MAS (Microsoft Authentication Scheme)
These Functions are used for the authentication flow. They can be used separate if needed.
Functions
authenticateXboxLive (access_token)
It takes the following parameters:
access_token: Valid Microsoft Access Token
If the access token is invalid, it will return XBOXLIVE_AUTH_FAIL
The function returns an Xbox Live Token to be used in the following function.
authorizeMojang (token)
It takes the following parameters:
token: Token generated from authenticateXboxLive.
If the token is invalid, it will return MOJANG_FAIL
Response
{
"IssueInstant": "2020-12-07T19:52:09.2345095Z",
"NotAfter": "2020-12-08T11:52:09.2345095Z",
"Token": "token",
"DisplayClaims": {
"xui": [
{
"uhs": "userhash"
}
]
}
}
The key items to take note of are:
tokenuserhash
authenticateMinecraft (token, xuid)
It takes the following parameters
token: Token generated from authorizeMojang.userhash: Generated from authenticateXboxLive.
If the token is invalid, it will return MINECRAFT_FAIL
If the access token is valid, it will return the following
{
"username": "UUID (Not account uuid)",
"roles": [],
"access_token": "MINECRAFT_ACCESS_TOKEN",
"token_type": "Bearer",
"expires_in": 86400
}
The key items to take note of are:
UUID: This is the accounts user id. Not the Minecraft UUIDMINECRAFT_ACCESS_TOKEN: This is the access token to authenticate with Minecraft.
verifyMinecraft (access_token)
It takes the following parameters:
access_token: Access token generated from authenticateMinecraft
This verifies that the access token is a valid Minecraft access token.
If the token is invalid, it will return false.
If the token is valid, it will return true.
getProfileData (access_token)
It takes the following parameters:
access_token: Access token generated from authenticateMinecraft
If the token is invalid, it will return PROFILE_GET_ERROR.
If the access token is valid, it will return the following
{
"uuid": "MINECRAFT_UUID",
"username": "MINECRAFT_USERNAME"
}