minecraft-auth
Advanced tools
Comparing version 2.0.6 to 2.0.7
@@ -0,1 +1,2 @@ | ||
import { PKCEPairType } from "../types"; | ||
import { Account } from "../Account"; | ||
@@ -7,4 +8,4 @@ export declare class MicrosoftAccount extends Account { | ||
refresh(): Promise<string>; | ||
authFlow(authCode: string): Promise<string>; | ||
authFlow(authCode: string, PKCEPair: PKCEPairType): Promise<string>; | ||
use(): Promise<string | undefined>; | ||
} |
@@ -43,5 +43,5 @@ "use strict"; | ||
} | ||
async authFlow(authCode) { | ||
async authFlow(authCode, PKCEPair) { | ||
this.authCode = authCode; | ||
let resp = await MicrosoftAuth.authFlow(this.authCode); | ||
let resp = await MicrosoftAuth.authFlow(this.authCode, PKCEPair); | ||
this.refreshToken = resp.refresh_token; | ||
@@ -48,0 +48,0 @@ this.accessToken = resp.access_token; |
import { MCTokenResponse, MSConfigType, ServerConfigType, TokenResponse, XBLResponse, XSTSResponse } from "./MicrosoftAuth.types"; | ||
import { PKCEPairType } from "../types"; | ||
export declare function setup(_config: Partial<MSConfigType>): void; | ||
export declare function listenForCode(_serverConfig?: Partial<ServerConfigType>): Promise<string>; | ||
export declare function createUrl(): string; | ||
export declare function getToken(authCode: string): Promise<TokenResponse>; | ||
export declare function generatePKCEPair(): PKCEPairType; | ||
export declare function createUrl(PKCEPair?: PKCEPairType): string; | ||
export declare function getToken(authCode: string, PKCEPair?: PKCEPairType): Promise<TokenResponse>; | ||
export declare function getTokenRefresh(refreshToken: string): Promise<TokenResponse>; | ||
@@ -10,3 +12,3 @@ export declare function authXBL(accessToken: string): Promise<XBLResponse>; | ||
export declare function getMinecraftToken(xstsToken: string, uhs: string): Promise<MCTokenResponse>; | ||
export declare function authFlow(authCode: string): Promise<{ | ||
export declare function authFlow(authCode: string, PKCEPair?: PKCEPairType): Promise<{ | ||
access_token: string; | ||
@@ -13,0 +15,0 @@ refresh_token: string; |
@@ -6,6 +6,7 @@ "use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.authFlowXBL = exports.authFlowRefresh = exports.authFlow = exports.getMinecraftToken = exports.authXSTS = exports.authXBL = exports.getTokenRefresh = exports.getToken = exports.createUrl = exports.listenForCode = exports.setup = void 0; | ||
exports.authFlowXBL = exports.authFlowRefresh = exports.authFlow = exports.getMinecraftToken = exports.authXSTS = exports.authXBL = exports.getTokenRefresh = exports.getToken = exports.createUrl = exports.generatePKCEPair = exports.listenForCode = exports.setup = void 0; | ||
const http_1 = __importDefault(require("http")); | ||
const http_client_methods_1 = require("http-client-methods"); | ||
const types_1 = require("../types"); | ||
const node_crypto_1 = require("node:crypto"); | ||
let config = { | ||
@@ -108,3 +109,3 @@ scope: "XboxLive.signin offline_access", | ||
res.writeHead(200); | ||
res.end(createUrl()); | ||
res.end(createUrl(serverConfig.pkcePair)); | ||
break; | ||
@@ -119,3 +120,3 @@ case '/close': | ||
res.writeHead(302, { | ||
Location: createUrl(), | ||
Location: createUrl(serverConfig.pkcePair), | ||
}); | ||
@@ -126,3 +127,3 @@ res.end(); | ||
res.writeHead(302, { | ||
Location: createUrl(), | ||
Location: createUrl(serverConfig.pkcePair), | ||
}); | ||
@@ -142,13 +143,26 @@ res.end(); | ||
exports.listenForCode = listenForCode; | ||
function createUrl() { | ||
function generatePKCEPair() { | ||
const NUM_OF_BYTES = 32; | ||
const HASH_ALG = "sha256"; | ||
const randomVerifier = (0, node_crypto_1.randomBytes)(NUM_OF_BYTES).toString('hex'); | ||
const hash = (0, node_crypto_1.createHash)(HASH_ALG).update(randomVerifier).digest('base64'); | ||
