search

BuddyGG / buddy_matching

Somewhat generic player matching service built with Elixir and Phoenix
https://www.buddy.gg
GNU Affero General Public License v3.0
64 stars 7 forks source link

Update Fortnite authentication #151

Closed ecly closed 5 years ago

ecly commented 5 years ago

A couple of days ago Fortnite updated their authentication for the API.

See this commit for changes: https://github.com/Terbau/fortnitepy/commit/24db7763c3bd94374712d3abbbbb3c27ab81df91

or the discussion here: https://github.com/qlaffont/fortnite-api/issues/192

ecly commented 5 years ago

Here is another example of the new login flow: https://gist.github.com/iXyles/ec40cb40a2a186425ec6bfb9dcc2ddda

iXyles commented 5 years ago

Information: The commit changes for fortnitepy is a bad way of doing it. Terbau only did it mean while I was working/figuring out how to use the new auth flow. He has changed to the same auth flow as you linked above which was made in C#

Here is another example of it but in Py by Terbau: https://gist.github.com/Terbau/9a07849fb30c0232af730265c327e27c

PomegranateApps commented 5 years ago

Thank you for this additional information. I tried the fortnite-basic-api and it does work but I'm unable to replicate the request for the exchange code. I'm working on a limited environment and the fortnite-basic-api requires a lot of modules.

This is my request for the exchange code. It looks identical to the fortnite-basic-api.

{ hostname: 'www.epicgames.com',
  path: '/id/api/exchange',
  method: 'GET',
  json: true,
  headers:
   { 'Content-Type': 'application/json',
     'x-xsrf-token': '...' }
}

I'm getting this error after I make this request.

{ errorCode: 'errors.com.epicgames.unauthorized',
  message: 'You are not authenticated. Please authenticate.' }

I'm able to login successfully using the login endpoint. Is there another step I'm supposed to do before making this request?

iXyles commented 5 years ago

As demostrate in the C# example, we also need to pass on the cookie to the other two requests.

This is done behind the scene in my node library in the requester :)

So, csrf > cookie& xsrf (login) > cookie & xsrf (Exchange)

PomegranateApps commented 5 years ago

Ok, thank for letting me know! I really appreciate the information. This updated login flow is much more complicated than the previous one.

ecly commented 5 years ago

Thanks for the information guys - I'll presumably update our AccessServer for this new flow within a few days, if anyone cares for an Elixir implementation.

psykodead commented 4 years ago

I dont care of comments deleted (again and again) or of your answer or of u anyway, Check my twiter 4 c GLITCHS in Epic fails games AND GLITCH THAT REST 10 YEARS AFTHER THE GAME WAS BUILD (starcraft2) what will happen to UT4 the Epic fail twitter.com/psykodead hxxps://twitter.com/psykodead twitter:com/psykodead