Authenticate to Minecraft using the Microsoft Authentication Scheme from Rust.

Overview

Authenticating to Minecraft with the Microsoft Authentication Scheme from Rust

This program showcases an implementation of the microsoft authentication scheme for Minecraft, written in Rust.

Requirements

You need to obtain a client id and client secret by creating an Azure application. Steps on obtaining the client id and client secret will be seen in the next section.

You will also need to provide a redirect uri. This program assumes that you've set the redirect uri in Azure to be localhost.

A port is also needed. If the port isn't given or is invalid, it will try to parse it from the redirect uri. If it doesn't exist in the redirect uri, it is set to 80.

In order to input these requirements, you have two methods:

  • Input the variable using environment variables while calling cargo run, or
  • Use a .env file, placing it within this directory.

Here are the variables needed.

  • CLIENT_ID: The client id you got in your azure application.
  • CLIENT_SECRET: The client secret you got in your azure application.
  • REDIRECT_URI: The redirect uri you gave in your azure application.
  • PORT (Optional): The port you gave in your redirect uri. If not given, it is inferred.

Steps on obtaining a client id and a client secret from Azure

  1. Visit portal.azure.com and input your credentials.
  2. From the search bar in the top middle of the screen, search for 'Azure Active Directory'.
  3. From the sidebar, click on 'App registrations' from the 'Manage' section.
  4. Click on 'New Registration' in the menu bar.
  5. Set the name of your application to anything you want.
  6. Set the supported account type to 'Personal Microsoft accounts only'.
  7. Set the type of the Redirect URI to 'Web', and input your redirect uri there.
  8. Copy the client id to a safe place.
  9. Click on 'Add a certificate or secret' under 'Client credentials'.
  10. Click on 'New client secret' under 'Client secrets'.
  11. Click on add, optionally adding a description.
  12. Copy the client secret to a safe place immediately, as the first three digits will only be shown to you afterwards.
  13. You should now have the client id and client secret.

Running it

  1. Install Rust from their website: www.rust-lang.org
  2. Clone this repository:
$ git clone https://github.com/ALinuxPerson/mcsoft-auth.git
  1. Provide the environment variables above in the Requirements section.
  2. Run it via cargo run.

If all goes well, the first that should pop up in your terminal is this:

Now awaiting code.

You should have gotten your default browser to open a link to the microsoft oauth page. If nothing popped and an error occurred in your terminal, you should be able to get the link from there.

Follow the instructions on the link, and then you should get a message on your browser as text like this:

Successfully received query

Going back to your terminal, you should get the following messages in this order:

Now getting the access token.
Now authenticating with Xbox Live.
Now getting an Xbox Live Security Token (XSTS).
Now authenticating with Minecraft.
Checking for game ownership.

Up to this point, this should be the messages that you'll if you have at least a microsoft account. However, it doesn't assume that you have a valid copy of Minecraft.

These are the following possibilities that could happen:

  • If you own minecraft, it succeeds and continues.

  • If you don't have minecraft, one of these messages will show:

    Error: product_minecraft item doesn't exist. do you really own the game?
    

    or

    Error: game_minecraft item doesn't exist. do you really own the game?
    

    Typically, it should be the first error.

Now, if the game ownership check succeeds, the next lines from your terminal should be as follows:

Getting game profile.
Congratulations, you authenticated to minecraft from Rust!
access_token=REDACTED username=REDACTED uuid=REDACTED

Of course, replacing REDACTED with the real, respective values.

What this can't do

This program can't:

  • Support skins.
  • Handle errors. If an error occurs while during one of the steps, you'll instead get an esoteric error message, probably from serde complaining that it can't be parsed correctly.

Technical Information

The technical information on how this program works internally can be seen in the (unofficial) Microsoft Authentication Scheme documentation, and also by looking at the source code of this program.

You might also like...
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

OpenSK This repository contains a Rust implementation of a FIDO2 authenticator. We developed this as a Tock OS application and it has been successfull

Extensible, strongly-typed Rust OAuth2 client library

OAuth2 An extensible, strongly-typed implementation of OAuth2 (RFC 6749). Documentation is available on docs.rs. Release notes are available on GitHub

An auth system/library for Rust applications

Rust : Forbidden (WIP) An experimental auth library for Rust applications. Goals This crate is to define a common set of traits and idioms to provide

ROCCA cipher implementation for Rust.

ROCCA for Rust This is a Rust implementation of the ROCCA authenticated cipher, ported from the Zig implementation. ROCCA is key committing, has a 256

RSA implementation in pure Rust

RSA A portable RSA implementation in pure Rust. ⚠️ WARNING: This crate has been audited by a 3rd party, but a full blog post with the results and the

Tools for manipulating JSON Web Tokens, JWS, JWE, and JWK in Rust
Tools for manipulating JSON Web Tokens, JWS, JWE, and JWK in Rust

Rusty JWT Tools A collection of JWT utilities. This repository is part of the source code of Wire. You can find more information at wire.com or by con

A set of Rust libraries to interact with apple's private APIs and servers.

apple-private-apis A set of Rust libraries to interact with apple's private APIs and servers, made for use in SideInstaller. Library Description omnis

