		@@ -6,2 +6,3 @@ "use strict";
		userAuthenticate: 'https://user.auth.xboxlive.com/user/authenticate',
		deviceAuthenticate: 'https://device.auth.xboxlive.com/device/authenticate',
		XSTSAuthorize: 'https://xsts.auth.xboxlive.com/xsts/authorize'
		@@ -8,0 +9,0 @@ },

dist/core/xboxlive/index.d.ts

		@@ -1,4 +0,5 @@
		import { ExchangeRpsTicketResponse, AuthenticateResponse, ExchangeResponse, TokensExchangeProperties, TokensExchangeOptions } from '../..';
		import { ExchangeRpsTicketResponse, AuthenticateResponse, ExchangeResponse, TokensExchangeProperties, TokensExchangeOptions, AuthenticateDeviceResponse } from '../..';
		export declare const exchangeRpsTicketForUserToken: (RpsTicket: string) => Promise<ExchangeRpsTicketResponse>;
		export declare const exchangeTokensForXSTSIdentity: <T extends ExchangeResponse>({ userToken, deviceToken, titleToken }: TokensExchangeProperties, { XSTSRelyingParty, optionalDisplayClaims, raw }?: TokensExchangeOptions) => Promise<T \| AuthenticateResponse>;
		export declare const exchangeUserTokenForXSTSIdentity: <T extends ExchangeResponse>(userToken: string, options: TokensExchangeOptions) => Promise<AuthenticateResponse \| T>;
		export declare const authenticateDevice: () => Promise<AuthenticateDeviceResponse>;

