@xboxreplay/xboxlive-auth
Advanced tools
Comparing version 3.1.1 to 3.3.0
declare const _default: { | ||
uris: { | ||
userAuthenticate: string; | ||
deviceAuthenticate: string; | ||
XSTSAuthorize: string; | ||
@@ -5,0 +6,0 @@ }; |
@@ -6,2 +6,3 @@ "use strict"; | ||
userAuthenticate: 'https://user.auth.xboxlive.com/user/authenticate', | ||
deviceAuthenticate: 'https://device.auth.xboxlive.com/device/authenticate', | ||
XSTSAuthorize: 'https://xsts.auth.xboxlive.com/xsts/authorize' | ||
@@ -8,0 +9,0 @@ }, |
@@ -1,4 +0,5 @@ | ||
import { ExchangeRpsTicketResponse, AuthenticateResponse, ExchangeResponse, TokensExchangeProperties, TokensExchangeOptions } from '../..'; | ||
import { ExchangeRpsTicketResponse, AuthenticateResponse, ExchangeResponse, TokensExchangeProperties, TokensExchangeOptions, AuthenticateDeviceResponse } from '../..'; | ||
export declare const exchangeRpsTicketForUserToken: (RpsTicket: string) => Promise<ExchangeRpsTicketResponse>; | ||
export declare const exchangeTokensForXSTSIdentity: <T extends ExchangeResponse>({ userToken, deviceToken, titleToken }: TokensExchangeProperties, { XSTSRelyingParty, optionalDisplayClaims, raw }?: TokensExchangeOptions) => Promise<T | AuthenticateResponse>; | ||
export declare const exchangeUserTokenForXSTSIdentity: <T extends ExchangeResponse>(userToken: string, options: TokensExchangeOptions) => Promise<AuthenticateResponse | T>; | ||
export declare const authenticateDevice: () => Promise<AuthenticateDeviceResponse>; |
@@ -1,109 +0,113 @@ | ||
'use strict'; | ||
var __importDefault = | ||
(this && this.__importDefault) || | ||
function (mod) { | ||
return mod && mod.__esModule ? mod : { default: mod }; | ||
}; | ||
Object.defineProperty(exports, '__esModule', { value: true }); | ||
const errors_1 = __importDefault(require('@xboxreplay/errors')); | ||
const axios_1 = __importDefault(require('axios')); | ||
const config_1 = __importDefault(require('./config')); | ||
const config_2 = __importDefault(require('../../config')); | ||
exports.exchangeRpsTicketForUserToken = RpsTicket => | ||
axios_1.default | ||
.post( | ||
config_1.default.uris.userAuthenticate, | ||
{ | ||
RelyingParty: 'http://auth.xboxlive.com', | ||
TokenType: 'JWT', | ||
Properties: { | ||
AuthMethod: 'RPS', | ||
SiteName: 'user.auth.xboxlive.com', | ||
RpsTicket | ||
} | ||
}, | ||
{ | ||
headers: Object.assign( | ||
Object.assign({}, config_2.default.request.baseHeaders), | ||
{ Accept: 'application/json', 'x-xbl-contract-version': 0 } | ||
) | ||
} | ||
) | ||
.then(response => { | ||
if (response.status !== 200) | ||
throw errors_1.default.internal( | ||
'Could not exchange specified "RpsTicket"' | ||
); | ||
else return response.data; | ||
}) | ||
.catch(err => { | ||
if (!!err.__XboxReplay__) throw err; | ||
else throw errors_1.default.internal(err.message); | ||
}); | ||
exports.exchangeTokensForXSTSIdentity = ( | ||
{ userToken, deviceToken, titleToken }, | ||
{ XSTSRelyingParty, optionalDisplayClaims, raw } = {} | ||
) => | ||
axios_1.default | ||
.post( | ||
config_1.default.uris.XSTSAuthorize, | ||
{ | ||
RelyingParty: | ||
XSTSRelyingParty || config_1.default.defaultRelyingParty, | ||
TokenType: 'JWT', | ||
Properties: { | ||
UserTokens: [userToken], | ||
DeviceToken: deviceToken, | ||
TitleToken: titleToken, | ||
OptionalDisplayClaims: optionalDisplayClaims, | ||
