Upstream/VIAaaS
1
0
Fork 0
mirror of https://github.com/ViaVersion/VIAaaS.git synced 2024-11-22 12:05:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

wip microsoft account login

Browse Source
This commit is contained in:
creeper123123321 2021-01-05 16:06:33 -03:00
parent 5a3ff3b073
commit 8a61235db7
4 changed files with 369 additions and 372 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
src/main/kotlin/com/github/creeper123123321/viaaas/ViaWeb.kt
View File

@ -72,126 +72,6 @@ class ViaWebApp {
} }
} }
// todo xbox auth
/*
val redirectUrl = "https://localhost:25543/xbox-auth/ms-callback"
val siteKey = "9e95fd56-0f45-42f9-af28-9b803645da22"
val secretKey = "redacted"
val azureClientId = "a370fff9-7648-4dbf-b96e-2b4f8d539ac2"
val azureClientSecret = "redacted"
get("/xbox-auth/") {
call.respondText(contentType = ContentType.parse("text/html")) {
"""<script src="https://hcaptcha.com/1/api.js"></script>
<form action="/xbox-auth/ms-login" method="POST" id="form">
<div class="h-captcha" data-sitekey="$siteKey" data-callback="hc"></div>
</form>
<script>function hc() { document.getElementById("form").submit(); }
window.onload = () => hcaptcha.execute();</script>
"""
}
}
val validTokens = Collections.newSetFromMap<UUID>(ConcurrentHashMap())
post("/xbox-auth/ms-login") {
val multipart = call.receiveParameters()
val hcaptchaResponse = httpClient.submitForm<JsonObject>(
"https://hcaptcha.com/siteverify",
parametersOf(
"response" to listOf(multipart["h-captcha-response"]!!),
"secret" to listOf(secretKey),
"siteKey" to listOf(siteKey)
)
)
if (!hcaptchaResponse.get("success").asBoolean) {
call.respondText(status = HttpStatusCode.Forbidden) { "hcaptcha failed" }
return@post
}
call.respondRedirect(permanent = false) {
takeFrom(
"https://login.live.com/oauth20_authorize.srf" +
"?client_id=$azureClientId" +
"&response_type=code" +
"&redirect_uri=${URLEncoder.encode(redirectUrl, Charsets.UTF_8)}" +
"&scope=XboxLive.signin" +
"&state=${UUID.randomUUID().also { validTokens.add(it) }}"
)
}
}
get("/xbox-auth/ms-callback") {
val authCode = call.request.queryParameters.getOrFail("code")
val state = call.request.queryParameters.getOrFail("state")
if (!validTokens.remove(UUID.fromString(state))) {
call.respondText(status = HttpStatusCode.Forbidden) { "failed state token" }
return@get
}
val authToken = httpClient.submitForm<JsonObject>(
"https://login.live.com/oauth20_token.srf",
parametersOf(
"client_id" to listOf(azureClientId),
"client_secret" to listOf(azureClientSecret),
"code" to listOf(authCode),
"grant_type" to listOf("authorization_code"),
"redirect_uri" to listOf(redirectUrl)
)
)
val xboxLiveAuthResult = httpClient.post<JsonObject> {
url("https://user.auth.xboxlive.com/user/authenticate")
body = JsonObject().also {
it.add("Properties", JsonObject().also {
it.addProperty("AuthMethod", "RPS")
it.addProperty("SiteName", "user.auth.xboxlive.com")
it.addProperty("RpsTicket", authToken.get("access_token").asString)
})
it.addProperty("TokenType", "JWT")
it.addProperty("RelyingParty", "http://auth.xboxlive.com")
}
header("content-type", "application/json")
header("accept", "application/json")
}
val xstsAuth = httpClient.post<JsonObject> {
url("https://xsts.auth.xboxlive.com/xsts/authorize")
body = JsonObject().also {
it.add("Properties", JsonObject().also {
it.addProperty("SandboxId", "RETAIL")
it.add(
"UserTokens",
JsonArray().also { it.add(xboxLiveAuthResult.get("Token").asString) })
})
it.addProperty("TokenType", "JWT")
it.addProperty("RelyingParty", "rp://api.minecraftservices.com/")
}
header("content-type", "application/json")
header("accept", "application/json")
}
val mcToken = httpClient.post<JsonObject> {
url("https://api.minecraftservices.com/authentication/login_with_xbox")
body = JsonObject().also {
it.addProperty(
"identityToken",
"XBL3.0 x=${
xstsAuth.getAsJsonObject("DisplayClaims").getAsJsonArray("xui")
.first { it.asJsonObject.has("uhs") }.asJsonObject.get("uhs").asString
