Add fetchCertificates option to getMinecraftJavaToken (#51)

LucienHH · web-flow · commit 306f09b0cb60 · 2022-07-25T22:10:04.000+02:00
* Add `fetchCertificate` option to `getMinecraftJavaToken`

* Add types for fetch options

* Pluralise `fetchCertificate`
diff --git a/docs/API.md b/docs/API.md
@@ -39,6 +39,7 @@ flow.getXboxToken().then(console.log)
 Returns a Minecraft Java Edition auth token.
 * If you specify `fetchEntitlements` optional option, we will check if the account owns Minecraft and return the results of the API call. Undefined if request fails.
 * If you specify `fetchProfile`, we will do a call to `https://api.minecraftservices.com/minecraft/profile` for the currently signed in user and returns the results. Undefined if request fails.
+* If you specify `fetchCertificates` we will return the Mojang provided key-pair for a player, which are used for cryptographically signing chat messages 
 
 ### getMinecraftBedrockToken (publicKey: KeyObject): Promise<string[]>
 
diff --git a/examples/mcpc/deviceCode.js b/examples/mcpc/deviceCode.js
@@ -9,7 +9,7 @@ if (!username) {
 
 async function doAuth () {
   const flow = new Authflow(username, cacheDir, { authTitle: Titles.MinecraftNintendoSwitch, deviceType: 'Nintendo' })
-  const response = await flow.getMinecraftJavaToken({ fetchEntitlements: true, fetchProfile: true })
+  const response = await flow.getMinecraftJavaToken({ fetchEntitlements: true, fetchProfile: true, fetchCertificates: true })
   console.log(response)
 }
 
diff --git a/index.d.ts b/index.d.ts
@@ -27,13 +27,50 @@ declare module 'prismarine-auth' {
     }>
     // Returns a Minecraft Java Edition auth token
     getMinecraftJavaToken(options?: {
+      fetchCertificates?: boolean,
       fetchEntitlements?: boolean
       fetchProfile?: boolean
-    }): Promise<{ token: string, entitlements: object, profile: object }>
+    }): Promise<{ token: string, entitlements: MinecraftJavaEntitlements, profile: MinecraftJavaProfile, certificates: MinecraftJavaCertificates }>
     // Returns a Minecraft Bedrock Edition auth token. Public key parameter must be a KeyLike object.
     getMinecraftBedrockToken(publicKey: KeyObject): Promise<string>
   }
 
+  export interface MinecraftJavaEntitlements {
+    items: MinecraftJavaEntitlementsItem[]
+    signature: String
+    keyId: String
+  }
+
+  export interface MinecraftJavaEntitlementsItem {
+    name: String
+    signature: String
+  }
+
+  export interface MinecraftJavaProfile {
+    id: String
+    name: String
+    skins: MinecraftJavaProfileSkin[]
+    capes: Array
+  }
+
+  export interface MinecraftJavaProfileSkin {
+    id: String,
+    state: String,
+    url: String,
+    variant: 'CLASSIC'|'SLIM'
+  }
+
+  export interface MinecraftJavaCertificates {
+    keyPair: {
+      privateKey: String
+      publicKey: String
+    }
+    publicKeySignature: String
+    publicKeySignatureV2: String
+    expiresAt: String
+    refreshedAfter: String
+  }
+
   export interface MicrosoftAuthFlowOptions {
     authTitle?: Titles
     deviceType?: String
diff --git a/src/MicrosoftAuthFlow.js b/src/MicrosoftAuthFlow.js
@@ -166,6 +166,9 @@ class MicrosoftAuthFlow {
     if (options.fetchProfile) {
       response.profile = await this.mca.fetchProfile(response.token).catch(e => debug('Failed to obtain profile data', e))
     }
+    if (options.fetchCertificates) {
+      response.certificates = await this.mca.fetchCertificates(response.token).catch(e => debug('Failed to obtain keypair data', e))
+    }
 
     return response
   }
diff --git a/src/TokenManagers/MinecraftJavaTokenManager.js b/src/TokenManagers/MinecraftJavaTokenManager.js
@@ -74,5 +74,13 @@ class MinecraftJavaTokenManager {
     debug(`[mc] got entitlement response: ${entitlements}`)
     return entitlements
   }
+
+  async fetchCertificates (accessToken) {
+    debug(`[mc] fetching key-pair with ${accessToken.slice(0, 16)}`)
+    const headers = { ...fetchOptions.headers, Authorization: `Bearer ${accessToken}` }
+    const certificate = await fetch(Endpoints.MinecraftServicesCertificate, { method: 'post', headers }).then(checkStatus)
+    debug('[mc] got key-pair')
+    return certificate
+  }
 }
 module.exports = MinecraftJavaTokenManager
diff --git a/src/common/Constants.js b/src/common/Constants.js
@@ -11,6 +11,7 @@ module.exports = {
     SisuAuthorize: 'https://sisu.xboxlive.com/authorize',
     XstsAuthorize: 'https://xsts.auth.xboxlive.com/xsts/authorize',
     MinecraftServicesLogWithXbox: 'https://api.minecraftservices.com/authentication/login_with_xbox',
+    MinecraftServicesCertificate: 'https://api.minecraftservices.com/player/certificates',
     MinecraftServicesEntitlement: 'https://api.minecraftservices.com/entitlements/mcstore',
     MinecraftServicesProfile: 'https://api.minecraftservices.com/minecraft/profile',
     LiveDeviceCodeRequest: 'https://login.live.com/oauth20_connect.srf',

Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@ if (!username) {`
`9`	`9`
`10`	`10`	`async function doAuth () {`
`11`	`11`	`const flow = new Authflow(username, cacheDir, { authTitle: Titles.MinecraftNintendoSwitch, deviceType: 'Nintendo' })`
`12`		`- const response = await flow.getMinecraftJavaToken({ fetchEntitlements: true, fetchProfile: true })`
	`12`	`+ const response = await flow.getMinecraftJavaToken({ fetchEntitlements: true, fetchProfile: true, fetchCertificates: true })`
`13`	`13`	`console.log(response)`
`14`	`14`	`}`
`15`	`15`
Original file line number	Diff line number	Diff line change
`@@ -166,6 +166,9 @@ class MicrosoftAuthFlow {`
`166`	`166`	`if (options.fetchProfile) {`
`167`	`167`	`response.profile = await this.mca.fetchProfile(response.token).catch(e => debug('Failed to obtain profile data', e))`
`168`	`168`	`}`
	`169`	`+ if (options.fetchCertificates) {`
	`170`	`+ response.certificates = await this.mca.fetchCertificates(response.token).catch(e => debug('Failed to obtain keypair data', e))`
	`171`	`+ }`
`169`	`172`
`170`	`173`	`return response`
`171`	`174`	`}`
Original file line number	Diff line number	Diff line change
`@@ -74,5 +74,13 @@ class MinecraftJavaTokenManager {`
`74`	`74`	debug(`[mc] got entitlement response: ${entitlements}`)
`75`	`75`	`return entitlements`
`76`	`76`	`}`
	`77`	`+`
	`78`	`+ async fetchCertificates (accessToken) {`
	`79`	+ debug(`[mc] fetching key-pair with ${accessToken.slice(0, 16)}`)
	`80`	+ const headers = { ...fetchOptions.headers, Authorization: `Bearer ${accessToken}` }
	`81`	`+ const certificate = await fetch(Endpoints.MinecraftServicesCertificate, { method: 'post', headers }).then(checkStatus)`
	`82`	`+ debug('[mc] got key-pair')`
	`83`	`+ return certificate`
	`84`	`+ }`
`77`	`85`	`}`
`78`	`86`	`module.exports = MinecraftJavaTokenManager`