222

dist/core/xboxlive/index.js

		@@ -1,109 +0,113 @@
		'use strict';
		var __importDefault =
		(this && this.__importDefault) \|\|
		function (mod) {
		return mod && mod.__esModule ? mod : { default: mod };
		};
		Object.defineProperty(exports, '__esModule', { value: true });
		const errors_1 = __importDefault(require('@xboxreplay/errors'));
		const axios_1 = __importDefault(require('axios'));
		const config_1 = __importDefault(require('./config'));
		const config_2 = __importDefault(require('../../config'));
		exports.exchangeRpsTicketForUserToken = RpsTicket =>
		axios_1.default
		.post(
		config_1.default.uris.userAuthenticate,
		{
		RelyingParty: 'http://auth.xboxlive.com',
		TokenType: 'JWT',
		Properties: {
		AuthMethod: 'RPS',
		SiteName: 'user.auth.xboxlive.com',
		RpsTicket
		}
		},
		{
		headers: Object.assign(
		Object.assign({}, config_2.default.request.baseHeaders),
		{ Accept: 'application/json', 'x-xbl-contract-version': 0 }
		)
		}
		)
		.then(response => {
		if (response.status !== 200)
		throw errors_1.default.internal(
		'Could not exchange specified "RpsTicket"'
		);
		else return response.data;
		})
		.catch(err => {
		if (!!err.__XboxReplay__) throw err;
		else throw errors_1.default.internal(err.message);
		});
		exports.exchangeTokensForXSTSIdentity = (
		{ userToken, deviceToken, titleToken },
		{ XSTSRelyingParty, optionalDisplayClaims, raw } = {}
		) =>
		axios_1.default
		.post(
		config_1.default.uris.XSTSAuthorize,
		{
		RelyingParty:
		XSTSRelyingParty \|\| config_1.default.defaultRelyingParty,
		TokenType: 'JWT',
		Properties: {
		UserTokens: [userToken],
		DeviceToken: deviceToken,
		TitleToken: titleToken,
		OptionalDisplayClaims: optionalDisplayClaims,
		SandboxId: 'RETAIL'
		}
		},
		{
		headers: Object.assign(
		Object.assign({}, config_2.default.request.baseHeaders),
		{ Accept: 'application/json', 'x-xbl-contract-version': 1 }
		)
		}
		)
		.then(response => {
		if (response.status !== 200) {
		throw errors_1.default.internal(
		'Could not exchange specified "userToken"'
		);
		}
		if (raw !== true) {
		const body = response.data;
		return {
		userXUID: body.DisplayClaims.xui[0].xid \|\| null,
		userHash: body.DisplayClaims.xui[0].uhs,
		XSTSToken: body.Token,
		expiresOn: body.NotAfter
		};
		} else return response.data;
		})
		.catch(err => {
		var _a;
		if (!!err.__XboxReplay__) throw err;
		else if (
		((_a = err.response) === null \|\| _a === void 0
		? void 0
		: _a.status) === 400
		) {
		const isDefaultRelyingParty =
		XSTSRelyingParty === config_1.default.defaultRelyingParty;
		const computedErrorMessage = [
		'Could not exchange "userToken", please',
		`refer to ${config_2.default.gitHubLinks.seeUserTokenIssue}`
		];
		if (isDefaultRelyingParty === false)
		computedErrorMessage.splice(
		1,
		0,
		'double check the specified "XSTSRelyingParty" or'
		);
		throw errors_1.default.internal(computedErrorMessage.join(' '));
		} else throw errors_1.default.internal(err.message);
		});
		exports.exchangeUserTokenForXSTSIdentity = (userToken, options) =>
		exports.exchangeTokensForXSTSIdentity({ userToken }, options);
		"use strict";
		var __importDefault = (this && this.__importDefault) \|\| function (mod) {
		return (mod && mod.__esModule) ? mod : { "default": mod };
		};
		Object.defineProperty(exports, "__esModule", { value: true });
		const errors_1 = __importDefault(require("@xboxreplay/errors"));
		const axios_1 = __importDefault(require("axios"));
		const config_1 = __importDefault(require("./config"));
		const config_2 = __importDefault(require("../../config"));
		const signing_1 = require("./signing");
		exports.exchangeRpsTicketForUserToken = (RpsTicket) => axios_1.default
		.post(config_1.default.uris.userAuthenticate, {
		RelyingParty: 'http://auth.xboxlive.com',
		TokenType: 'JWT',
		Properties: {
		AuthMethod: 'RPS',
		SiteName: 'user.auth.xboxlive.com',
		RpsTicket
		}
		}, {
		headers: Object.assign(Object.assign({}, config_2.default.request.baseHeaders), { Accept: 'application/json', 'x-xbl-contract-version': 0 })
		})
		.then(response => {
		if (response.status !== 200)
		throw errors_1.default.internal('Could not exchange specified "RpsTicket"');
		else
		return response.data;
		})
		.catch(err => {
		if (!!err.__XboxReplay__)
		throw err;
		else
		throw errors_1.default.internal(err.message);
		});
		exports.exchangeTokensForXSTSIdentity = ({ userToken, deviceToken, titleToken }, { XSTSRelyingParty, optionalDisplayClaims, raw } = {}) => axios_1.default
		.post(config_1.default.uris.XSTSAuthorize, {
		RelyingParty: XSTSRelyingParty \|\| config_1.default.defaultRelyingParty,
		TokenType: 'JWT',
		Properties: {
		UserTokens: [userToken],
		DeviceToken: deviceToken,
		TitleToken: titleToken,
		OptionalDisplayClaims: optionalDisplayClaims,
		SandboxId: 'RETAIL'
		}
		}, {
		headers: Object.assign(Object.assign({}, config_2.default.request.baseHeaders), { Accept: 'application/json', 'x-xbl-contract-version': 1 })
		})
		.then(response => {
		if (response.status !== 200) {
		throw errors_1.default.internal('Could not exchange specified "userToken"');
		}
		if (raw !== true) {
		const body = response.data;
		return {
		userXUID: body.DisplayClaims.xui[0].xid \|\| null,
		userHash: body.DisplayClaims.xui[0].uhs,
		XSTSToken: body.Token,
		expiresOn: body.NotAfter
		};
		}
		else
		return response.data;
		})
		.catch(err => {
		var _a;
		if (!!err.__XboxReplay__)
		throw err;
		else if (((_a = err.response) === null \|\| _a === void 0 ? void 0 : _a.status) === 400) {
		const isDefaultRelyingParty = XSTSRelyingParty === config_1.default.defaultRelyingParty;
		const computedErrorMessage = [
		'Could not exchange "userToken", please',
		`refer to ${config_2.default.gitHubLinks.seeUserTokenIssue}`
		];
		if (isDefaultRelyingParty === false)
		computedErrorMessage.splice(1, 0, 'double check the specified "XSTSRelyingParty" or');
		throw errors_1.default.internal(computedErrorMessage.join(' '));
		}
		else
		throw errors_1.default.internal(err.message);
		});
		exports.exchangeUserTokenForXSTSIdentity = (userToken, options) => exports.exchangeTokensForXSTSIdentity({ userToken }, options);
		exports.authenticateDevice = () => {
		const requestBody = {
		RelyingParty: 'http://auth.xboxlive.com',
		TokenType: 'JWT',
		Properties: {
		AuthMethod: 'ProofOfPossession',
		Id: '362194C6-D6F5-469C-9E80-9F687D489D32',
		DeviceType: 'iOS',
		Version: '13.3.1',
		ProofKey: signing_1.createProofKey('', '')
		}
		};
		const signature = signing_1.createRequestSignature(config_1.default.uris.deviceAuthenticate, 'POST', requestBody, null);
		return axios_1.default
		.post(config_1.default.uris.deviceAuthenticate, requestBody, {
		headers: Object.assign(Object.assign({}, config_2.default.request.baseHeaders), { Accept: 'application/json', Signature: signature, 'x-xbl-contract-version': 1 })
		})
		.then(response => {
		if (response.status !== 200)
		throw errors_1.default.internal('Device authentication failed.');
		else
		return response.data;
		})
		.catch(err => {
		console.error(err);
		if (!!err.__XboxReplay__)
		throw err;
		else
		throw errors_1.default.internal(err.message);
		});
		};

dist/index.d.ts

		@@ -48,2 +48,10 @@ import { preAuth, logUser } from './core/live';
		};
		export declare type AuthenticateDeviceResponse = ExchangeResponse & {
		DisplayClaims: {
		xdi: {
		did: string;
		dcs: string;
		};
		};
		};
		export declare type AuthenticateResponse = {
		@@ -50,0 +58,0 @@ userXUID: string \| null;

package.json

		{
		"name": "@xboxreplay/xboxlive-auth",
		"description": "Simple Xbox Live authentication module.",
		"version": "3.1.1",
		"version": "3.3.0",
		"keywords": [
		@@ -20,3 +20,3 @@ "xboxreplay",
		"main": "./dist/index.js",
		"types": "./dist/index.ts",
		"types": "./dist/index.d.ts",
		"scripts": {
		@@ -23,0 +23,0 @@ "build": "npm run clean && ./node_modules/.bin/tsc && rm -rf ./dist/__tests__",

@xboxreplay/xboxlive-auth - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics