wip microsoft account login

This commit is contained in:
creeper123123321 2021-01-05 16:06:33 -03:00
parent 5a3ff3b073
commit 8a61235db7
4 changed files with 369 additions and 372 deletions

View File

@ -72,126 +72,6 @@ class ViaWebApp {
}
}
// todo xbox auth
/*
val redirectUrl = "https://localhost:25543/xbox-auth/ms-callback"
val siteKey = "9e95fd56-0f45-42f9-af28-9b803645da22"
val secretKey = "redacted"
val azureClientId = "a370fff9-7648-4dbf-b96e-2b4f8d539ac2"
val azureClientSecret = "redacted"
get("/xbox-auth/") {
call.respondText(contentType = ContentType.parse("text/html")) {
"""<script src="https://hcaptcha.com/1/api.js"></script>
<form action="/xbox-auth/ms-login" method="POST" id="form">
<div class="h-captcha" data-sitekey="$siteKey" data-callback="hc"></div>
</form>
<script>function hc() { document.getElementById("form").submit(); }
window.onload = () => hcaptcha.execute();</script>
"""
}
}
val validTokens = Collections.newSetFromMap<UUID>(ConcurrentHashMap())
post("/xbox-auth/ms-login") {
val multipart = call.receiveParameters()
val hcaptchaResponse = httpClient.submitForm<JsonObject>(
"https://hcaptcha.com/siteverify",
parametersOf(
"response" to listOf(multipart["h-captcha-response"]!!),
"secret" to listOf(secretKey),
"siteKey" to listOf(siteKey)
)
)
if (!hcaptchaResponse.get("success").asBoolean) {
call.respondText(status = HttpStatusCode.Forbidden) { "hcaptcha failed" }
return@post
}
call.respondRedirect(permanent = false) {
takeFrom(
"https://login.live.com/oauth20_authorize.srf" +
"?client_id=$azureClientId" +
"&response_type=code" +
"&redirect_uri=${URLEncoder.encode(redirectUrl, Charsets.UTF_8)}" +
"&scope=XboxLive.signin" +
"&state=${UUID.randomUUID().also { validTokens.add(it) }}"
)
}
}
get("/xbox-auth/ms-callback") {
val authCode = call.request.queryParameters.getOrFail("code")
val state = call.request.queryParameters.getOrFail("state")
if (!validTokens.remove(UUID.fromString(state))) {
call.respondText(status = HttpStatusCode.Forbidden) { "failed state token" }
return@get
}
val authToken = httpClient.submitForm<JsonObject>(
"https://login.live.com/oauth20_token.srf",
parametersOf(
"client_id" to listOf(azureClientId),
"client_secret" to listOf(azureClientSecret),
"code" to listOf(authCode),
"grant_type" to listOf("authorization_code"),
"redirect_uri" to listOf(redirectUrl)
)
)
val xboxLiveAuthResult = httpClient.post<JsonObject> {
url("https://user.auth.xboxlive.com/user/authenticate")
body = JsonObject().also {
it.add("Properties", JsonObject().also {
it.addProperty("AuthMethod", "RPS")
it.addProperty("SiteName", "user.auth.xboxlive.com")
it.addProperty("RpsTicket", authToken.get("access_token").asString)
})
it.addProperty("TokenType", "JWT")
it.addProperty("RelyingParty", "http://auth.xboxlive.com")
}
header("content-type", "application/json")
header("accept", "application/json")
}
val xstsAuth = httpClient.post<JsonObject> {
url("https://xsts.auth.xboxlive.com/xsts/authorize")
body = JsonObject().also {
it.add("Properties", JsonObject().also {
it.addProperty("SandboxId", "RETAIL")
it.add(
"UserTokens",
JsonArray().also { it.add(xboxLiveAuthResult.get("Token").asString) })
})
it.addProperty("TokenType", "JWT")
it.addProperty("RelyingParty", "rp://api.minecraftservices.com/")
}
header("content-type", "application/json")
header("accept", "application/json")
}
val mcToken = httpClient.post<JsonObject> {
url("https://api.minecraftservices.com/authentication/login_with_xbox")
body = JsonObject().also {
it.addProperty(
"identityToken",
"XBL3.0 x=${
xstsAuth.getAsJsonObject("DisplayClaims").getAsJsonArray("xui")
.first { it.asJsonObject.has("uhs") }.asJsonObject.get("uhs").asString