const challenge = hash.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, ''); // Clean base64 to make it URL safe | ||
return { verifier: randomVerifier, challenge }; | ||
} | ||
exports.generatePKCEPair = generatePKCEPair; | ||
function createUrl(PKCEPair) { | ||
let encodedID = encodeURIComponent(config.appID ?? ""); | ||
let encodedUrl = encodeURIComponent(config.redirectURL); | ||
let encodedScope = encodeURIComponent(config.scope); | ||
return `https://login.live.com/oauth20_authorize.srf?client_id=${encodedID}&response_type=code&redirect_uri=${encodedUrl}&scope=${encodedScope}`; | ||
if (PKCEPair) { | ||
let encodedChallenge = encodeURIComponent(PKCEPair.challenge); | ||
return `https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?client_id=${encodedID}&response_type=code&redirect_uri=${encodedUrl}&scope=${encodedScope}&code_challenge=${encodedChallenge}&code_challenge_method=S256`; | ||
} | ||
return `https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?client_id=${encodedID}&response_type=code&redirect_uri=${encodedUrl}&scope=${encodedScope}`; | ||
} | ||
exports.createUrl = createUrl; | ||
async function getToken(authCode) { | ||
async function getToken(authCode, PKCEPair) { | ||
let encodedID = encodeURIComponent(config.appID); | ||
let encodedUrl = encodeURIComponent(config.redirectURL); | ||
let url = 'https://login.live.com/oauth20_token.srf'; | ||
let url = 'https://login.microsoftonline.com/consumers/oauth2/v2.0/token'; | ||
let body = `client_id=${encodedID}&code=${authCode}&grant_type=authorization_code&redirect_uri=${encodedUrl}`; | ||
@@ -163,3 +177,7 @@ if (config.mode === "Web") { | ||
} | ||
let response = await (0, http_client_methods_1.HttpPost)(url, body, { "Content-Type": "application/x-www-form-urlencoded" }); | ||
if (PKCEPair) { | ||
let encodedVerifier = encodeURIComponent(PKCEPair.verifier); | ||
body += `&code_verifier=${encodedVerifier}&code_challenge_method=S256`; | ||
} | ||
let response = await (0, http_client_methods_1.HttpPost)(url, body, { "Content-Type": "application/x-www-form-urlencoded", "Origin": config.redirectURL }); | ||
let jsonResponse = JSON.parse(response); | ||
@@ -186,2 +204,3 @@ if (jsonResponse.error) { | ||
const response = await (0, http_client_methods_1.HttpPost)(url, body, { | ||
"Origin": config.redirectURL, | ||
'Content-Type': 'application/x-www-form-urlencoded', | ||
@@ -243,7 +262,10 @@ }); | ||
const jsonResponse = JSON.parse(response); | ||
if (jsonResponse.errorMessage) { | ||
throw new types_1.AuthenticationError("Error when getting minecraft token", jsonResponse.errorMessage, jsonResponse.path); | ||
} | ||
return jsonResponse; | ||
} | ||
exports.getMinecraftToken = getMinecraftToken; | ||
async function authFlow(authCode) { | ||
const tokenRes = await getToken(authCode); | ||
async function authFlow(authCode, PKCEPair) { | ||
const tokenRes = await getToken(authCode, PKCEPair); | ||
return await authFlowXBL(tokenRes.access_token, tokenRes.refresh_token); | ||
@@ -250,0 +272,0 @@ } |
/// <reference types="node" /> | ||
import { PKCEPairType } from "../types"; | ||
export type MSConfigType = { | ||
@@ -18,2 +19,3 @@ appID: string; | ||
oncode?: (code: string) => any; | ||
pkcePair?: PKCEPairType; | ||
}; | ||
@@ -38,2 +40,4 @@ export type TokenResponse = { | ||
expires_in: 86400; | ||
path: string; | ||
errorMessage: string; | ||
}; | ||
@@ -40,0 +44,0 @@ export type XBLResponse = { |
@@ -17,1 +17,5 @@ /// <reference types="node" /> | ||
} | ||
export type PKCEPairType = { | ||
verifier: string; | ||
challenge: string; | ||
}; |
{ | ||
"name": "minecraft-auth", | ||
"version": "2.0.6", | ||
"version": "2.0.7", | ||
"description": "Package to authenticate with minecraft using traditional yggdrasil, new microsoft authentication and non-premium.", | ||
@@ -5,0 +5,0 @@ "main": "dist/index.js", |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
76352
1187