Ability to login without WebView2 dependency

[LosTigeros]

Hey!

Would you write an ability in future so instead of creating window and using WebView2 you just:

1. Create a local http server
2. Open the login url in default browser with redirect_uri pointing to the local http server
3. After user logs in, parse request you get on local http server with code param.
4. Close local http server
5. Do the rest stuff for getting user tokens

This behavior is better because many users doesn't have WebView2 runtime installed on their PC's and we don't have to ask them to install it first just to use it once.

Greetings, Patryk.

[AlphaBs]

Thank you for suggestion! This feature will be added in the next version.

[AlphaBs]

Minecraft does not allow Minecraft to login in browser. The default client id of minecraft is 00000000402B5328, It only allows oauth20_desktop.srf, which is for desktop applications.

So, we need to registry our own client ID. I'm trying to several client ids to login in xbox, but nothing succeeded.

[LosTigeros]

Hmm, we could temporarily register this url handler in registry And open the url without redirect_uri query parameter or with it set like that (in case they change the default action). After logging in it should open the app that is registered to handle this url handler by redirecting to this url

ms-xal-00000000402b5328://auth/?code=M.XX_XXX.user-access-token

If user cancels logging in it'll redirect to

ms-xal-00000000402b5328://auth/?error=access_denied&error_description=The%20user%20has%20denied%20access%20to%20the%20scope%20requested%20by%20the%20client%20application

This will pop up then:

Changes in registry:

• New (sub)key: HKEY_CLASSES_ROOT\ms-xal-00000000402b5328 On this subkey:
  • SetValue(null, "URL:Custom Auth Handler or launcher name");
  • SetValue("URL Protocol", "");
• New (sub)key: HKEY_CLASSES_ROOT\ms-xal-00000000402b5328\DefaultIcon On this subkey:
  • SetValue(null, string.Format("{0}{1},1{0}", (char)34, Application.ExecutablePath));
• New (sub)key: HKEY_CLASSES_ROOT\ms-xal-00000000402b5328\shell
• New (sub)key: HKEY_CLASSES_ROOT\ms-xal-00000000402b5328\shell\open
• New (sub)key: HKEY_CLASSES_ROOT\ms-xal-00000000402b5328\shell\open\command: On this subkey:
  • SetValue(null, string.Format("{0}{1}{0} {0}%1{0}", (char)34, Application.ExecutablePath));

Or simply just create an app on Azure and use own client ID 🤣

[MelonHell]

I kind of did the first stage of authorization. I know the quality of the code is terrible. but I think this will help you understand how to do next

https://pastebin.com/MDcHCGkM

you can test it with clientid d827de77-7896-41ee-b446-c3f0684a8c53 and port 19722

[AlphaBs]

I'm going to make new library with MSAL. It' better to use Microsoft's library rather than to make our own login logics. It also can unify all platform in one library without platform-specific codes and dependencies. (no webview2, no registry, no Net.HttpListener)

[AlphaBs]

add new library: CmlLib.Core.Auth.Microsoft.MsalClient