};${xstsAuth.get("Token").asString}"
)
}
header("content-type", "application/json")
header("accept", "application/json")
}
call.respondText { mcToken.get("access_token").asString }
} */
static {
defaultResource("index.html", "web")
resources("web")
@ -364,4 +244,4 @@ class WebLogin : WebState {
override suspend fun onException(webClient: WebClient, exception: java.lang.Exception) {
}
}
}

View File

@ -11,14 +11,15 @@
<meta property="og:image" content="https://raw.githubusercontent.com/ViaVersion/ViaVersion/a13c417352298c2269aed8736a76205f0040b705/fabric/src/main/resources/assets/viaversion/textures/squarelogo.png">
<meta property="og:type" content="game">
<link rel="icon" href="https://raw.githubusercontent.com/ViaVersion/ViaVersion/a13c417352298c2269aed8736a76205f0040b705/fabric/src/main/resources/assets/viaversion/textures/squarelogo.png">
<meta http-equiv="Content-Security-Policy" content="default-src 'self' https://cdnjs.cloudflare.com/; img-src https://*; connect-src 'self' http://localhost:*/ https: ws: wss:">
<meta http-equiv="Content-Security-Policy" content="default-src 'self' https://cdnjs.cloudflare.com/ https://alcdn.msauth.net/; img-src https://*; connect-src 'self' http://localhost:*/ https: ws: wss:">
<meta name="referrer" content="no-referrer">
<!-- only accept http from localhost -->
<title>VIAaaS Authenticator</title>
<link rel="stylesheet" href="style.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/uuid/8.3.1/uuid.min.js"></script>
<script src="auth.js"></script>
<script type="text/javascript" src="https://alcdn.msauth.net/browser/2.0.0-beta.4/js/msal-browser.js" integrity="sha384-7sxY2tN3GMVE5jXH2RL9AdbO6s46vUh9lUid4yNCHJMUzDoj+0N4ve6rLOmR88yN" crossorigin="anonymous"></script>
<script src="auth_ms.js"></script>
</head>
<body>
<div id="browser_accounts">
@ -29,6 +30,8 @@
<input type="url" id="cors-proxy" name="cors-proxy" value="">
</p></div>
<div id="add-account"><form><p>
<input id="login_submit_ms" type="button" value="Login with Microsoft">
<br>
<label for="email">Email/Username:</label>
<br>
<input type="text" id="email" name="email" value="">
@ -50,5 +53,6 @@
<hr>
<p><span id="content"></span></p>
</div>
<script src="auth.js"></script>
</body>
</html>

View File

@ -1,279 +1,308 @@
$(() => {
let urlParams = new URLSearchParams();
window.location.hash.substr(1).split("?").map(it => new URLSearchParams(it).forEach((a, b) => urlParams.append(b, a)));
var username = urlParams.get("username");
var mcauth_code = urlParams.get("mcauth_code");
if (urlParams.get("mcauth_success") == "false") {
alert("Couldn't authenticate with Minecraft.ID: " + urlParams.get("mcauth_msg"));
}
let urlParams = new URLSearchParams();
window.location.hash.substr(1).split("?").map(it => new URLSearchParams(it).forEach((a, b) => urlParams.append(b, a)));
var username = urlParams.get("username");
var mcauth_code = urlParams.get("mcauth_code");
if (urlParams.get("mcauth_success") == "false") {
alert("Couldn't authenticate with Minecraft.ID: " + urlParams.get("mcauth_msg"));
}
var wsUrl = window.location.host == "viaversion.github.io" ? prompt("VIAaaS instance WS URL") : "wss://" + window.location.host + "/ws";
var wsUrl = window.location.host == "viaversion.github.io" ? prompt("VIAaaS instance WS URL") : "wss://" + window.location.host + "/ws";
var socket = null;
var connectionStatus = document.getElementById("connection_status");
var content = document.getElementById("content");
var acounts = document.getElementById("accounts");
var socket = null;
var connectionStatus = document.getElementById("connection_status");
var content = document.getElementById("content");
var acounts = document.getElementById("accounts");
