From 27c583e0f4b000297a5e11727b84c868d76911ba Mon Sep 17 00:00:00 2001 From: Evan Goode Date: Mon, 20 May 2024 13:14:39 -0400 Subject: [PATCH] Use Nintendo Switch client ID --- CMakeLists.txt | 11 ++--------- launcher/minecraft/auth/steps/MSAStep.cpp | 7 ++++--- launcher/minecraft/auth/steps/XboxUserStep.cpp | 2 +- launcher/ui/pages/global/APIPage.cpp | 3 +-- libraries/katabasis/src/DeviceFlow.cpp | 5 ++++- 5 files changed, 12 insertions(+), 16 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 33d281772..a29bd0352 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -232,15 +232,8 @@ elseif(WIN32) endif() # API Keys -# NOTE: These API keys are here for convenience. If you rebrand this software or intend to break the terms of service -# of these platforms, please change these API keys beforehand. -# Be aware that if you were to use these API keys for malicious purposes they might get revoked, which might cause -# breakage to thousands of users. -# If you don't plan to use these features of this software, you can just remove these values. - -# By using this key in your builds you accept the terms of use laid down in -# https://docs.microsoft.com/en-us/legal/microsoft-identity-platform/terms-of-use -set(Launcher_MSA_CLIENT_ID "" CACHE STRING "Client ID you can get from Microsoft Identity Platform when you register an application") +# Nintendo Switch Client ID, used by prismarine-auth and azalea-auth. +set(Launcher_MSA_CLIENT_ID "00000000441cc96b" CACHE STRING "Client ID you can get from Microsoft Identity Platform when you register an application") # By using this key in your builds you accept the terms and conditions laid down in # https://support.curseforge.com/en/support/solutions/articles/9000207405-curse-forge-3rd-party-api-terms-and-conditions diff --git a/launcher/minecraft/auth/steps/MSAStep.cpp b/launcher/minecraft/auth/steps/MSAStep.cpp index 1aa22765d..925de75b6 100644 --- a/launcher/minecraft/auth/steps/MSAStep.cpp +++ b/launcher/minecraft/auth/steps/MSAStep.cpp @@ -51,10 +51,11 @@ MSAStep::MSAStep(AccountData* data, Action action) : AuthStep(data), m_action(ac { m_clientId = APPLICATION->getMSAClientID(); OAuth2::Options opts; - opts.scope = "XboxLive.signin offline_access"; + opts.scope = "service::user.auth.xboxlive.com::MBI_SSL"; opts.clientIdentifier = m_clientId; - opts.authorizationUrl = "https://login.microsoftonline.com/consumers/oauth2/v2.0/devicecode"; - opts.accessTokenUrl = "https://login.microsoftonline.com/consumers/oauth2/v2.0/token"; + opts.authorizationUrl = "https://login.live.com/oauth20_connect.srf"; + opts.accessTokenUrl = "https://login.live.com/oauth20_token.srf"; + opts.responseType = "device_code"; // FIXME: OAuth2 is not aware of our fancy shared pointers m_oauth2 = new OAuth2(opts, m_data->msaToken, this, APPLICATION->network().get()); diff --git a/launcher/minecraft/auth/steps/XboxUserStep.cpp b/launcher/minecraft/auth/steps/XboxUserStep.cpp index 856036d23..d324b4ecb 100644 --- a/launcher/minecraft/auth/steps/XboxUserStep.cpp +++ b/launcher/minecraft/auth/steps/XboxUserStep.cpp @@ -27,7 +27,7 @@ void XboxUserStep::perform() "Properties": { "AuthMethod": "RPS", "SiteName": "user.auth.xboxlive.com", - "RpsTicket": "d=%1" + "RpsTicket": "%1" }, "RelyingParty": "http://auth.xboxlive.com", "TokenType": "JWT" diff --git a/launcher/ui/pages/global/APIPage.cpp b/launcher/ui/pages/global/APIPage.cpp index da39a1b63..0fc6843ff 100644 --- a/launcher/ui/pages/global/APIPage.cpp +++ b/launcher/ui/pages/global/APIPage.cpp @@ -61,8 +61,7 @@ APIPage::APIPage(QWidget* parent) : QWidget(parent), ui(new Ui::APIPage) PasteUpload::PasteType::Hastebin }; static QRegularExpression validUrlRegExp("https?://.+"); - static QRegularExpression validMSAClientID( - QRegularExpression::anchoredPattern("[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}")); + static QRegularExpression validMSAClientID(QRegularExpression::anchoredPattern(".+")); static QRegularExpression validFlameKey(QRegularExpression::anchoredPattern("\\$2[ayb]\\$.{56}")); ui->setupUi(this); diff --git a/libraries/katabasis/src/DeviceFlow.cpp b/libraries/katabasis/src/DeviceFlow.cpp index 3b9d9c53f..50d22602e 100644 --- a/libraries/katabasis/src/DeviceFlow.cpp +++ b/libraries/katabasis/src/DeviceFlow.cpp @@ -177,6 +177,7 @@ void DeviceFlow::login() QList parameters; parameters.append(RequestParameter(OAUTH2_CLIENT_ID, options_.clientIdentifier.toUtf8())); parameters.append(RequestParameter(OAUTH2_SCOPE, options_.scope.toUtf8())); + parameters.append(RequestParameter(OAUTH2_RESPONSE_TYPE, options_.responseType.toUtf8())); QByteArray payload = createQueryParameters(parameters); QUrl url(options_.authorizationUrl); @@ -261,8 +262,10 @@ void DeviceFlow::startPollServer(const QVariantMap& params, int expiresIn) if (!options_.clientSecret.isEmpty()) { parameters.append(RequestParameter(OAUTH2_CLIENT_SECRET, options_.clientSecret.toUtf8())); } - parameters.append(RequestParameter(OAUTH2_CODE, deviceCode.toUtf8())); + parameters.append(RequestParameter(OAUTH2_DEVICE_CODE, deviceCode.toUtf8())); parameters.append(RequestParameter(OAUTH2_GRANT_TYPE, grantType.toUtf8())); + parameters.append(RequestParameter(OAUTH2_RESPONSE_TYPE, options_.responseType.toUtf8())); + QByteArray payload = createQueryParameters(parameters); PollServer* pollServer = new PollServer(manager_, authRequest, payload, expiresIn, this);