@xboxreplay/xboxlive-auth - npm Package Compare versions

Comparing version 4.0.0-beta.0 to 4.0.0-beta.1

dist/classes/XRError.d.ts

		declare type XRErrorDetails = {
		statusCode: number;
		reason: keyof typeof XRErrorReasons;
		additional: null \| Record<string, string>;
		additional: any;
		};
		@@ -6,0 +6,0 @@ declare enum XRErrorReasons {

dist/core/live/index.js

		@@ -73,5 +73,6 @@ "use strict";
		.catch((err) => {
		var _a;
		var _a, _b;
		throw new XRError_1.default(err.message, {
		statusCode: (_a = err.response) === null \|\| _a === void 0 ? void 0 : _a.status
		statusCode: (_a = err.response) === null \|\| _a === void 0 ? void 0 : _a.status,
		additional: ((_b = err.response) === null \|\| _b === void 0 ? void 0 : _b.data) \|\| null
		});
		@@ -78,0 +79,0 @@ });

dist/index.d.ts

		@@ -68,24 +68,24 @@ export declare type LiveCredentials = {
		};
		export declare const authenticate: (email: string, password: string, options?: AuthenticateOptions) => Promise<{
		export declare type AuthenticateRefreshOptions = {
		clientId?: string;
		clientSecret?: string;
		scope?: string;
		preamble?: 't' \| 'd';
		};
		export declare type CredentialsAuthenticateInitialResponse = {
		xuid: string \| null;
		user_hash: string;
		xsts_token: string;
		display_claims: Record<string, string> & {
		xid?: string \| undefined;
		uhs: string;
		};
		display_claims: Record<string, string>;
		expires_on: string;
		'login.live.com'?: undefined;
		'user.auth.xboxlive.com'?: undefined;
		'xsts.auth.xboxlive.com'?: undefined;
		} \| {
		};
		export declare type CredentialsAuthenticateRawResponse = {
		'login.live.com': LiveAuthResponse;
		'user.auth.xboxlive.com': XBLExchangeRpsTicketResponse;
		'xsts.auth.xboxlive.com': XBLExchangeTokensResponse;
		xuid?: undefined;
		user_hash?: undefined;
		xsts_token?: undefined;
		display_claims?: undefined;
		expires_on?: undefined;
		}>;
		};
		export declare type CredentialsAuthenticateResponse = CredentialsAuthenticateInitialResponse \| CredentialsAuthenticateRawResponse;
		export declare const authenticateWithUserCredentials: (email: string, password: string, options?: AuthenticateOptions) => Promise<CredentialsAuthenticateResponse>;
		export declare const authenticateWithUserRefreshToken: (refreshToken: string, refreshOptions?: AuthenticateRefreshOptions \| null, options?: AuthenticateOptions) => Promise<CredentialsAuthenticateResponse>;
		export declare const authenticate: (email: string, password: string, options?: AuthenticateOptions) => Promise<CredentialsAuthenticateResponse>;
		export declare const live: {
		@@ -102,37 +102,1 @@ getAuthorizeUrl: (clientId?: string, scope?: string, responseType?: "code" \| "token", redirectUri?: string) => string;
		};
		declare const _default: {
		xbl: {
		EXPERIMENTAL_createDummyWin32DeviceToken: () => Promise<XBLDummyDeviceTokenResponse>;
		exchangeRpsTicketForUserToken: (rpsTicket: string, preamble?: "d" \| "t", additionalHeaders?: Record<string, string>) => Promise<XBLExchangeRpsTicketResponse>;
		exchangeTokensForXSTSToken: (tokens: XBLTokens, options?: XBLExchangeTokensOptions, additionalHeaders?: Record<string, string>) => Promise<XBLExchangeTokensResponse>;
		exchangeTokenForXSTSToken: (userToken: string, options?: XBLExchangeTokensOptions, additionalHeaders?: Record<string, string>) => Promise<XBLExchangeTokensResponse>;
		};
		live: {
		getAuthorizeUrl: (clientId?: string, scope?: string, responseType?: "code" \| "token", redirectUri?: string) => string;
		authenticate: (credentials: LiveCredentials) => Promise<LiveAuthResponse>;
		refreshAccessToken: (refreshToken: string, clientId?: string, scope?: string, clientSecret?: string \| undefined) => Promise<LiveAuthResponse>;
		};
		authenticate: (email: string, password: string, options?: AuthenticateOptions) => Promise<{
		xuid: string \| null;
		user_hash: string;
		xsts_token: string;
		display_claims: Record<string, string> & {
		xid?: string \| undefined;
		uhs: string;
		};
		expires_on: string;
		'login.live.com'?: undefined;
		'user.auth.xboxlive.com'?: undefined;
		'xsts.auth.xboxlive.com'?: undefined;
		} \| {
		'login.live.com': LiveAuthResponse;
		'user.auth.xboxlive.com': XBLExchangeRpsTicketResponse;
		'xsts.auth.xboxlive.com': XBLExchangeTokensResponse;
		xuid?: undefined;
		user_hash?: undefined;
		xsts_token?: undefined;
		display_claims?: undefined;
		expires_on?: undefined;
		}>;
		};
		export default _default;