$("#cors-proxy").on("change", () => localStorage.setItem('cors-proxy', $("#cors-proxy").val()));
$("#cors-proxy").val(localStorage.getItem("cors-proxy"));
$("#login_submit_mc").on("click", loginMc);
function getCorsProxy() {
return localStorage.getItem("cors-proxy") || "http://localhost:8080/";
}
function loginMc() {
var clientToken = uuid.v4();
function loginMc() {
var clientToken = uuid.v4();
$.ajax({type: "post",
url: getCorsProxy() + "https://authserver.mojang.com/authenticate",
data: JSON.stringify({
agent: {name: "Minecraft", version: 1},
username: $("#email").val(),
password: $("#password").val(),
clientToken: clientToken,
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
storeMcAccount(data.accessToken, data.clientToken, data.selectedProfile.name, data.selectedProfile.id);
}).fail(() => alert("Failed to login"));
$("#email").val("");
$("#password").val("");
}
function storeMcAccount(accessToken, clientToken, name, id) {
let accounts = JSON.parse(localStorage.getItem("mc_accounts")) || [];
let account = {accessToken: accessToken, clientToken: clientToken, name: name, id: id};
accounts.push(account);
localStorage.setItem("mc_accounts", JSON.stringify(accounts));
refreshAccountList();
return account;
}
function removeMcAccount(id) {
let accounts = JSON.parse(localStorage.getItem("mc_accounts")) || [];
accounts = accounts.filter(it => it.id != id);
localStorage.setItem("mc_accounts", JSON.stringify(accounts));
refreshAccountList();
}
function getMcAccounts() {
return JSON.parse(localStorage.getItem("mc_accounts")) || [];
}
function logout(id) {
getMcAccounts().filter(it => it.id == id).forEach(it => {
$.ajax({type: "post",
url: localStorage.getItem("cors-proxy") + "https://authserver.mojang.com/authenticate",
data: JSON.stringify({
agent: {name: "Minecraft", version: 1},
username: $("#email").val(),
password: $("#password").val(),
clientToken: clientToken,
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
storeMcAccount(data.accessToken, data.clientToken, data.selectedProfile.name, data.selectedProfile.id);
}).fail(() => alert("Failed to login"));
$("#email").val("");
$("#password").val("");
}
function storeMcAccount(accessToken, clientToken, name, id) {
let accounts = JSON.parse(localStorage.getItem("mc_accounts")) || [];
let account = {accessToken: accessToken, clientToken: clientToken, name: name, id: id};
accounts.push(account);
localStorage.setItem("mc_accounts", JSON.stringify(accounts));
refreshAccountList();
return account;
}
function removeMcAccount(id) {
let accounts = JSON.parse(localStorage.getItem("mc_accounts")) || [];
accounts = accounts.filter(it => it.id != id);
localStorage.setItem("mc_accounts", JSON.stringify(accounts));
refreshAccountList();
}
function getMcAccounts() {
return JSON.parse(localStorage.getItem("mc_accounts")) || [];
}
function logout(id) {
getMcAccounts().filter(it => it.id == id).forEach(it => {
$.ajax({type: "post",
url: localStorage.getItem("cors-proxy") + "https://authserver.mojang.com/invalidate",
data: JSON.stringify({
accessToken: it.accessToken,
clientToken: it.clientToken
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
removeMcAccount(id);
}).fail(() => {
if (confirm("failed to invalidate token! remove account?")) {
removeMcAccount(id);
}
});
});
}
function addMcAccountToList(id, name) {
let p = document.createElement("p");
let head = document.createElement("img");
let n = document.createElement("span");
let remove = document.createElement("a");
n.innerText = " " + name + " ";
remove.innerText = "Remove";
remove.href = "#";
remove.onclick = () => {
logout(id);
};
head.className = "account_head";
head.alt = name + "'s head";
head.src = "https://crafthead.net/helm/" + id;
