feat: minecraft-auth partial support

Eveeifyeve · Eveeifyeve · commit a13be82e8933 · 2025-06-20T05:40:42.000+10:00
fixup: form string
diff --git a/crates/core/src/auth/microsoft.rs b/crates/core/src/auth/microsoft.rs
@@ -1,6 +1,8 @@
 #![forbid(unsafe_code)]
 #![warn(clippy::pedantic)]
 
+use std::collections::HashMap;
+
 use crate::{errors::AuthErrors, trait_alias::*};
 use reqwest::Client;
 use serde::{Deserialize, Serialize};
@@ -154,10 +156,7 @@ fn parse_oauth(data: &[u8]) -> Result<OuathInfo, AuthErrors> {
 /// OAuth Auth Token Infomation.
 #[derive(Deserialize, Debug)]
 pub struct OuathToken {
-    pub token_type: String,
-    pub scope: String,
     pub expires_in: u16,
-    pub ext_expires_in: u16,
     pub access_token: String,
     pub refresh_token: String,
 }
@@ -168,34 +167,38 @@ pub fn ouath_token(
     code: Option<&str>,
     client_id: &str,
     scope: &str,
-    port: u16,
-    client_secret: &str,
+    redirect_uri: String,
+    client_secret: Option<&str>,
 ) -> impl AsyncSendSync<Result<OuathToken, AuthErrors>> {
-    let url = format!("https://login.microsoftonline.com/consumers/oauth2/v2.0/token");
-    let mut body = format!(
-        "client_id={}&scope={}&client_secret={}",
-        client_id, scope, client_secret
-    );
+    let url = if redirect_uri == "https://login.live.com/oauth20_desktop.srf" {
+        "https://login.live.com/oauth20_token.srf"
+    } else {
+        "https://login.microsoftonline.com/consumers/oauth2/v2.0/token"
+    };
+
+    // Use owned Strings for both keys and values
+    let mut form = HashMap::new();
+    form.insert("client_id".to_string(), client_id.to_string());
+    form.insert("scope".to_string(), scope.to_string());
+
+    if let Some(secret) = client_secret {
+        form.insert("client_secret".to_string(), secret.to_string());
+    }
 
     if let Some(token) = refresh_token {
-        body.push_str(&format!(
-            "&grant_type=refresh_token&refresh_token={}",
-            token
-        ));
+        form.insert("grant_type".to_string(), "refresh_token".to_string());
+        form.insert("refresh_token".to_string(), token); // token is already a String
     } else if let Some(auth_code) = code {
-        let redirect_uri = format!("http://localhost:{}", port);
-        body.push_str(&format!(
-            "&grant_type=authorization_code&code={}&redirect_uri={}",
-            auth_code, redirect_uri
-        ));
-    };
+        form.insert("grant_type".to_string(), "authorization_code".to_string());
+        form.insert("code".to_string(), auth_code.to_string());
+        form.insert("redirect_uri".to_string(), redirect_uri);
+    }
 
     async move {
         'out: {
-            let result = client.post(url).body(body).send().await;
+            let result = client.post(url).form(&form).send().await;
 
             let std::result::Result::Ok(response) = result else {
-                println!("Part 1");
                 break 'out Err(AuthErrors::ResponseError(
                     "Failed to send request".to_string(),
                 ));
@@ -205,7 +208,10 @@ pub fn ouath_token(
                 .text()
                 .await
                 .map_err(|_| AuthErrors::ResponseError("Failed to send request".to_string()))?;
-            let std::result::Result::Ok(token) = serde_json::from_str::<OuathToken>(&text) else {
+
+            println!("Form: {:?}, Text: {}", form, text);
+
+            let std::result::Result::Ok(token) = serde_json::from_str(&text) else {
                 break 'out Err(AuthErrors::ResponseError(
                     "Failed to send request, Check your Client Secret.".to_string(),
                 ));
diff --git a/crates/minecraft-essentails/src/lib.rs b/crates/minecraft-essentails/src/lib.rs
@@ -58,6 +58,8 @@ pub(crate) const EXPERIMENTAL_MESSAGE: &str =
 #[cfg(feature = "launch")]
 pub(crate) const MANIFEST_URL: &str =
     "https://piston-meta.mojang.com/mc/game/version_manifest_v2.json";
+#[cfg(feature = "auth")]
+pub(crate) const LAUNCHER_CLIENT_ID: &str = "00000000402B5328";
 
 /// OAuth 2.0 Authentication
 ///
@@ -112,7 +114,7 @@ impl Oauth {
         let mut builder = AuthenticationBuilder::builder();
         builder
             .port(self.port)
-            .client_id(&self.client_id)
+            .client_id(Some(&self.client_id))
             .of_type(AuthType::Oauth);
         let auth_info = builder
             .get_info()
@@ -144,10 +146,10 @@ impl Oauth {
         AuthenticationBuilder::builder()
             .bedrockrel(Some(bedrock_relm))
             .of_type(AuthType::Oauth)
-            .client_secret(client_secret)
-            .client_id(&self.client_id)
+            .client_secret(Some(client_secret))
+            .client_id(Some(&self.client_id))
             .port(Some(self.port))
-            .launch()
+            .launch(None, None)
             .await
     }
 