dist/index.js

		@@ -12,10 +12,7 @@ "use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.xbl = exports.live = exports.authenticate = void 0;
		exports.xbl = exports.live = exports.authenticate = exports.authenticateWithUserRefreshToken = exports.authenticateWithUserCredentials = void 0;
		const live_1 = require("./core/live");
		const xboxlive_1 = require("./core/xboxlive");
		const authenticate = (email, password, options = {}) => __awaiter(void 0, void 0, void 0, function* () {
		const credentials = { email, password };
		const liveAuthResponse = yield live_1.authenticate(credentials);
		const { access_token: RpsTicket } = liveAuthResponse;
		const userTokenResponse = yield xboxlive_1.exchangeRpsTicketForUserToken(RpsTicket);
		const postLiveAuthenticate = (liveAuthResponse, preamble = 't', options = {}) => __awaiter(void 0, void 0, void 0, function* () {
		const userTokenResponse = yield xboxlive_1.exchangeRpsTicketForUserToken(liveAuthResponse.access_token, preamble);
		const XSTSResponse = yield xboxlive_1.exchangeTokensForXSTSToken({
		@@ -45,3 +42,17 @@ userTokens: [userTokenResponse.Token],
		});
		exports.authenticate = authenticate;
		const authenticateWithUserCredentials = (email, password, options = {}) => __awaiter(void 0, void 0, void 0, function* () {
		const credentials = { email, password };
		const liveAuthResponse = yield live_1.authenticate(credentials);
		return postLiveAuthenticate(liveAuthResponse, 't', options);
		});
		exports.authenticateWithUserCredentials = authenticateWithUserCredentials;
		exports.authenticateWithUserRefreshToken = (() => {
		let __rt;
		return (refreshToken, refreshOptions = null, options = {}) => __awaiter(void 0, void 0, void 0, function* () {
		const liveAuthResponse = yield exports.live.refreshAccessToken(__rt \|\| refreshToken, refreshOptions === null \|\| refreshOptions === void 0 ? void 0 : refreshOptions.clientId, refreshOptions === null \|\| refreshOptions === void 0 ? void 0 : refreshOptions.scope, refreshOptions === null \|\| refreshOptions === void 0 ? void 0 : refreshOptions.clientSecret);
		__rt = liveAuthResponse.refresh_token \|\| refreshToken;
		return postLiveAuthenticate(liveAuthResponse, refreshOptions === null \|\| refreshOptions === void 0 ? void 0 : refreshOptions.preamble, options);
		});
		})();
		exports.authenticate = exports.authenticateWithUserCredentials;
		exports.live = {
		@@ -58,2 +69,1 @@ getAuthorizeUrl: live_1.getAuthorizeUrl,
		};
		exports.default = { xbl: exports.xbl, live: exports.live, authenticate: exports.authenticate };

docs/01-Authenticate.md

		@@ -5,2 +5,4 @@ # Authenticate

		Authenticate the user.

		```javascript
		@@ -19,4 +21,4 @@ import { authenticate } from '@xboxreplay/xboxlive-auth';
		- options {object=}
		- XSTSRelyingParty {string=} - `http://xboxlive.com` - Targeted [RelyingParty](04-RelyingParty.md#relyingparty)
		- optionalDisplayClaims {string[]=} - `[]` - Optional display claims to be returned based on the used [RelyingParty](04-RelyingParty.md#optional-display-claims)
		- XSTSRelyingParty {string=} - `http://xboxlive.com` - Targeted [RelyingParty](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/04-RelyingParty.md#relyingparty)
		- optionalDisplayClaims {string[]=} - `[]` - Optional display claims to be returned based on the used [RelyingParty](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/04-RelyingParty.md#optional-display-claims)
		- sandboxId {string=} - `RETAIL` - Targeted sandbox ID
		@@ -86,4 +88,40 @@ - deviceToken {string=} - Optional device token

		### Method: authenticateWithUserCredentials

		Clone of the initial `authenticate` method.

		### Method: authenticateWithUserRefreshToken

		Authenticate the user with its `refresh_token`. This method has been designed to prevent you to deal with 2FA and other issues that could occur outside your local machine.

		The easiest way to get your `refresh_token` is to authenticate yourself via [login.live.com](https://login.live.com/oauth20_authorize.srf?client_id=0000000048093EE3&redirect_uri=https://login.live.com/oauth20_desktop.srf&response_type=token&display=touch&scope=service::user.auth.xboxlive.com::MBI_SSL) and grab it from the returned hash parameter (do not forget to decode it with `decodeURIComponent` function).

		Caution, `authenticateWithUserRefreshToken` acts as a closure which means that the specified "refreshToken" will be overridden by the returned one.

		```javascript
		import { authenticateWithUserRefreshToken } from '@xboxreplay/xboxlive-auth';

		xbl.authenticateWithUserRefreshToken('M.R3_B...')
		.then(console.log)
		.catch(console.error);
		```

		##### Arguments

		- refreshToken {string}
		- refreshOptions {object\|null=} - `null`
		- clientId {string=} - `000000004C12AE6F`
		- scope {string=} - `service::user.auth.xboxlive.com::MBI_SSL`
		- preablme {d\|t=} - `t` - Use `d` for custom Azure applications
		- clientSecret {string=} - `undefined`
		- options {object=} - `{}`
		- XSTSRelyingParty {string=} - `http://xboxlive.com` - Targeted [RelyingParty](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/04-RelyingParty.md#relyingparty)
		- optionalDisplayClaims {string[]=} - `[]` - Optional display claims to be returned based on the used [RelyingParty](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/04-RelyingParty.md#optional-display-claims)
		- sandboxId {string=} - `RETAIL` - Targeted sandbox ID
		- deviceToken {string=} - Optional device token
		- titleToken {string=} - Optional title token
		- raw {boolean=} - `false` - If set to `true` the returned response will include each exchange based on called domains

		## Detect and authenticate "Child" and "Teen" accounts

		Please refer to the [dedicated documentation](07-Detect_Unauthorized_AgeGroup.md).
		Please refer to the [dedicated documentation](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/07-Detect_Unauthorized_AgeGroup.md).

docs/05-Methods.md

		@@ -11,4 +11,14 @@ # Methods

		- [See dedicated documentation](01-Authenticate.md#method-authenticate)
		- [See dedicated documentation](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/01-Authenticate.md#method-authenticate)

		### Method: authenticateWithUserCredentials

		Clone of the initial `authenticate` method.

		### Method: authenticateWithUserRefreshToken

		Authenticate the user with its `refresh_token`.

		- [See dedicated documentation](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/01-Authenticate.md#method-authenticatewithuserrefreshtoken)

		## Namespace: xbl
		@@ -73,4 +83,4 @@
		- options {object=}
		- XSTSRelyingParty {string=} - `http://xboxlive.com` - Targeted [RelyingParty](04-RelyingParty.md#relyingparty)
		- optionalDisplayClaims {string[]=} - `[]` - Optional display claims to be returned based on the used [RelyingParty](04-RelyingParty.md#optional-display-claims)
		- XSTSRelyingParty {string=} - `http://xboxlive.com` - Targeted [RelyingParty](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/04-RelyingParty.md#relyingparty)
		- optionalDisplayClaims {string[]=} - `[]` - Optional display claims to be returned based on the used [RelyingParty](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/04-RelyingParty.md#optional-display-claims)
		- sandboxId {string=} - `RETAIL` - Targeted sandbox ID
		@@ -115,4 +125,4 @@ - additionalHeaders {object=} - `{}` - Additional headers if required, can be used to override default ones
		- options {object=}
		- XSTSRelyingParty {string=} - `http://xboxlive.com` - Targeted [RelyingParty](04-RelyingParty.md#relyingparty)
		- optionalDisplayClaims {string[]=} - `[]` - Optional display claims to be returned based on the used [RelyingParty](04-RelyingParty.md#optional-display-claims)
		- XSTSRelyingParty {string=} - `http://xboxlive.com` - Targeted [RelyingParty](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/04-RelyingParty.md#relyingparty)
		- optionalDisplayClaims {string[]=} - `[]` - Optional display claims to be returned based on the used [RelyingParty](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/04-RelyingParty.md#optional-display-claims)
		- sandboxId {string=} - `RETAIL` - Targeted sandbox ID
		@@ -125,3 +135,3 @@ - additionalHeaders {object=} - `{}` - Additional headers if required, can be used to override default ones

		- [See dedicated documentation](03-Experimental.md#method-experimental_createdummywin32devicetoken)
		- [See dedicated documentation](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/03-Experimental.md#method-experimental_createdummywin32devicetoken)

		@@ -128,0 +138,0 @@ ## Namespace: live

docs/06-Known_Issues.md

		@@ -9,3 +9,3 @@ # Known Issues

		"Child" and "Teen" accounts (AgeGroup / "agg") may not be able to authenticate. This restriction could be bypassed by using the `EXPERIMENTAL_createDummyWin32DeviceToken` method by adding returned device token to the used authentication method. Please refer to the [dedicated documentation](03-Experimental.md#method-experimental_createdummywin32devicetoken) before using it.