p.append(head);
p.append(n);
p.append(remove);
accounts.appendChild(p);
}
function refreshAccountList() {
accounts.innerHTML = "";
getMcAccounts().forEach(it => addMcAccountToList(it.id, it.name));
}
function refreshAccountIfNeeded(it, doneCallback, failCallback) {
$.ajax({type: "post",
url: localStorage.getItem("cors-proxy") + "https://authserver.mojang.com/validate",
url: getCorsProxy() + "https://authserver.mojang.com/invalidate",
data: JSON.stringify({
accessToken: it.accessToken,
clientToken: it.clientToken
}),
contentType: "application/json",
dataType: "json"
})
.done(() => doneCallback(it))
.fail(() => {
// Needs refresh
console.log("refreshing " + it.id);
$.ajax({type: "post",
url: localStorage.getItem("cors-proxy") + "https://authserver.mojang.com/refresh",
data: JSON.stringify({
accessToken: it.accessToken,
clientToken: it.clientToken
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
console.log("refreshed " + data.selectedProfile.id);
removeMcAccount(data.selectedProfile.id);
doneCallback(storeMcAccount(data.accessToken, data.clientToken, data.selectedProfile.name, data.selectedProfile.id));
}).fail(() => {
if (confirm("failed to refresh token! remove account?")) {
removeMcAccount(it.id);
}
failCallback();
});
}).done((data) => {
removeMcAccount(id);
}).fail(() => {
if (confirm("failed to invalidate token! remove account?")) {
removeMcAccount(id);
}
});
}
});
}
refreshAccountList();
function addMcAccountToList(id, name) {
let p = document.createElement("p");
let head = document.createElement("img");
let n = document.createElement("span");
let remove = document.createElement("a");
n.innerText = " " + name + " ";
remove.innerText = "Remove";
remove.href = "#";
remove.onclick = () => {
logout(id);
};
head.className = "account_head";
head.alt = name + "'s head";
head.src = "https://crafthead.net/helm/" + id;
p.append(head);
p.append(n);
p.append(remove);
accounts.appendChild(p);
}
function listen(token) {
socket.send(JSON.stringify({"action": "listen_login_requests", "token": token}));
}
function addMsAccountToList(id, name, msUser) {
let p = document.createElement("p");
let head = document.createElement("img");
let n = document.createElement("span");
let remove = document.createElement("a");
n.innerText = " " + name + "(MS: " + msUser + ") ";
remove.innerText = "Logout";
remove.href = "#";
remove.onclick = () => {
signOut(msUser);
};
head.className = "account_head";
head.alt = name + "'s head";
head.src = "https://crafthead.net/helm/" + id;
p.append(head);
p.append(n);
p.append(remove);
accounts.appendChild(p);
}
function confirmJoin(hash) {
socket.send(JSON.stringify({action: "session_hash_response", session_hash: hash}));
}
function refreshAccountList() {
accounts.innerHTML = "";
getMcAccounts().forEach(it => addMcAccountToList(it.id, it.name));
(myMSALObj.getAllAccounts() || []).forEach(it => addMsAccountToList("TODO", "TODO", it.username))
}
function saveToken(token) {
let hTokens = JSON.parse(localStorage.getItem("tokens")) || {};
let tokens = hTokens[wsUrl] || [];
tokens.push(token);
hTokens[wsUrl] = tokens;
localStorage.setItem("tokens", JSON.stringify(hTokens));
}
function refreshAccountIfNeeded(it, doneCallback, failCallback) {
$.ajax({type: "post",
url: getCorsProxy() + "https://authserver.mojang.com/validate",
data: JSON.stringify({
accessToken: it.accessToken,
clientToken: it.clientToken
}),
contentType: "application/json",
dataType: "json"
})
.done(() => doneCallback(it))
.fail(() => {
// Needs refresh
console.log("refreshing " + it.id);
$.ajax({type: "post",
url: getCorsProxy() + "https://authserver.mojang.com/refresh",
data: JSON.stringify({
accessToken: it.accessToken,
clientToken: it.clientToken
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
console.log("refreshed " + data.selectedProfile.id);
removeMcAccount(data.selectedProfile.id);
doneCallback(storeMcAccount(data.accessToken, data.clientToken, data.selectedProfile.name, data.selectedProfile.id));
}).fail(() => {
if (confirm("failed to refresh token! remove account?")) {
removeMcAccount(it.id);
}
failCallback();
});
});
}
function removeToken(token) {
let hTokens = JSON.parse(localStorage.getItem("tokens")) || {};
let tokens = hTokens[wsUrl] || [];
tokens = tokens.filter(it => it != token);
hTokens[wsUrl] = tokens;
localStorage.setItem("tokens", JSON.stringify(hTokens));
}
function listen(token) {
socket.send(JSON.stringify({"action": "listen_login_requests", "token": token}));
}
function getTokens() {
return (JSON.parse(localStorage.getItem("tokens")) || {})[wsUrl] || [];
}
function showListenAccount() {
if (username != null && mcauth_code != null) {
let p = document.createElement("p");
let add = document.createElement("a");
p.appendChild(add);
add.innerText = "Listen to " + username;
add.href = "#";
add.onclick = () => {
socket.send(JSON.stringify({
"action": "minecraft_id_login",
"username": username,
"code": mcauth_code}));
};
content.appendChild(p);
}
function confirmJoin(hash) {
socket.send(JSON.stringify({action: "session_hash_response", session_hash: hash}));
}
function saveToken(token) {
let hTokens = JSON.parse(localStorage.getItem("tokens")) || {};
let tokens = hTokens[wsUrl] || [];
tokens.push(token);
hTokens[wsUrl] = tokens;
localStorage.setItem("tokens", JSON.stringify(hTokens));
}
function removeToken(token) {
let hTokens = JSON.parse(localStorage.getItem("tokens")) || {};
let tokens = hTokens[wsUrl] || [];
tokens = tokens.filter(it => it != token);
hTokens[wsUrl] = tokens;
localStorage.setItem("tokens", JSON.stringify(hTokens));
}
function getTokens() {
return (JSON.parse(localStorage.getItem("tokens")) || {})[wsUrl] || [];
}
function showListenAccount() {
if (username != null && mcauth_code != null) {
let p = document.createElement("p");
let link = document.createElement("a");
p.appendChild(link);
link.innerText = "Listen to username in VIAaaS instance";
link.href = "#";
link.onclick = () => {
let user = prompt("Username (Minecraft.ID is case-sensitive): ", "");
let callbackUrl = new URL(location.origin + location.pathname + "#username=" + encodeURIComponent(user));
location = "https://api.minecraft.id/gateway/start/" + encodeURIComponent(user) + "?callback=" + encodeURIComponent(callbackUrl);
let add = document.createElement("a");
p.appendChild(add);
add.innerText = "Listen to " + username;
add.href = "#";
add.onclick = () => {
socket.send(JSON.stringify({
"action": "minecraft_id_login",
"username": username,
"code": mcauth_code}));
};
content.appendChild(p);
}
let p = document.createElement("p");
let link = document.createElement("a");
p.appendChild(link);
link.innerText = "Listen to username in VIAaaS instance";
link.href = "#";
link.onclick = () => {
let user = prompt("Username (Minecraft.ID is case-sensitive): ", "");
let callbackUrl = new URL(location.origin + location.pathname + "#username=" + encodeURIComponent(user));
location = "https://api.minecraft.id/gateway/start/" + encodeURIComponent(user) + "?callback=" + encodeURIComponent(callbackUrl);
};
content.appendChild(p);
}
function connect() {
connectionStatus.innerText = "connecting...";
socket = new WebSocket(wsUrl);
socket.onerror = e => {
console.log(e);
connectionStatus.innerText = "socket error";
content.innerHTML = "";
};
socket.onopen = () => {
connectionStatus.innerText = "connected";
content.innerHTML = "";
getTokens().forEach(listen);
};
socket.onclose = evt => {
connectionStatus.innerText = "disconnected with close code " + evt.code + " and reason: " + evt.reason;
content.innerHTML = "";
setTimeout(connect, 5000);
};
socket.onmessage = event => {
console.log(event.data.toString());
let parsed = JSON.parse(event.data);
if (parsed.action == "ad_minecraft_id_login") {
showListenAccount();
} else if (parsed.action == "minecraft_id_result") {
if (!parsed.success) {
alert("VIAaaS instance couldn't verify account via Minecraft.ID");
} else {
listen(parsed.token);
saveToken(parsed.token);
}
} else if (parsed.action == "listen_login_requests_result") {
if (parsed.success) {
let msg = document.createElement("p");
msg.innerText = "Listening to login: " + parsed.user;
content.appendChild(msg);
} else {
removeToken(parsed.token);
}
} else if (parsed.action == "session_hash_request") {
if (confirm("Allow auth impersonation from VIAaaS instance? info: " + JSON.stringify(parsed))) {
let account = getMcAccounts().reverse().find(it => it.name.toLowerCase() == parsed.user.toLowerCase());
if (account) {
refreshAccountIfNeeded(account, (data) => {
$.ajax({
type: "post",
url: localStorage.getItem("cors-proxy") + "https://sessionserver.mojang.com/session/minecraft/join",
data: JSON.stringify({
accessToken: data.accessToken,
selectedProfile: data.id,
serverId: parsed.session_hash
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
confirmJoin(parsed.session_hash);
}).fail((e) => {
console.log(e);
confirmJoin(parsed.session_hash);
alert("Failed to contact session server!");
});
}, () => {
confirmJoin(parsed.session_hash);
alert("Couldn't refresh " + parsed.user + " account in browser.");
});
} else {
alert("Couldn't find " + parsed.user + " account in browser.");
function onSocketMsg(event) {
console.log(event.data.toString());
let parsed = JSON.parse(event.data);
if (parsed.action == "ad_minecraft_id_login") {
showListenAccount();
} else if (parsed.action == "minecraft_id_result") {
if (!parsed.success) {
alert("VIAaaS instance couldn't verify account via Minecraft.ID");
} else {
listen(parsed.token);
saveToken(parsed.token);
}
} else if (parsed.action == "listen_login_requests_result") {
if (parsed.success) {
let msg = document.createElement("p");
msg.innerText = "Listening to login: " + parsed.user;
content.appendChild(msg);
} else {
removeToken(parsed.token);
}
} else if (parsed.action == "session_hash_request") {
if (confirm("Allow auth impersonation from VIAaaS instance? info: " + JSON.stringify(parsed))) {
let account = getMcAccounts().reverse().find(it => it.name.toLowerCase() == parsed.user.toLowerCase());
if (account) {
refreshAccountIfNeeded(account, (data) => {
$.ajax({
type: "post",
url: getCorsProxy() + "https://sessionserver.mojang.com/session/minecraft/join",
data: JSON.stringify({
accessToken: data.accessToken,
selectedProfile: data.id,
serverId: parsed.session_hash
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
confirmJoin(parsed.session_hash);
}
} else if (confirm("Continue without authentication (works on LAN worlds)?")) {
}).fail((e) => {
console.log(e);
confirmJoin(parsed.session_hash);
alert("Failed to contact session server!");
});
}, () => {
confirmJoin(parsed.session_hash);
}
alert("Couldn't refresh " + parsed.user + " account in browser.");
});
} else {
alert("Couldn't find " + parsed.user + " account in browser.");
confirmJoin(parsed.session_hash);
}
};
} else if (confirm("Continue without authentication (works on LAN worlds)?")) {
confirmJoin(parsed.session_hash);
}
}
}
function connect() {
connectionStatus.innerText = "connecting...";
socket = new WebSocket(wsUrl);
socket.onerror = e => {
console.log(e);
connectionStatus.innerText = "socket error";
content.innerHTML = "";
};
socket.onopen = () => {
connectionStatus.innerText = "connected";
content.innerHTML = "";
getTokens().forEach(listen);
};
socket.onclose = evt => {
connectionStatus.innerText = "disconnected with close code " + evt.code + " and reason: " + evt.reason;
content.innerHTML = "";
setTimeout(connect, 5000);
};
socket.onmessage = onSocketMsg;
}
$(() => {
$("#cors-proxy").on("change", () => localStorage.setItem('cors-proxy', $("#cors-proxy").val()));
$("#cors-proxy").val(getCorsProxy());
$("#login_submit_mc").on("click", loginMc);
$("#login_submit_ms").on("click", loginMs);
refreshAccountList();
connect();
});

View File

@ -0,0 +1,84 @@
// https://docs.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-javascript-auth-code
// Config object to be passed to Msal on creation
const msalConfig = {
auth: {
clientId: "a370fff9-7648-4dbf-b96e-2b4f8d539ac2",
authority: "https://login.microsoftonline.com/consumers/",
redirectUri: new URL(location.origin + location.pathname).toString(),
},
cache: {
cacheLocation: "sessionStorage", // This configures where your cache will be stored
storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge
}
};
const myMSALObj = new msal.PublicClientApplication(msalConfig);
// Add scopes for the id token to be used at Microsoft identity platform endpoints.
const loginRequest = {
scopes: ["XboxLive.signin"]
};
function loginMs() {
myMSALObj.loginPopup(loginRequest).then(response => refreshAccountList());
}
function getMcToken(username) {
return getTokenPopup(username, loginRequest)
.then((response) => {
// this supports CORS
return fetch("https://user.auth.xboxlive.com/user/authenticate", {method: "post",
data: JSON.stringify({"Properties": {"AuthMethod": "RPS", "SiteName": "user.auth.xboxlive.com",
"RpsTicket": "d=" + response.accessToken}, "RelyingParty": "http://auth.xboxlive.com", "TokenType": "JWT"}),
headers: {"content-type": "application/json"}});
}).then(xboxResponse => {
if (xboxResponse != 200) throw "xbox response not 200: " + xboxResponse;
// We need CORS proxy
return fetch(getCorsProxy() + "https://xsts.auth.xboxlive.com/xsts/authorize", {method: "post",
data: JSON.stringify({"Properties": {"SandboxId": "RETAIL", "UserTokens": [xboxResponse.json().Token]},
"RelyingParty": "rp://api.minecraftservices.com/", "TokenType": "JWT"}),
headers: {"content-type": "application/json"}});
}).then(xstsResponse => {
// Need CORS proxy here too
return fetch(getCorsProxy() + "https://api.minecraftservices.com/authentication/login_with_xbox", {
data: JSON.stringify({"identityToken": "XBL3.0 x=" + xstsResponse.json().DisplayClaims.xui.uhs + ";"
+ xstsResponse.json().Token}), headers: {"content-type": "application/json"}});
}).then(mcResponse => {
console.log(mcResponse); // finally!!!.. todo
return mcResponse;
}).catch(error => {
console.log(error);
});
}
function getTokenPopup(username, request) {
/**
* See here for more info on account retrieval:
* https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-common/docs/Accounts.md
*/
request.account = myMSALObj.getAccountByUsername(username);
return myMSALObj.acquireTokenSilent(request).catch(error => {
console.warn("silent token acquisition fails. acquiring token using redirect");
if (error instanceof msal.InteractionRequiredAuthError) {
// fallback to interaction when silent call fails
return myMSALObj.acquireTokenPopup(request).then(tokenResponse => {
console.log(tokenResponse);
return tokenResponse;
}).catch(error => {
console.error(error);
});
} else {
console.warn(error);
}
});
}
function signOut(username) {
const logoutRequest = {
account: myMSALObj.getAccountByUsername(username)
};
myMSALObj.logout(logoutRequest);
}