};${xstsAuth.get("Token").asString}"
)
}
header("content-type", "application/json")
header("accept", "application/json")
}
call.respondText { mcToken.get("access_token").asString }
} */
static { static {
defaultResource("index.html", "web") defaultResource("index.html", "web")
resources("web") resources("web")

8
src/main/resources/web/auth.html
View File

@ -11,14 +11,15 @@
<meta property="og:image" content="https://raw.githubusercontent.com/ViaVersion/ViaVersion/a13c417352298c2269aed8736a76205f0040b705/fabric/src/main/resources/assets/viaversion/textures/squarelogo.png"> <meta property="og:image" content="https://raw.githubusercontent.com/ViaVersion/ViaVersion/a13c417352298c2269aed8736a76205f0040b705/fabric/src/main/resources/assets/viaversion/textures/squarelogo.png">
<meta property="og:type" content="game"> <meta property="og:type" content="game">
<link rel="icon" href="https://raw.githubusercontent.com/ViaVersion/ViaVersion/a13c417352298c2269aed8736a76205f0040b705/fabric/src/main/resources/assets/viaversion/textures/squarelogo.png"> <link rel="icon" href="https://raw.githubusercontent.com/ViaVersion/ViaVersion/a13c417352298c2269aed8736a76205f0040b705/fabric/src/main/resources/assets/viaversion/textures/squarelogo.png">
<meta http-equiv="Content-Security-Policy" content="default-src 'self' https://cdnjs.cloudflare.com/; img-src https://*; connect-src 'self' http://localhost:*/ https: ws: wss:"> <meta http-equiv="Content-Security-Policy" content="default-src 'self' https://cdnjs.cloudflare.com/ https://alcdn.msauth.net/; img-src https://*; connect-src 'self' http://localhost:*/ https: ws: wss:">
<meta name="referrer" content="no-referrer"> <meta name="referrer" content="no-referrer">
<!-- only accept http from localhost --> <!-- only accept http from localhost -->
<title>VIAaaS Authenticator</title> <title>VIAaaS Authenticator</title>
<link rel="stylesheet" href="style.css"> <link rel="stylesheet" href="style.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/uuid/8.3.1/uuid.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/uuid/8.3.1/uuid.min.js"></script>
<script src="auth.js"></script> <script type="text/javascript" src="https://alcdn.msauth.net/browser/2.0.0-beta.4/js/msal-browser.js" integrity="sha384-7sxY2tN3GMVE5jXH2RL9AdbO6s46vUh9lUid4yNCHJMUzDoj+0N4ve6rLOmR88yN" crossorigin="anonymous"></script>
<script src="auth_ms.js"></script>
</head> </head>
<body> <body>
<div id="browser_accounts"> <div id="browser_accounts">
@ -29,6 +30,8 @@
<input type="url" id="cors-proxy" name="cors-proxy" value=""> <input type="url" id="cors-proxy" name="cors-proxy" value="">
</p></div> </p></div>
<div id="add-account"><form><p> <div id="add-account"><form><p>
<input id="login_submit_ms" type="button" value="Login with Microsoft">
<br>
<label for="email">Email/Username:</label> <label for="email">Email/Username:</label>
<br> <br>
<input type="text" id="email" name="email" value=""> <input type="text" id="email" name="email" value="">
@ -50,5 +53,6 @@
<hr> <hr>
<p><span id="content"></span></p> <p><span id="content"></span></p>
</div> </div>
<script src="auth.js"></script>
</body> </body>
</html> </html>

525
src/main/resources/web/auth.js
View File

@ -1,279 +1,308 @@
$(() => { let urlParams = new URLSearchParams();
let urlParams = new URLSearchParams(); window.location.hash.substr(1).split("?").map(it => new URLSearchParams(it).forEach((a, b) => urlParams.append(b, a)));
window.location.hash.substr(1).split("?").map(it => new URLSearchParams(it).forEach((a, b) => urlParams.append(b, a))); var username = urlParams.get("username");
var username = urlParams.get("username"); var mcauth_code = urlParams.get("mcauth_code");
var mcauth_code = urlParams.get("mcauth_code"); if (urlParams.get("mcauth_success") == "false") {
if (urlParams.get("mcauth_success") == "false") { alert("Couldn't authenticate with Minecraft.ID: " + urlParams.get("mcauth_msg"));
alert("Couldn't authenticate with Minecraft.ID: " + urlParams.get("mcauth_msg")); }
}
var wsUrl = window.location.host == "viaversion.github.io" ? prompt("VIAaaS instance WS URL") : "wss://" + window.location.host + "/ws"; var wsUrl = window.location.host == "viaversion.github.io" ? prompt("VIAaaS instance WS URL") : "wss://" + window.location.host + "/ws";
var socket = null; var socket = null;
var connectionStatus = document.getElementById("connection_status"); var connectionStatus = document.getElementById("connection_status");
var content = document.getElementById("content"); var content = document.getElementById("content");
var acounts = document.getElementById("accounts"); var acounts = document.getElementById("accounts");
$("#cors-proxy").on("change", () => localStorage.setItem('cors-proxy', $("#cors-proxy").val())); function getCorsProxy() {
$("#cors-proxy").val(localStorage.getItem("cors-proxy")); return localStorage.getItem("cors-proxy") || "http://localhost:8080/";
$("#login_submit_mc").on("click", loginMc); }
function loginMc() { function loginMc() {
var clientToken = uuid.v4(); var clientToken = uuid.v4();
$.ajax({type: "post",
url: getCorsProxy() + "https://authserver.mojang.com/authenticate",
data: JSON.stringify({
agent: {name: "Minecraft", version: 1},
username: $("#email").val(),
password: $("#password").val(),
clientToken: clientToken,
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
storeMcAccount(data.accessToken, data.clientToken, data.selectedProfile.name, data.selectedProfile.id);
}).fail(() => alert("Failed to login"));
$("#email").val("");
$("#password").val("");
}
function storeMcAccount(accessToken, clientToken, name, id) {
let accounts = JSON.parse(localStorage.getItem("mc_accounts")) || [];
let account = {accessToken: accessToken, clientToken: clientToken, name: name, id: id};
accounts.push(account);
localStorage.setItem("mc_accounts", JSON.stringify(accounts));
refreshAccountList();
return account;
}
function removeMcAccount(id) {
let accounts = JSON.parse(localStorage.getItem("mc_accounts")) || [];
accounts = accounts.filter(it => it.id != id);
localStorage.setItem("mc_accounts", JSON.stringify(accounts));
refreshAccountList();
}
function getMcAccounts() {
return JSON.parse(localStorage.getItem("mc_accounts")) || [];
}
function logout(id) {
getMcAccounts().filter(it => it.id == id).forEach(it => {
$.ajax({type: "post", $.ajax({type: "post",
url: localStorage.getItem("cors-proxy") + "https://authserver.mojang.com/authenticate", url: getCorsProxy() + "https://authserver.mojang.com/invalidate",
data: JSON.stringify({
agent: {name: "Minecraft", version: 1},
username: $("#email").val(),
password: $("#password").val(),
clientToken: clientToken,
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
storeMcAccount(data.accessToken, data.clientToken, data.selectedProfile.name, data.selectedProfile.id);
}).fail(() => alert("Failed to login"));
$("#email").val("");
$("#password").val("");
}
function storeMcAccount(accessToken, clientToken, name, id) {
let accounts = JSON.parse(localStorage.getItem("mc_accounts")) || [];
let account = {accessToken: accessToken, clientToken: clientToken, name: name, id: id};
accounts.push(account);
localStorage.setItem("mc_accounts", JSON.stringify(accounts));
refreshAccountList();
return account;
}
function removeMcAccount(id) {
let accounts = JSON.parse(localStorage.getItem("mc_accounts")) || [];
accounts = accounts.filter(it => it.id != id);
localStorage.setItem("mc_accounts", JSON.stringify(accounts));
refreshAccountList();
}
function getMcAccounts() {
return JSON.parse(localStorage.getItem("mc_accounts")) || [];
}
function logout(id) {
getMcAccounts().filter(it => it.id == id).forEach(it => {
$.ajax({type: "post",
url: localStorage.getItem("cors-proxy") + "https://authserver.mojang.com/invalidate",
data: JSON.stringify({
accessToken: it.accessToken,
clientToken: it.clientToken
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
removeMcAccount(id);
}).fail(() => {
if (confirm("failed to invalidate token! remove account?")) {
removeMcAccount(id);
}
});
});
}
function addMcAccountToList(id, name) {
let p = document.createElement("p");
let head = document.createElement("img");
let n = document.createElement("span");
let remove = document.createElement("a");
n.innerText = " " + name + " ";
remove.innerText = "Remove";
remove.href = "#";
remove.onclick = () => {
logout(id);
};
head.className = "account_head";
head.alt = name + "'s head";
head.src = "https://crafthead.net/helm/" + id;
p.append(head);
p.append(n);
p.append(remove);
accounts.appendChild(p);
}
function refreshAccountList() {
accounts.innerHTML = "";
getMcAccounts().forEach(it => addMcAccountToList(it.id, it.name));
}
function refreshAccountIfNeeded(it, doneCallback, failCallback) {
$.ajax({type: "post",
url: localStorage.getItem("cors-proxy") + "https://authserver.mojang.com/validate",
data: JSON.stringify({ data: JSON.stringify({
accessToken: it.accessToken, accessToken: it.accessToken,
clientToken: it.clientToken clientToken: it.clientToken
}), }),
contentType: "application/json", contentType: "application/json",
dataType: "json" dataType: "json"
}) }).done((data) => {
.done(() => doneCallback(it)) removeMcAccount(id);
.fail(() => { }).fail(() => {
// Needs refresh if (confirm("failed to invalidate token! remove account?")) {
console.log("refreshing " + it.id); removeMcAccount(id);
$.ajax({type: "post", }
url: localStorage.getItem("cors-proxy") + "https://authserver.mojang.com/refresh",
data: JSON.stringify({
accessToken: it.accessToken,
clientToken: it.clientToken
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
console.log("refreshed " + data.selectedProfile.id);
removeMcAccount(data.selectedProfile.id);
doneCallback(storeMcAccount(data.accessToken, data.clientToken, data.selectedProfile.name, data.selectedProfile.id));
}).fail(() => {
if (confirm("failed to refresh token! remove account?")) {
removeMcAccount(it.id);
}
failCallback();
});
}); });
} });
}
refreshAccountList(); function addMcAccountToList(id, name) {
let p = document.createElement("p");
let head = document.createElement("img");
let n = document.createElement("span");
let remove = document.createElement("a");
n.innerText = " " + name + " ";
remove.innerText = "Remove";
remove.href = "#";
remove.onclick = () => {
logout(id);
};
head.className = "account_head";
head.alt = name + "'s head";
head.src = "https://crafthead.net/helm/" + id;
p.append(head);
p.append(n);
p.append(remove);
accounts.appendChild(p);
}
function listen(token) { function addMsAccountToList(id, name, msUser) {
socket.send(JSON.stringify({"action": "listen_login_requests", "token": token})); let p = document.createElement("p");
} let head = document.createElement("img");
let n = document.createElement("span");
let remove = document.createElement("a");
n.innerText = " " + name + "(MS: " + msUser + ") ";
remove.innerText = "Logout";
remove.href = "#";
remove.onclick = () => {
signOut(msUser);
};
head.className = "account_head";
head.alt = name + "'s head";
head.src = "https://crafthead.net/helm/" + id;
p.append(head);
p.append(n);
p.append(remove);
accounts.appendChild(p);
}
function confirmJoin(hash) { function refreshAccountList() {
socket.send(JSON.stringify({action: "session_hash_response", session_hash: hash})); accounts.innerHTML = "";
} getMcAccounts().forEach(it => addMcAccountToList(it.id, it.name));
(myMSALObj.getAllAccounts() || []).forEach(it => addMsAccountToList("TODO", "TODO", it.username))
}
function saveToken(token) { function refreshAccountIfNeeded(it, doneCallback, failCallback) {
let hTokens = JSON.parse(localStorage.getItem("tokens")) || {}; $.ajax({type: "post",
let tokens = hTokens[wsUrl] || []; url: getCorsProxy() + "https://authserver.mojang.com/validate",
tokens.push(token); data: JSON.stringify({
hTokens[wsUrl] = tokens; accessToken: it.accessToken,
localStorage.setItem("tokens", JSON.stringify(hTokens)); clientToken: it.clientToken
} }),
contentType: "application/json",
dataType: "json"
})
.done(() => doneCallback(it))
.fail(() => {
// Needs refresh
console.log("refreshing " + it.id);
$.ajax({type: "post",
url: getCorsProxy() + "https://authserver.mojang.com/refresh",
data: JSON.stringify({
accessToken: it.accessToken,
clientToken: it.clientToken
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
console.log("refreshed " + data.selectedProfile.id);
removeMcAccount(data.selectedProfile.id);
doneCallback(storeMcAccount(data.accessToken, data.clientToken, data.selectedProfile.name, data.selectedProfile.id));
}).fail(() => {
if (confirm("failed to refresh token! remove account?")) {
removeMcAccount(it.id);
}
failCallback();
});
});
}
function removeToken(token) { function listen(token) {
let hTokens = JSON.parse(localStorage.getItem("tokens")) || {}; socket.send(JSON.stringify({"action": "listen_login_requests", "token": token}));
let tokens = hTokens[wsUrl] || []; }
tokens = tokens.filter(it => it != token);
hTokens[wsUrl] = tokens;
localStorage.setItem("tokens", JSON.stringify(hTokens));
}
function getTokens() { function confirmJoin(hash) {
return (JSON.parse(localStorage.getItem("tokens")) || {})[wsUrl] || []; socket.send(JSON.stringify({action: "session_hash_response", session_hash: hash}));
} }
function showListenAccount() { function saveToken(token) {
if (username != null && mcauth_code != null) { let hTokens = JSON.parse(localStorage.getItem("tokens")) || {};
let p = document.createElement("p"); let tokens = hTokens[wsUrl] || [];
let add = document.createElement("a"); tokens.push(token);
p.appendChild(add); hTokens[wsUrl] = tokens;
add.innerText = "Listen to " + username; localStorage.setItem("tokens", JSON.stringify(hTokens));
add.href = "#"; }
add.onclick = () => {
socket.send(JSON.stringify({ function removeToken(token) {
"action": "minecraft_id_login", let hTokens = JSON.parse(localStorage.getItem("tokens")) || {};
"username": username, let tokens = hTokens[wsUrl] || [];
"code": mcauth_code})); tokens = tokens.filter(it => it != token);
}; hTokens[wsUrl] = tokens;
content.appendChild(p); localStorage.setItem("tokens", JSON.stringify(hTokens));
} }
function getTokens() {
return (JSON.parse(localStorage.getItem("tokens")) || {})[wsUrl] || [];
}
function showListenAccount() {
if (username != null && mcauth_code != null) {
let p = document.createElement("p"); let p = document.createElement("p");
let link = document.createElement("a"); let add = document.createElement("a");
p.appendChild(link); p.appendChild(add);
link.innerText = "Listen to username in VIAaaS instance"; add.innerText = "Listen to " + username;
link.href = "#"; add.href = "#";
link.onclick = () => { add.onclick = () => {
let user = prompt("Username (Minecraft.ID is case-sensitive): ", ""); socket.send(JSON.stringify({
let callbackUrl = new URL(location.origin + location.pathname + "#username=" + encodeURIComponent(user)); "action": "minecraft_id_login",
location = "https://api.minecraft.id/gateway/start/" + encodeURIComponent(user) + "?callback=" + encodeURIComponent(callbackUrl); "username": username,
"code": mcauth_code}));
}; };
content.appendChild(p); content.appendChild(p);
} }
let p = document.createElement("p");
let link = document.createElement("a");
p.appendChild(link);
link.innerText = "Listen to username in VIAaaS instance";
link.href = "#";
link.onclick = () => {
let user = prompt("Username (Minecraft.ID is case-sensitive): ", "");
let callbackUrl = new URL(location.origin + location.pathname + "#username=" + encodeURIComponent(user));
location = "https://api.minecraft.id/gateway/start/" + encodeURIComponent(user) + "?callback=" + encodeURIComponent(callbackUrl);
};
content.appendChild(p);
}
function connect() { function onSocketMsg(event) {
connectionStatus.innerText = "connecting..."; console.log(event.data.toString());
socket = new WebSocket(wsUrl); let parsed = JSON.parse(event.data);
if (parsed.action == "ad_minecraft_id_login") {
socket.onerror = e => { showListenAccount();
console.log(e); } else if (parsed.action == "minecraft_id_result") {
connectionStatus.innerText = "socket error"; if (!parsed.success) {
content.innerHTML = ""; alert("VIAaaS instance couldn't verify account via Minecraft.ID");
}; } else {
listen(parsed.token);
socket.onopen = () => { saveToken(parsed.token);
connectionStatus.innerText = "connected"; }
content.innerHTML = ""; } else if (parsed.action == "listen_login_requests_result") {
if (parsed.success) {
getTokens().forEach(listen); let msg = document.createElement("p");
}; msg.innerText = "Listening to login: " + parsed.user;
content.appendChild(msg);
socket.onclose = evt => { } else {
connectionStatus.innerText = "disconnected with close code " + evt.code + " and reason: " + evt.reason; removeToken(parsed.token);
content.innerHTML = ""; }
setTimeout(connect, 5000); } else if (parsed.action == "session_hash_request") {
}; if (confirm("Allow auth impersonation from VIAaaS instance? info: " + JSON.stringify(parsed))) {
let account = getMcAccounts().reverse().find(it => it.name.toLowerCase() == parsed.user.toLowerCase());
socket.onmessage = event => { if (account) {
console.log(event.data.toString()); refreshAccountIfNeeded(account, (data) => {
let parsed = JSON.parse(event.data); $.ajax({
if (parsed.action == "ad_minecraft_id_login") { type: "post",
showListenAccount(); url: getCorsProxy() + "https://sessionserver.mojang.com/session/minecraft/join",
} else if (parsed.action == "minecraft_id_result") { data: JSON.stringify({
if (!parsed.success) { accessToken: data.accessToken,
alert("VIAaaS instance couldn't verify account via Minecraft.ID"); selectedProfile: data.id,
} else { serverId: parsed.session_hash
listen(parsed.token); }),
saveToken(parsed.token); contentType: "application/json",
} dataType: "json"
} else if (parsed.action == "listen_login_requests_result") { }).done((data) => {
if (parsed.success) {
let msg = document.createElement("p");
msg.innerText = "Listening to login: " + parsed.user;
content.appendChild(msg);
} else {
removeToken(parsed.token);
}
} else if (parsed.action == "session_hash_request") {
if (confirm("Allow auth impersonation from VIAaaS instance? info: " + JSON.stringify(parsed))) {
let account = getMcAccounts().reverse().find(it => it.name.toLowerCase() == parsed.user.toLowerCase());
if (account) {
refreshAccountIfNeeded(account, (data) => {
$.ajax({
type: "post",
url: localStorage.getItem("cors-proxy") + "https://sessionserver.mojang.com/session/minecraft/join",
data: JSON.stringify({
accessToken: data.accessToken,
selectedProfile: data.id,
serverId: parsed.session_hash
}),
contentType: "application/json",
dataType: "json"
}).done((data) => {
confirmJoin(parsed.session_hash);
}).fail((e) => {
console.log(e);
confirmJoin(parsed.session_hash);
alert("Failed to contact session server!");
});
}, () => {
confirmJoin(parsed.session_hash);
alert("Couldn't refresh " + parsed.user + " account in browser.");
});
} else {
alert("Couldn't find " + parsed.user + " account in browser.");
confirmJoin(parsed.session_hash); confirmJoin(parsed.session_hash);
} }).fail((e) => {
} else if (confirm("Continue without authentication (works on LAN worlds)?")) { console.log(e);
confirmJoin(parsed.session_hash);
alert("Failed to contact session server!");
});
}, () => {
confirmJoin(parsed.session_hash); confirmJoin(parsed.session_hash);
} alert("Couldn't refresh " + parsed.user + " account in browser.");
});
} else {
alert("Couldn't find " + parsed.user + " account in browser.");
confirmJoin(parsed.session_hash);
} }
}; } else if (confirm("Continue without authentication (works on LAN worlds)?")) {
confirmJoin(parsed.session_hash);
}
} }
}
function connect() {
connectionStatus.innerText = "connecting...";
socket = new WebSocket(wsUrl);
socket.onerror = e => {
console.log(e);
connectionStatus.innerText = "socket error";
content.innerHTML = "";
};
socket.onopen = () => {
connectionStatus.innerText = "connected";
content.innerHTML = "";
getTokens().forEach(listen);
};
socket.onclose = evt => {
connectionStatus.innerText = "disconnected with close code " + evt.code + " and reason: " + evt.reason;
content.innerHTML = "";
setTimeout(connect, 5000);
};
socket.onmessage = onSocketMsg;
}
$(() => {
$("#cors-proxy").on("change", () => localStorage.setItem('cors-proxy', $("#cors-proxy").val()));
$("#cors-proxy").val(getCorsProxy());
$("#login_submit_mc").on("click", loginMc);
$("#login_submit_ms").on("click", loginMs);
refreshAccountList();
connect(); connect();
}); });

84
src/main/resources/web/auth_ms.js Normal file
View File

@ -0,0 +1,84 @@
// https://docs.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-javascript-auth-code
// Config object to be passed to Msal on creation
const msalConfig = {
auth: {
clientId: "a370fff9-7648-4dbf-b96e-2b4f8d539ac2",
authority: "https://login.microsoftonline.com/consumers/",
redirectUri: new URL(location.origin + location.pathname).toString(),
},
cache: {
cacheLocation: "sessionStorage", // This configures where your cache will be stored
storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge
}
};
const myMSALObj = new msal.PublicClientApplication(msalConfig);
// Add scopes for the id token to be used at Microsoft identity platform endpoints.
const loginRequest = {
scopes: ["XboxLive.signin"]
};
function loginMs() {
myMSALObj.loginPopup(loginRequest).then(response => refreshAccountList());
}
function getMcToken(username) {
return getTokenPopup(username, loginRequest)
.then((response) => {
// this supports CORS
return fetch("https://user.auth.xboxlive.com/user/authenticate", {method: "post",
data: JSON.stringify({"Properties": {"AuthMethod": "RPS", "SiteName": "user.auth.xboxlive.com",
"RpsTicket": "d=" + response.accessToken}, "RelyingParty": "http://auth.xboxlive.com", "TokenType": "JWT"}),
headers: {"content-type": "application/json"}});
}).then(xboxResponse => {
if (xboxResponse != 200) throw "xbox response not 200: " + xboxResponse;
// We need CORS proxy
return fetch(getCorsProxy() + "https://xsts.auth.xboxlive.com/xsts/authorize", {method: "post",
data: JSON.stringify({"Properties": {"SandboxId": "RETAIL", "UserTokens": [xboxResponse.json().Token]},
"RelyingParty": "rp://api.minecraftservices.com/", "TokenType": "JWT"}),
headers: {"content-type": "application/json"}});
}).then(xstsResponse => {
// Need CORS proxy here too
return fetch(getCorsProxy() + "https://api.minecraftservices.com/authentication/login_with_xbox", {
data: JSON.stringify({"identityToken": "XBL3.0 x=" + xstsResponse.json().DisplayClaims.xui.uhs + ";"
+ xstsResponse.json().Token}), headers: {"content-type": "application/json"}});
}).then(mcResponse => {
console.log(mcResponse); // finally!!!.. todo
return mcResponse;
}).catch(error => {
console.log(error);
});
}
function getTokenPopup(username, request) {
/**
* See here for more info on account retrieval:
* https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-common/docs/Accounts.md
*/
request.account = myMSALObj.getAccountByUsername(username);
return myMSALObj.acquireTokenSilent(request).catch(error => {
console.warn("silent token acquisition fails. acquiring token using redirect");
if (error instanceof msal.InteractionRequiredAuthError) {
// fallback to interaction when silent call fails
return myMSALObj.acquireTokenPopup(request).then(tokenResponse => {
console.log(tokenResponse);
return tokenResponse;
}).catch(error => {
console.error(error);
});
} else {
console.warn(error);
}
});
}
function signOut(username) {
const logoutRequest = {
account: myMSALObj.getAccountByUsername(username)
};
myMSALObj.logout(logoutRequest);
}