SandboxId: 'RETAIL' | ||
} | ||
}, | ||
{ | ||
headers: Object.assign( | ||
Object.assign({}, config_2.default.request.baseHeaders), | ||
{ Accept: 'application/json', 'x-xbl-contract-version': 1 } | ||
) | ||
} | ||
) | ||
.then(response => { | ||
if (response.status !== 200) { | ||
throw errors_1.default.internal( | ||
'Could not exchange specified "userToken"' | ||
); | ||
} | ||
if (raw !== true) { | ||
const body = response.data; | ||
return { | ||
userXUID: body.DisplayClaims.xui[0].xid || null, | ||
userHash: body.DisplayClaims.xui[0].uhs, | ||
XSTSToken: body.Token, | ||
expiresOn: body.NotAfter | ||
}; | ||
} else return response.data; | ||
}) | ||
.catch(err => { | ||
var _a; | ||
if (!!err.__XboxReplay__) throw err; | ||
else if ( | ||
((_a = err.response) === null || _a === void 0 | ||
? void 0 | ||
: _a.status) === 400 | ||
) { | ||
const isDefaultRelyingParty = | ||
XSTSRelyingParty === config_1.default.defaultRelyingParty; | ||
const computedErrorMessage = [ | ||
'Could not exchange "userToken", please', | ||
`refer to ${config_2.default.gitHubLinks.seeUserTokenIssue}` | ||
]; | ||
if (isDefaultRelyingParty === false) | ||
computedErrorMessage.splice( | ||
1, | ||
0, | ||
'double check the specified "XSTSRelyingParty" or' | ||
); | ||
throw errors_1.default.internal(computedErrorMessage.join(' ')); | ||
} else throw errors_1.default.internal(err.message); | ||
}); | ||
exports.exchangeUserTokenForXSTSIdentity = (userToken, options) => | ||
exports.exchangeTokensForXSTSIdentity({ userToken }, options); | ||
"use strict"; | ||
var __importDefault = (this && this.__importDefault) || function (mod) { | ||
return (mod && mod.__esModule) ? mod : { "default": mod }; | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
const errors_1 = __importDefault(require("@xboxreplay/errors")); | ||
const axios_1 = __importDefault(require("axios")); | ||
const config_1 = __importDefault(require("./config")); | ||
const config_2 = __importDefault(require("../../config")); | ||
const signing_1 = require("./signing"); | ||
exports.exchangeRpsTicketForUserToken = (RpsTicket) => axios_1.default | ||
.post(config_1.default.uris.userAuthenticate, { | ||
RelyingParty: 'http://auth.xboxlive.com', | ||
TokenType: 'JWT', | ||
Properties: { | ||
AuthMethod: 'RPS', | ||
SiteName: 'user.auth.xboxlive.com', | ||
RpsTicket | ||
} | ||
}, { | ||
headers: Object.assign(Object.assign({}, config_2.default.request.baseHeaders), { Accept: 'application/json', 'x-xbl-contract-version': 0 }) | ||
}) | ||
.then(response => { | ||
if (response.status !== 200) | ||
throw errors_1.default.internal('Could not exchange specified "RpsTicket"'); | ||
else | ||
return response.data; | ||
}) | ||
.catch(err => { | ||
if (!!err.__XboxReplay__) | ||
throw err; | ||
else | ||
throw errors_1.default.internal(err.message); | ||
}); | ||
exports.exchangeTokensForXSTSIdentity = ({ userToken, deviceToken, titleToken }, { XSTSRelyingParty, optionalDisplayClaims, raw } = {}) => axios_1.default | ||
.post(config_1.default.uris.XSTSAuthorize, { | ||
RelyingParty: XSTSRelyingParty || config_1.default.defaultRelyingParty, | ||
TokenType: 'JWT', | ||
Properties: { | ||
UserTokens: [userToken], | ||
DeviceToken: deviceToken, | ||
TitleToken: titleToken, | ||
OptionalDisplayClaims: optionalDisplayClaims, | ||
SandboxId: 'RETAIL' | ||
} | ||
}, { | ||
headers: Object.assign(Object.assign({}, config_2.default.request.baseHeaders), { Accept: 'application/json', 'x-xbl-contract-version': 1 }) | ||
}) | ||
.then(response => { | ||
if (response.status !== 200) { | ||
throw errors_1.default.internal('Could not exchange specified "userToken"'); | ||
} | ||
if (raw !== true) { | ||
const body = response.data; | ||
return { | ||
userXUID: body.DisplayClaims.xui[0].xid || null, | ||
userHash: body.DisplayClaims.xui[0].uhs, | ||
XSTSToken: body.Token, | ||
expiresOn: body.NotAfter | ||
}; | ||
} | ||
else | ||
return response.data; | ||
}) | ||
.catch(err => { | ||
var _a; | ||
if (!!err.__XboxReplay__) | ||
throw err; | ||
else if (((_a = err.response) === null || _a === void 0 ? void 0 : _a.status) === 400) { | ||
const isDefaultRelyingParty = XSTSRelyingParty === config_1.default.defaultRelyingParty; | ||
const computedErrorMessage = [ | ||
'Could not exchange "userToken", please', | ||
`refer to ${config_2.default.gitHubLinks.seeUserTokenIssue}` | ||
]; | ||
if (isDefaultRelyingParty === false) | ||
computedErrorMessage.splice(1, 0, 'double check the specified "XSTSRelyingParty" or'); | ||
throw errors_1.default.internal(computedErrorMessage.join(' ')); | ||
} | ||
else | ||
throw errors_1.default.internal(err.message); | ||
}); | ||
exports.exchangeUserTokenForXSTSIdentity = (userToken, options) => exports.exchangeTokensForXSTSIdentity({ userToken }, options); | ||
exports.authenticateDevice = () => { | ||
const requestBody = { | ||
RelyingParty: 'http://auth.xboxlive.com', | ||
TokenType: 'JWT', | ||
Properties: { | ||
AuthMethod: 'ProofOfPossession', | ||
Id: '362194C6-D6F5-469C-9E80-9F687D489D32', | ||
DeviceType: 'iOS', | ||
Version: '13.3.1', | ||
ProofKey: signing_1.createProofKey('', '') | ||
} | ||
}; | ||
const signature = signing_1.createRequestSignature(config_1.default.uris.deviceAuthenticate, 'POST', requestBody, null); | ||
return axios_1.default | ||
.post(config_1.default.uris.deviceAuthenticate, requestBody, { | ||
headers: Object.assign(Object.assign({}, config_2.default.request.baseHeaders), { Accept: 'application/json', Signature: signature, 'x-xbl-contract-version': 1 }) | ||
}) | ||
.then(response => { | ||
if (response.status !== 200) | ||
throw errors_1.default.internal('Device authentication failed.'); | ||
else | ||
return response.data; | ||
}) | ||
.catch(err => { | ||
console.error(err); | ||
if (!!err.__XboxReplay__) | ||
throw err; | ||
else | ||
throw errors_1.default.internal(err.message); | ||
}); | ||
}; |
@@ -48,2 +48,10 @@ import { preAuth, logUser } from './core/live'; | ||
}; | ||
export declare type AuthenticateDeviceResponse = ExchangeResponse & { | ||
DisplayClaims: { | ||
xdi: { | ||
did: string; | ||
dcs: string; | ||
}; | ||
}; | ||
}; | ||
export declare type AuthenticateResponse = { | ||
@@ -50,0 +58,0 @@ userXUID: string | null; |
{ | ||
"name": "@xboxreplay/xboxlive-auth", | ||
"description": "Simple Xbox Live authentication module.", | ||
"version": "3.1.1", | ||
"version": "3.3.0", | ||
"keywords": [ | ||
@@ -20,3 +20,3 @@ "xboxreplay", | ||
"main": "./dist/index.js", | ||
"types": "./dist/index.ts", | ||
"types": "./dist/index.d.ts", | ||
"scripts": { | ||
@@ -23,0 +23,0 @@ "build": "npm run clean && ./node_modules/.bin/tsc && rm -rf ./dist/__tests__", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
21081
17
414