@@ -216,6 +218,11 @@ pub enum AuthType {
     /// This is used for refreshing your token with Minecraft.
     #[cfg(feature = "auth")]
     Refresh,
+
+    /// Minecraft authentification method
+    ///
+    /// Uses Minecraft Auth menthod (habdy if you want the minecraft background)
+    Minecraft,
 }
 
 /// Represents a builder for authentication configurations.
@@ -226,10 +233,10 @@ pub enum AuthType {
 #[cfg(feature = "auth")]
 pub struct AuthenticationBuilder {
     auth_type: AuthType,
-    client_id: String,
+    client_id: Option<String>,
     scope: Option<String>,
-    port: u16,
-    client_secrect: String,
+    port: Option<u16>,
+    client_secret: Option<String>,
     bedrockrel: bool,
     refresh_token: Option<String>,
 }
@@ -244,6 +251,8 @@ pub struct AuthInfo {
     pub device_code: Option<CodeResponse>,
     /// OAuth URL that you will recive based on AuthType::OAuth.
     pub ouath_url: Option<String>,
+    /// Redirect URL: Only needed when using minecraft auth
+    pub redirect_url: Option<String>,
 }
 
 #[cfg(feature = "auth")]
@@ -252,10 +261,10 @@ impl AuthenticationBuilder {
     pub fn builder() -> Self {
         Self {
             auth_type: AuthType::Oauth,
-            client_id: "".to_string(),
+            client_id: None,
             scope: Some(SCOPE.to_string()),
-            port: 8000,
-            client_secrect: "".to_string(),
+            port: Some(8000),
+            client_secret: None,
             bedrockrel: false,
             refresh_token: None,
         }
@@ -270,24 +279,28 @@ impl AuthenticationBuilder {
     }
 
     /// Client ID from your application Required for `OAuth` & `DeviceCode`.
-    pub fn client_id(&mut self, client_id: &str) -> &mut Self {
-        self.client_id = client_id.to_string();
+    pub fn client_id(&mut self, client_id: Option<&str>) -> &mut Self {
+        if client_id.is_some() {
+            self.client_id = client_id.map(|id| id.to_string());
+        }
         self
     }
 
     /// Port for the Temporary https Required for `OAuth``.
     pub fn port<T: Optional<u16>>(&mut self, port: T) -> &mut Self {
         let port = match port.into() {
-            Some(port) => port,
-            None => 8000,
+            Some(port) => Some(port),
+            None => None,
         };
         self.port = port;
         self
     }
 
     /// Client Secret from your application Required for `OAuth` & `DeviceCode`.
-    pub fn client_secret(&mut self, client_secret: &str) -> &mut Self {
-        self.client_secrect = client_secret.to_string();
+    pub fn client_secret(&mut self, client_secret: Option<&str>) -> &mut Self {
+        if client_secret.is_some() {
+            self.client_secret = client_secret.map(|secret| secret.to_string());
+        }
         self
     }
 
@@ -324,36 +337,63 @@ impl AuthenticationBuilder {
     /// Gets the code for device code method
     pub async fn get_info(&mut self) -> AuthInfo {
         let client = Client::new();
-        if self.auth_type == AuthType::DeviceCode {
-            let code = device_authentication_code(client, &self.client_id)
-                .await
-                .unwrap();
-            AuthInfo {
-                device_code: Some(code),
-                ouath_url: None,
+
+        match self.auth_type {
+            AuthType::DeviceCode => {
+                let client_id = &self.client_id.clone().expect("EXPECTED CLIENT_ID");
+                let code = device_authentication_code(client, client_id).await.unwrap();
+                AuthInfo {
+                    device_code: Some(code),
+                    ouath_url: None,
+                    redirect_url: None,
+                }
             }
-        } else {
-            let url = format!(
-                "https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize/?client_id={}&response_type=code&redirect_uri=http://localhost:{}&response_mode=query&scope={}&state=12345",
-                self.client_id, self.port, SCOPE
-            );
-            AuthInfo {
-                device_code: None,
-                ouath_url: Some(url),
+            AuthType::Oauth | AuthType::Refresh => {
+                let client_id = &self.client_id.clone().expect("EXPECTED CLIENT_ID");
+                let url = format!(
+                    "https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize/?client_id={}&response_type=code&redirect_uri=http://localhost:{}&response_mode=query&scope={}&state=12345",
+                    client_id,
+                    self.port.expect("EXPECTED PORT"),
+                    self.scope.clone().expect("Expected Scope")
+                );
+                AuthInfo {
+                    device_code: None,
+                    ouath_url: Some(url),
+                    redirect_url: None,
+                }
+            }
+            AuthType::Minecraft => {
+                let redirect_url = "https://login.live.com/oauth20_desktop.srf";
+                let url = format!(
+                    "https://login.live.com/oauth20_authorize.srf?client_id={LAUNCHER_CLIENT_ID}&redirect_uri={}&response_type=code&scope=service::user.auth.xboxlive.com::MBI_SSL",
+                    redirect_url
+                );
+
+                AuthInfo {
+                    device_code: None,
+                    ouath_url: Some(url),
+                    redirect_url: Some(redirect_url.to_string()),
+                }
             }
         }
     }
 
