3] = (byte)(time >> 32);
p[4] = (byte)(time >> 24);
p[5] = (byte)(time >> 16);
p[6] = (byte)(time >> 8);
p[7] = (byte)time;
//signer.
byte[] signed;
using (MemoryStream buffer = new MemoryStream())
{
buffer.WriteByte(0);
buffer.WriteByte(0);
buffer.WriteByte(0);
buffer.WriteByte(1);
buffer.WriteByte(0);
//Write time
buffer.Write(p, 0, p.Length);
buffer.WriteByte(0);
//using (BinaryWriter writer = new BinaryWriter(buffer, Encoding.UTF8))
{
buffer.Write(Encoding.UTF8.GetBytes("POST"));
buffer.WriteByte((byte)0);
buffer.Write(Encoding.UTF8.GetBytes(request.RequestUri.PathAndQuery));
buffer.WriteByte((byte)0);
buffer.WriteByte((byte)0);
buffer.Write(body);
buffer.WriteByte((byte)0);
}
byte[] input = buffer.ToArray();
signed = EcDsa.SignHash(hash.ComputeHash(input));
}
byte[] final;
;
using (MemoryStream ms = new MemoryStream())
{
ms.WriteByte(0);
ms.WriteByte(0);
ms.WriteByte(0);
ms.WriteByte(1);
//Write Time
ms.Write(p, 0, p.Length);
//Write signature
ms.Write(signed, 0, signed.Length);
final = ms.ToArray();
}
request.Headers.Add("Signature", Convert.ToBase64String(final));
}
private void Sign(HttpRequestMessage request, byte[] body)
{
var hash = SHA256.Create();
//EcdsaUsingSha a = new EcdsaUsingSha(256);
//ISigner signer = SignerUtilities.GetSigner("SHA-256withECDSA");
//signer.Init(true, EcDsa.Private);
// byte[] buf = new byte[]{0,0,0,1,0};
var time = TimeStamp();
byte[] p = new byte[8];
p[0] = (byte)(time >> 56);
p[1] = (byte)(time >> 48);
p[2] = (byte)(time >> 40);
p[3] = (byte)(time >> 32);
p[4] = (byte)(time >> 24);
p[5] = (byte)(time >> 16);
p[6] = (byte)(time >> 8);
p[7] = (byte)time;
//signer.
byte[] signed;
using (MemoryStream buffer = new MemoryStream())
{
buffer.WriteByte(0);
buffer.WriteByte(0);
buffer.WriteByte(0);
buffer.WriteByte(1);
buffer.WriteByte(0);
//Write time
buffer.Write(p, 0, p.Length);
buffer.WriteByte(0);
using (BinaryWriter writer = new BinaryWriter(buffer, Encoding.UTF8))
{
writer.Write("POST");
writer.Write((byte)0);
writer.Write(request.RequestUri.PathAndQuery);
writer.Write((byte)0);
//if (request.Headers.Authorization != null && request.Headers.Authorization.Parameter != null)
//{
//writer.Write((byte)0);
//}
//else
//{
// writer.Write("");
//}
writer.Write((byte)0);
writer.Write(body);
writer.Write((byte)0);
}
byte[] input = buffer.ToArray();
//input = hash.ComputeHash(input);
//signer.BlockUpdate(input, 0, input.Length);
//signed = signer.GenerateSignature();
signed = EcDsa.SignHash(hash.ComputeHash(input));
}
byte[] final;
;
using (MemoryStream ms = new MemoryStream())
{
ms.WriteByte(0);
ms.WriteByte(0);
ms.WriteByte(0);
ms.WriteByte(1);
//Write Time
ms.Write(p, 0, p.Length);
//Write signature
ms.Write(signed, 0, signed.Length);
final = ms.ToArray();
}
request.Headers.Add("Signature", Convert.ToBase64String(final));
}
private async Task <AuthResponse <DeviceDisplayClaims> > DoDeviceAuth(string token)
{
var id = Guid.NewGuid().ToString();
var serial = Guid.NewGuid().ToString();
var key = EcDsa.ExportParameters(false);
var authRequest = new AuthRequest
{
RelyingParty = "http://auth.xboxlive.com",
TokenType = "JWT",
Properties = new Dictionary <string, object>()
{
// {"RpsTicket", token},
// {"SiteName", "user.auth.xboxlive.com"},
{ "DeviceType", "Nintendo" },
{ "Id", id },
{ "SerialNumber", serial },
{ "Version", "0.0.0.0" },
{ "AuthMethod", "ProofOfPossession" },
{
"ProofKey", new Dictionary <string, string>()
{
{ "crv", "P-256" },
{ "alg", "ES256" },
{ "use", "sig" },
{ "kty", "EC" },
{ "x", UrlSafe(key.Q.X) },
{ "y", UrlSafe(key.Q.Y) }
}
}
}
};
AuthResponse <DeviceDisplayClaims> deviceAuthResponse;
//using (var client = new HttpClient())
var client = GetClient();
using (var r = new HttpRequestMessage(HttpMethod.Post,
DeviceAuth))
{
r.Headers.Add("x-xbl-contract-version", "1");
//var json = JsonConvert.SerializeObject(authRequest);
//Console.WriteLine($"Device Request: " + json);
r.Content = SetHttpContent(authRequest, out var jsonData);
Sign(r, jsonData);
Console.WriteLine();
Console.WriteLine($"Request data: {r.Content.ReadAsStringAsync().Result}");
using (var response = await client
.SendAsync(r, HttpCompletionOption.ResponseContentRead)
.ConfigureAwait(false))
{
var resp = await response.Content.ReadAsStringAsync();
Console.WriteLine($"DEV AUTH: {resp}");
response.EnsureSuccessStatusCode();
deviceAuthResponse =
JsonConvert.DeserializeObject <AuthResponse <DeviceDisplayClaims> >(
resp);
Console.WriteLine($"Device Auth: {JsonConvert.SerializeObject(deviceAuthResponse)}");
Console.WriteLine();
}
}
return(deviceAuthResponse);
}
private void Sign(HttpRequestMessage request, byte[] body)
{
var hash = SHA256.Create();
var time = TimeStamp();
byte[] p = new byte[8];
p[0] = (byte)(time >> 56);
p[1] = (byte)(time >> 48);
p[2] = (byte)(time >> 40);
p[3] = (byte)(time >> 32);
p[4] = (byte)(time >> 24);
p[5] = (byte)(time >> 16);
p[6] = (byte)(time >> 8);
p[7] = (byte)time;
//signer.
byte[] signed;
using (MemoryStream buffer = new MemoryStream())
{
buffer.WriteByte(0);
buffer.WriteByte(0);
buffer.WriteByte(0);
buffer.WriteByte(1);
buffer.WriteByte(0);
//Write time
buffer.Write(p, 0, p.Length);
buffer.WriteByte(0);
//using (BinaryWriter writer = new BinaryWriter(buffer, Encoding.UTF8))
{
buffer.Write(Encoding.UTF8.GetBytes("POST"));
buffer.WriteByte((byte)0);
buffer.Write(Encoding.UTF8.GetBytes(request.RequestUri.PathAndQuery));
buffer.WriteByte((byte)0);
buffer.WriteByte((byte)0);
buffer.Write(body);
buffer.WriteByte((byte)0);
}
byte[] input = buffer.ToArray();
signed = EcDsa.SignHash(hash.ComputeHash(input));
//var signer = SignerUtilities.GetSigner(NistObjectIdentifiers.IdEcdsaWithSha3_256);
//signer.Init(true, (ECPrivateKeyParameters)BouncyKeyPair.Private);
//signer.BlockUpdate(input, 0, input.Length);
//var hashed = hash.ComputeHash(input);
//signer.BlockUpdate(hashed, 0, hashed.Length);
//signed = signer.GenerateSignature();
}
byte[] final;
;
using (MemoryStream ms = new MemoryStream())
{
ms.WriteByte(0);
ms.WriteByte(0);
ms.WriteByte(0);
ms.WriteByte(1);
//Write Time
ms.Write(p, 0, p.Length);
//Write signature
ms.Write(signed, 0, signed.Length);
final = ms.ToArray();
}
request.Headers.Add("Signature", Convert.ToBase64String(final));
}