		"Child" and "Teen" accounts (AgeGroup / "agg") may not be able to authenticate. This restriction could be bypassed by using the `EXPERIMENTAL_createDummyWin32DeviceToken` method by adding returned device token to the used authentication method. Please refer to the [dedicated documentation](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/03-Experimental.md#method-experimental_createdummywin32devicetoken) before using it.

		@@ -12,0 +12,0 @@ ```javascript

docs/07-Detect_Unauthorized_AgeGroup.md

		# Detect Unauthorized "AgeGroup"

		As specified in [known issues](06-Known_Issues.md), "Child" and "Teen" accounts can not authenticate without a valid "deviceToken". As the exposed method is [experimental](03-Experimental.md#method-experimental_createdummywin32devicetoken), you may check their `agg` (AgeGroup) before calling the default relying party (`http://xboxlive.com/`) using the `accounts` one (`http://accounts.xboxlive.com`).
		As specified in [known issues](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/06-Known_Issues.md), "Child" and "Teen" accounts can not authenticate without a valid "deviceToken". As the exposed method is [experimental](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/03-Experimental.md#method-experimental_createdummywin32devicetoken), you may check their `agg` (AgeGroup) before calling the default relying party (`http://xboxlive.com/`) using the `accounts` one (`http://accounts.xboxlive.com`).

		@@ -5,0 +5,0 @@ ### Example

package.json

		{
		"name": "@xboxreplay/xboxlive-auth",
		"description": "A light Xbox Live authentication module",
		"version": "4.0.0-beta.0",
		"description": "A light but advanced Xbox Live authentication module with OAuth2.0 and Electron support",
		"version": "4.0.0-beta.1",
		"keywords": [
		@@ -6,0 +6,0 @@ "xboxreplay",

README.md

		# @xboxreplay/xboxlive-auth

		A light but advanced Xbox Live authentication module with [OAuth2.0](docs/02-Custom_Azure_Application.md) and [Electron](examples/electron-app) support.
		A light but advanced Xbox Live authentication module with [OAuth2.0](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/02-Custom_Azure_Application.md) and [Electron](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/examples/electron-app) support.

		@@ -44,13 +44,13 @@ ## Installation

		- [Basic authentication](docs/01-Authenticate.md)
		- [Use a custom Azure Application (OAuth2.0)](docs/02-Custom_Azure_Application.md)
		- [Experimental methods, such as "deviceToken" generation](docs/03-Experimental.md)
		- [What's a RelyingParty and how to use it](docs/04-RelyingParty.md)
		- [Available methods in this library](docs/05-Methods.md)
		- [Known issues and possible workarounds](docs/06-Known_Issues.md)
		- [How to deal with unauthorized "AgeGroup" authentication](docs/07-Detect_Unauthorized_AgeGroup.md)
		- [Basic authentication](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/01-Authenticate.md)
		- [Use a custom Azure Application (OAuth2.0)](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/02-Custom_Azure_Application.md)
		- [Experimental methods, such as "deviceToken" generation](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/03-Experimental.md)
		- [What's a RelyingParty and how to use it](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/04-RelyingParty.md)
		- [Available methods in this library](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/05-Methods.md)
		- [Known issues and possible workarounds](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/06-Known_Issues.md)
		- [How to deal with unauthorized "AgeGroup" authentication](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/07-Detect_Unauthorized_AgeGroup.md)

		## Available Examples

		- [Electron App](examples/electron-app)
		- [Electron App](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/examples/electron-app)

		@@ -71,7 +71,7 @@ ## How to interact with the Xbox Live API?

		2FA is not supported by this module which may cause authentication issues. Please disable it for the used account or create a dummy one with Xbox LIVE capabalities. Of course, a Gold account is not required. Please note that Electron applications are not impacted by this issue.
		Exposed `authenticate` and `authenticateWithUserCredentials` methods can not deal with 2FA but a workaround is available with the `authenticateWithUserRefreshToken` one. Please take a look at ["Authenticate" documentation](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/01-Authenticate.md).

		## Known Issues

		Please refer to the [dedicated documention](docs/06-Known_Issues.md).
		Please refer to the [dedicated documention](https://github.com/XboxReplay/xboxlive-auth/tree/4.0.0/docs/06-Known_Issues.md).

		@@ -78,0 +78,0 @@ ## Licence

@xboxreplay/xboxlive-auth - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics