auth

package
v1.54.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 11, 2026 License: MIT Imports: 25 Imported by: 56

Documentation

Overview

Package auth implements authentication to Microsoft Live Connect accounts, XBOX Live accounts and ultimately Minecraft accounts associated with them. Microsoft Live Connect auth is performed using device auth.

The auth package provides token sources for Microsoft Live Connect auth with an oauth2-style interface, with token sources that may be plugged into services directly.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// AndroidConfig is the configuration used in Minecraft: Bedrock Edition for Android devices.
	AndroidConfig = Config{
		DeviceType: "Android",
		ClientID:   "0000000048183522",
		Version:    "8.0.0",
		UserAgent:  "XAL Android 2020.07.20200714.000",
	}
	// IOSConfig is the configuration used in Minecraft: Bedrock Edition for iOS devices.
	IOSConfig = Config{
		DeviceType: "iOS",
		ClientID:   "000000004c17c01a",
		Version:    "15.6.1",
		UserAgent:  "XAL iOS 2021.11.20211021.000",
	}
	// Win32Config is the configuration used in Minecraft: Bedrock Edition for Windows devices.
	// Please note that the actual GDK/UWP build of the game requests the device token in more different way.
	Win32Config = Config{
		DeviceType: "Win32",
		ClientID:   "0000000040159362",
		Version:    "10.0.25398.4909",
		UserAgent:  "XAL Win32 2021.11.20220411.002",
	}
	// NintendoConfig is the configuration used in Minecraft: Bedrock Edition for Nintendo Switch.
	NintendoConfig = Config{
		DeviceType: "Nintendo",
		ClientID:   "00000000441cc96b",
		Version:    "0.0.0",
		UserAgent:  "XAL",
	}
	// PlayStationConfig is the configuration used in Minecraft: Bedrock Edition for PlayStation devices.
	PlayStationConfig = Config{
		DeviceType: "Playstation",
		ClientID:   "000000004827c78e",
		Version:    "10.0.0",
		UserAgent:  "XAL",
	}
)
View Source 
var TokenSource oauth2.TokenSource = AndroidConfig.WriterTokenSource(os.Stdout)

TokenSource holds an oauth2.TokenSource which uses device auth to get a code. The user authenticates using a code. TokenSource prints the authentication code and URL to os.Stdout. To use a different io.Writer, use WriterTokenSource. TokenSource automatically refreshes tokens.

Functions

func RefreshTokenSource 

func RefreshTokenSource(t *oauth2.Token) oauth2.TokenSource

RefreshTokenSource returns a new oauth2.TokenSource using the oauth2.Token passed that automatically refreshes the token everytime it expires. Note that this function must be used over oauth2.ReuseTokenSource due to that function not refreshing with the correct scopes.

func RefreshTokenSourceWriter 

func RefreshTokenSourceWriter(t *oauth2.Token, w io.Writer) oauth2.TokenSource

RefreshTokenSourceWriter returns a new oauth2.TokenSource using the oauth2.Token passed that automatically refreshes the token everytime it expires. It requests from io.Writer if the oauth2.Token is invalid. Note that this function must be used over oauth2.ReuseTokenSource due to that function not refreshing with the correct scopes.

func RequestLiveToken 

func RequestLiveToken() (*oauth2.Token, error)

RequestLiveToken does a login request for Microsoft Live Connect using device auth. A login URL will be printed to the stdout with a user code which the user must use to submit. RequestLiveToken is the equivalent of RequestLiveTokenWriter(os.Stdout).

func RequestLiveTokenWriter 

func RequestLiveTokenWriter(w io.Writer) (*oauth2.Token, error)

RequestLiveTokenWriter does a login request for Microsoft Live Connect using device auth. A login URL will be printed to the io.Writer passed with a user code which the user must use to submit. Once fully authenticated, an oauth2 token is returned which may be used to login to XBOX Live.

func RequestMinecraftChain 

func RequestMinecraftChain(ctx context.Context, token *XBLToken, key *ecdsa.PrivateKey) (string, error)

RequestMinecraftChain requests a fully processed Minecraft JWT chain using the XSTS token passed, and the ECDSA private key of the client. This key will later be used to initialise encryption, and must be saved for when packets need to be decrypted/encrypted.

func WithXBLTokenCache added in v1.53.0 

func WithXBLTokenCache(parent context.Context, cache *XBLTokenCache) context.Context

WithXBLTokenCache returns a context.Context which contains the XBLTokenCache. The returned context.Context can be used in RequestXBLToken for re-using the device token as possible to avoid issuing too many device tokens and incurring rate limiting from XASD (Xbox Authentication Service for Devices).

func WriterTokenSource 

func WriterTokenSource(w io.Writer) oauth2.TokenSource

WriterTokenSource returns a new oauth2.TokenSource which, like TokenSource, uses device auth to get a code. Unlike TokenSource, WriterTokenSource allows passing an io.Writer to which information on the auth URL and code are printed. WriterTokenSource automatically refreshes tokens.

Types

type Config added in v1.53.0 

type Config struct {
	// ClientID is the ID used for the SISU authorization flow.
	// It is also used for the OAuth2 device code flow in [RequestLiveToken].
	ClientID string
	// DeviceType indicates the device type used for requesting device tokens in Xbox Live.
	DeviceType string
	// Version indicates the version of the authentication library used in the client.
	Version string
	// UserAgent is the 'User-Agent' header sent by the authentication library used in the client.
	UserAgent string
}

Config specifies the configuration for authenticating with Xbox Live and Microsoft services. This struct should remain immutable.

func (Config) NewTokenCache added in v1.53.0 

func (conf Config) NewTokenCache() *XBLTokenCache

NewTokenCache returns an XBLTokenCache that can be used to re-use XBL tokens in RequestXBLToken.

func (Config) RefreshTokenSource added in v1.53.0 

func (conf Config) RefreshTokenSource(t *oauth2.Token) oauth2.TokenSource

RefreshTokenSource returns a new oauth2.TokenSource using the oauth2.Token passed that automatically refreshes the token everytime it expires. Note that this function must be used over oauth2.ReuseTokenSource due to that function not refreshing with the correct scopes.

func (Config) RefreshTokenSourceWriter added in v1.53.0 

func (conf Config) RefreshTokenSourceWriter(t *oauth2.Token, w io.Writer) oauth2.TokenSource

RefreshTokenSourceWriter returns a new oauth2.TokenSource using the oauth2.Token passed that automatically refreshes the token everytime it expires. It requests from io.Writer if the oauth2.Token is invalid. Note that this function must be used over oauth2.ReuseTokenSource due to that function not refreshing with the correct scopes.

func (Config) RequestLiveToken added in v1.53.0 

func (conf Config) RequestLiveToken() (*oauth2.Token, error)

RequestLiveToken does a login request for Microsoft Live Connect using device auth. A login URL will be printed to the stdout with a user code which the user must use to submit. RequestLiveToken is the equivalent of RequestLiveTokenWriter(os.Stdout).

func (Config) RequestLiveTokenWriter added in v1.53.0 

func (conf Config) RequestLiveTokenWriter(w io.Writer) (*oauth2.Token, error)

RequestLiveTokenWriter does a login request for Microsoft Live Connect using device auth. A login URL will be printed to the io.Writer passed with a user code which the user must use to submit. Once fully authenticated, an oauth2 token is returned which may be used to login to XBOX Live.

func (Config) RequestXBLToken added in v1.53.0 

func (conf Config) RequestXBLToken(ctx context.Context, liveToken *oauth2.Token, relyingParty string) (*XBLToken, error)

RequestXBLToken requests an XBOX Live auth token using the passed Live token pair.

func (Config) WriterTokenSource added in v1.53.0 

func (conf Config) WriterTokenSource(w io.Writer) oauth2.TokenSource

type XBLToken 

type XBLToken struct {
	AuthorizationToken struct {
		DisplayClaims struct {
			// UserInfo contains the user information claimed from the authorization token.
			// GamerTag and XUID are only populated on the "xboxlive.com" relying party.
			// The rest only return UserHash.
			UserInfo []struct {
				GamerTag string `json:"gtg"`
				XUID     string `json:"xid"`
				UserHash string `json:"uhs"`
			} `json:"xui"`
		}
		IssueInstant time.Time
		NotAfter     time.Time
		Token        string
	}
}

XBLToken holds info on the authorization token used for authenticating with XBOX Live.

func RequestXBLToken 

func RequestXBLToken(ctx context.Context, liveToken *oauth2.Token, relyingParty string) (*XBLToken, error)

RequestXBLToken requests an Xbox Live token using a default device config. If an XBLTokenCache is present in ctx (via WithXBLTokenCache), its Config is used instead.

func (XBLToken) SetAuthHeader 

func (t XBLToken) SetAuthHeader(r *http.Request)

SetAuthHeader sets the 'Authorization' header used for Minecraft related endpoints that need an XBOX Live authenticated caller.

func (XBLToken) Valid added in v1.53.0 

func (t XBLToken) Valid() bool

Valid returns whether the XBLToken is valid.

type XBLTokenCache added in v1.53.0 

type XBLTokenCache struct {
	// contains filtered or unexported fields
}

XBLTokenCache caches device tokens for requesting Xbox Live tokens. It may be created from Config.NewTokenCache and included to a context.Context for re-using the device token in RequestXBLToken.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.