     /// Launchs the authentication process.
-    pub async fn launch(&mut self) -> Result<CustomAuthData, Box<dyn std::error::Error>> {
+    pub async fn launch(
+        &mut self,
+        code: Option<&str>,
+        redirect_url: Option<String>,
+    ) -> Result<CustomAuthData, Box<dyn std::error::Error>> {
         dbg!(&self.auth_type, &self.client_id);
         let client = Client::new();
 
         match self.auth_type {
             AuthType::Oauth => {
-                dbg!(&self.client_secrect, self.port);
-                print!("{}", self.client_id);
-                let server = ouath(self.port)?.await?;
+                dbg!(&self.client_secret, self.port, &self.client_secret);
+                let client_id = &self.client_id.clone().expect("EXPECTED CLIENT_ID");
+                let client_secret = &self.client_secret.clone().expect("EXPECTED CLIENT_ID");
+
+                let server = ouath(self.port.expect("EXPECTED PORT"))?.await?;
                 let server_token = ouath_token(
                     client.clone(),
                     None,
@@ -363,10 +403,10 @@ impl AuthenticationBuilder {
                             .expect("\x1b[31mXbox Expected code.\x1b[0m")
                             .as_str(),
                     ),
-                    &self.client_id,
+                    client_id,
                     self.scope.as_deref().unwrap_or_default(),
-                    self.port,
-                    &self.client_secrect,
+                    format!("https://localhost:{}", self.port.expect("EXPECTED PORT")),
+                    Some(client_secret),
                 )
                 .await?;
                 let xbl = xbl(client.clone(), &server_token.access_token).await?;
@@ -384,10 +424,12 @@ impl AuthenticationBuilder {
                 }
             }
             AuthType::DeviceCode => {
+                let client_id = &self.client_id.clone().expect("EXPECTED CLIENT_ID");
+
                 print!("{} \n Status: WIP (Work In Progress)", EXPERIMENTAL_MESSAGE);
-                let code = device_authentication_code(client.clone(), &self.client_id).await?;
+                let code = device_authentication_code(client.clone(), client_id).await?;
                 let code_token =
-                    authenticate_device(client.clone(), &code.device_code, &self.client_id).await?;
+                    authenticate_device(client.clone(), &code.device_code, client_id).await?;
                 let xbl = xbl(client.clone(), &code_token.token).await?;
                 let xts = xsts(client.clone(), &xbl.token, self.bedrockrel).await?;
 
@@ -403,6 +445,9 @@ impl AuthenticationBuilder {
                 }
             }
             AuthType::Refresh => {
+                let client_id = &self.client_id.clone().expect("EXPECTED CLIENT_ID");
+                let client_secret = &self.client_secret.clone().expect("EXPECTED CLIENT_ID");
+
                 if self.refresh_token == None {
                     return Err(Box::new(errors::AuthErrors::AuthenticationFailure(
                         "Missing Refresh Token".to_string(),
@@ -412,10 +457,41 @@ impl AuthenticationBuilder {
                     client.clone(),
                     self.refresh_token.clone(),
                     None,
-                    &self.client_id,
+                    client_id,
                     self.scope.as_deref().unwrap_or_default(),
-                    self.port,
-                    &self.client_secrect,
+                    if self.port.is_some() {
+                        format!("https://localhost:{}", self.port.expect("EXPECTED PORT"))
+                    } else {
+                        redirect_url.expect("EXPECTED REDIRECT URL")
+                    },
+                    Some(client_secret),
+                )
+                .await?;
+                let xbl = xbl(client.clone(), &server_token.access_token).await?;
+                let xts = xsts(client.clone(), &xbl.token, self.bedrockrel).await?;
+
+                if self.bedrockrel {
+                    Ok(CustomAuthData {
+                        access_token: None,
+                        uuid: None,
+                        expires_in: 0,
+                        xts_token: Some(xts.token),
+                    })
+                } else {
+                    Ok(bearer_token(client, &xbl.display_claims.xui[0].uhs, &xts.token).await?)
+                }
+            }
+            AuthType::Minecraft => {
+                dbg!(self.port);
+
+                let server_token = ouath_token(
+                    client.clone(),
+                    None,
+                    code,
+                    LAUNCHER_CLIENT_ID,
+                    "service::user.auth.xboxlive.com::MBI_SSL",
+                    redirect_url.expect("EXPECTED REDIRECT URL"),
+                    None,
                 )
                 .await?;
                 let xbl = xbl(client.clone(), &server_token.access_token).await?;
diff --git a/crates/minecraft-essentails/src/main.rs b/crates/minecraft-essentails/src/main.rs
