Microsoft OAuth 2.0 and Xbox Authentication
- Microsoft OAuth Code Flow
- Xbox Authentication
- Xbox Sisu Authentication with Proof-of-Possession
Currently only auth code flow is supported.
// Initialize API client
var httpClient = new HttpClient();
var apiClient = new MicrosoftOAuthCodeApiClient("<CLIENT-ID>", "<SCOPES>", httpClient); // replace "SCOPES" to XboxAuth.XboxScope for Xbox Authentication
// Authenticate with auth code flow
var codeFlow = new MicrosoftOAuthCodeFlowBuilder(apiClient)
.Build();
MicrosoftOAuthResponse result = await codeFlow.Authenticate();
// `result.AccessToken` can be used on Xbox Authentication
// store `result` variable to refresh token later.
// `MicrosoftOAuthResponse` can be serialized (like json)
Console.WriteLine(result.AccessToken);
Console.WriteLine(result.RefreshToken);if (!result.Validate())
{
var newResult = await apiClient.RefreshToken(result.RefreshToken, CancellationToken.None);
Console.WriteLine(newResult.AccessToken);
Console.WriteLine(newResult.RefreshToken);
}There are three Xbox authentication methods. You can find a description of each method here.
var httpClient = new HttpClient();
var xboxAuthClient = new XboxAuthClient(httpClient);
var userToken = await xboxAuthClient.RequestUserToken("<microsoft_oauth2_access_token>");
var xsts = await xboxAuthClient.RequestXsts(userToken.Token, "<relying_party>");
Console.WriteLine(xsts.Token);var httpClient = new HttpClient();
var xboxAuthClient = new XboxAuthClient(httpClient);
var userToken = await xboxAuthClient.RequestSignedUserToken(new XboxSignedUserTokenRequest
{
AccessToken = "<microsoft_oauth2_access_token>",
TokenPrefix = AbstractXboxAuthRequest.XboxTokenPrefix
});
var deviceToken = await xboxAuthClient.RequestDeviceToken(new XboxDeviceTokenRequest
{
DeviceType = XboxDeviceTypes.Nintendo,
DeviceVersion = "0.0.0"
});
var titleToken = await xboxAuthClient.RequestTitleToken(new XboxTitleTokenRequest
{
AccessToken = "<microsoft_oauth2_access_token>",
DeviceToken = deviceToken.Token
});
var xsts = await xboxAuthClient.RequestXsts(new XboxXstsRequest
{
UserToken = userToken.Token,
DeviceToken = deviceToken.Token,
TitleToken = titleToken.Token,
RelyingParty = "<relying_party>"
});
Console.WriteLine(xsts.Token);var httpClient = new HttpClient();
var xboxAuthClient = new XboxAuthClient(httpClient);
var deviceToken = await xboxAuthClient.RequestDeviceToken(XboxDeviceTypes.Win32, "0.0.0");
var sisuResult = await xboxAuthClient.SisuAuth(new XboxSisuAuthRequest
{
AccessToken = "<microsoft_oauth2_access_token>",
ClientId = XboxGameTitles.MinecraftJava,
DeviceToken = deviceToken.Token,
RelyingParty = "<relying_party>"
});
Console.WriteLine(xsts.Token);These documents explain how Microsoft OAuth 2.0 works.
Desktop application calling a web api (XboxAuthNet implements interactive authentication)
This project was made possible thanks to the contributions of various open-source projects. not used any document from NDA developer program