SD-JWT Rust Reference Implementation

SD-JWT Rust Reference Implementation This is the reference implementation of the IETF SD-JWT specification written in Rust. Supported version: 6. Note

use your GitHub SSH keys to authenticate to sshd
use your GitHub SSH keys to authenticate to sshd

aeneid If you squint, GitHub is basically a free, zero-ops IdP that provides SSH public keys. Let's use it to authenticate to OpenSSH! What / How? The

Authenticate a tarball through a signed tag in a git repository (with reproducible builds)

auth-tarball-from-git Authenticate a tarball through a signed tag in a git repository (with reproducible builds). The signed git tag contains a hash o

Authenticate the cryptographic chain-of-custody of Linux distributions (like Arch Linux and Debian) to their source code inputs

backseat-signed Authenticate the cryptographic chain-of-custody of Linux distributions (like Arch Linux and Debian) to their source code inputs. This

`decaf377-rdsa` is a randomizable signature scheme using the `decaf377` group.

decaf377-rdsa is a variant of RedDSA, instantiated using the decaf377 group. Signatures are parameterized by domain (for instance, Binding and SpendAu

Xbox live authentication flow for Minecraft with Rust.

MC Auth Xbox live authentication flow for Minecraft in Rust. Why? In order to create tools for Minecraft based on rust that implement the user profile

Rust implementation of the Minecraft authentication server (Yggdrasil)
Rust implementation of the Minecraft authentication server (Yggdrasil)

yggoxide This crate currently implements the REST API for: Service Exposed at Minecraft Production Coverage Yggdrasil authentication / and /authserver

A server software designed for fetching Minecraft and Minecraft-related metadata

Minecraft Metadata Server A server software designed for fetching Minecraft and Minecraft-related metadata (such as Forge, Fabric, Quilt and Liteloade

Pure Rust implementation of the Leighton Micali Signature scheme.

Leighton-Micali Hash-Based Signatures LMS implementation in Rust according to the IETF RFC 8554. This implementation is binary compatible with the ref

A set of cryptographic primitives for building a multi-hop Proxy Re-encryption scheme, known as Transform Encryption.

recrypt A pure-Rust library that implements a set of cryptographic primitives for building a multi-hop Proxy Re-encryption scheme, known as Transform

Apprentice-vscode - a port of @romainl’s excellent Apprentice Vim colour scheme to VS Code
Apprentice-vscode - a port of @romainl’s excellent Apprentice Vim colour scheme to VS Code

Apprentice for VS Code apprentice-vscode is a port of @romainl’s excellent Apprentice Vim colour scheme to VS Code. The theme is available in two vari

The H3 Compressor: A compression scheme tailored for H3 cell indexes.

thc — The H3 Compressor This library allows to compress an H3 cell set into a compacted space-efficient representation. This is especially useful for

Owner
ALinuxPerson
I like programming.
ALinuxPerson
Example application using a Vue frontend with Rust backend that has authentication + authorization.

This project contains a Rust server that serves a single page application and has authentication + JWT-based authorization.

null 43 Dec 9, 2022
vault client using jwt authentication that define environment variables from vault secrets before executing into something else

envlt envlt, like env, allows you to define environment variables and then execute into something else, but instead of static values, it uses using si

Eric Burghard 6 Nov 13, 2022
Rust library for HTTP authentication. Parses challenge lists, responds to Basic and Digest challenges. Likely to be extended with server support and additional auth schemes.

Rust library for HTTP authentication. Parses challenge lists, responds to Basic and Digest challenges. Likely to be extended with server support and a

Scott Lamb 3 Jun 10, 2022
Fast, simple and REST compliant file-server with public/private key authentication written in Rust

stormi Stormi is a fast and simple file-server with public/private key authentication How does it work? Stormi accepts multipart/form-data form with m

Polygon 2 Dec 8, 2022
🔥 Firebase authentication for Rust 🦀

Fire Auth Rust wrapper for Firebase Authentication REST API Installation Add the following to Cargo.toml: fireauth = "0.1.5" How to use First you need

UwU 11 Nov 12, 2022
A HTTP Filter checking for OIDC Authentication, made for Envoy Plugins, written in Rust

WASM OIDC Plugin A plugin for Envoy written in Rust. It is a HTTP Filter, that implements the OIDC Authorization Code Flow. Requests sent to the filte

Anton Engelhardt 5 Jul 7, 2023
An implementation for an authentication API for Rocket applications.

rocket_auth rocket_auth provides a ready-to-use backend agnostic API for authentication management. For more information visit the documentation at ht

null 62 Dec 19, 2022
Authorization Server with Rust using Tonic

authorization-server Authorization Server with Rust using Tonic. Function implemented User registration and profile store Change password Login Token

sora 3 Oct 5, 2021
JWT lib in rust

jsonwebtoken API documentation on docs.rs See JSON Web Tokens for more information on what JSON Web Tokens are. Installation Add the following to Carg

Vincent Prouillet 1.1k Jan 3, 2023
A paseto implementation in rust.

Paseto Rust Paseto is everything you love about JOSE (JWT, JWE, JWS) without any of the many design deficits that plague the JOSE standards. This is d

Instructure, Inc. 145 Nov 7, 2022