LeleDerGrasshalmi / FortniteEndpointsDocumentation

Fortnite & Epic Games Unofficial API Documentation
259 stars 70 forks source link

QueryProfile #324

Closed ad1txx1 closed 2 weeks ago

ad1txx1 commented 2 weeks ago

Issue Checklist

What is the Request Method?

POST

What is the Request URL?

https://fngw-mcp-gc-livefn.ol.epicgames.com/fortnite/api/game/v2/profile/fbec52b969644409a011a18851311dd6/client/common_public

What are your Request Headers (if applicable)?

authorization bearer

What are your Request Payload/Body (if applicable)?

nil

What is the Response Status Code?

403

What are the Response Headers (if applicable)?

No response

What is the Response Content? (if applicable)

{ "errorCode" : "errors.com.epicgames.common.missing_permission", "errorMessage" : "Sorry your login does not posses the permissions 'fortnite:profile:accountId:commands ALL' needed to perform the requested operation", "messageVars" : [ "fortnite:profile:accountId:commands", "ALL" ], "numericErrorCode" : 1023, "originatingService" : "fortnite", "intent" : "prod-live" }

Additional Context (if applicable)

No response

LeleDerGrasshalmi commented 2 weeks ago

seems like you are not using an account id, or not fortnite user auth for that account

ad1txx1 commented 2 weeks ago

seems like you are not using an account id, or not fortnite user auth for that account

i am but i removed it and replace with "accountId" for privacy reasons

also tried to create exchange code (https://account-public-service-prod.ol.epicgames.com/account/api/oauth/exchange) and getting the same error (raw):

{"errorCode":"errors.com.epicgames.common.missing_permission","errorMessage":"Sorry your login does not posses the permissions 'account:oauth:exchangeTokenCode CREATE' needed to perform the requested operation","messageVars":["account:oauth:exchangeTokenCode","CREATE"],"numericErrorCode":1023,"originatingService":"com.epicgames.account.public","intent":"prod"}

ad1txx1 commented 2 weeks ago

seems like you are not using an account id, or not fortnite user auth for that account

i am but i removed it and replace with "accountId" for privacy reasons

also tried to create exchange code (https://account-public-service-prod.ol.epicgames.com/account/api/oauth/exchange) and getting the same error (raw):

{"errorCode":"errors.com.epicgames.common.missing_permission","errorMessage":"Sorry your login does not posses the permissions 'account:oauth:exchangeTokenCode CREATE' needed to perform the requested operation","messageVars":["account:oauth:exchangeTokenCode","CREATE"],"numericErrorCode":1023,"originatingService":"com.epicgames.account.public","intent":"prod"}

i fixed this but still didnt fix this: POST https://fngw-mcp-gc-livefn.ol.epicgames.com/fortnite/api/game/v2/profile/fbec52b969644409a011a18851311dd6/client/common_public

autorization bearer eg1~token (in headers)

payload:

dataP := map[string]interface{}{
            "grant_type":    "exchange_code",
            "exchange_code": respCode.Code,
            "token_type":    "eg1",
        }

error:

{
  "errorCode" : "errors.com.epicgames.common.missing_permission",
  "errorMessage" : "Sorry your login does not posses the permissions 'fortnite:profile:fbec52b969644409a011a18851311dd6:commands ALL' needed to perform the requested operation",
  "messageVars" : [ "fortnite:profile:fbec52b969644409a011a18851311dd6:commands", "ALL" ],
  "numericErrorCode" : 1023,
  "originatingService" : "fortnite",
  "intent" : "prod-live"
}
ad1txx1 commented 2 weeks ago

i also tried using the normal EPIC_BEARER_TOKEN, not eg1 but still doesnt work.

i also tried with an empty payload and still the same error

LeleDerGrasshalmi commented 2 weeks ago

i also tried using the normal EPIC_BEARER_TOKEN, not eg1 but still doesnt work.

EPIC_BEARER_TOKEN is used as a cookie, not for normal service authentication.

that perm above shows you are either using the wrong account id (must be your own), are not using fortnite auth.

may share your oauth /token request basic auth.

ad1txx1 commented 2 weeks ago

i also tried using the normal EPIC_BEARER_TOKEN, not eg1 but still doesnt work.

EPIC_BEARER_TOKEN is used as a cookie, not for normal service authentication.

that perm above shows you are either using the wrong account id (must be your own), are not using fortnite auth.

may share your oauth /token request basic auth.

i am using the same account id shown on the epic games personal page (unless we're talking about another account id?), im using the eg1 bearer in headers but still the perm error.

LeleDerGrasshalmi commented 2 weeks ago

The account is you are using is different from the account you are using to authenticate, that's your issue.

ad1txx1 commented 2 weeks ago

its not, im using the bearer for the same accountId im passing in the API image

LeleDerGrasshalmi commented 2 weeks ago

I mean, the error is very clear, you are doing something wrong.

ad1txx1 commented 2 weeks ago

I mean, the error is very clear, you are doing something wrong.

headersE := map[string]string{
            "accept":                    "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
            "accept-encoding":           "gzip, deflate, br, zstd",
            "accept-language":           "en-US,en;q=0.9",
            "cache-control":             "max-age=0",
            "priority":                  "u=0, i",
            "sec-ch-ua":                 `"Google Chrome";v="129", "Not=A?Brand";v="8", "Chromium";v="129"`,
            "sec-ch-ua-mobile":          "?0",
            "sec-ch-ua-platform":        `"Windows"`,
            "sec-fetch-dest":            "document",
            "sec-fetch-mode":            "navigate",
            "sec-fetch-site":            "none",
            "sec-fetch-user":            "?1",
            "upgrade-insecure-requests": "1",
            "X-XSRF-Token":              xsrfToken,
            "user-agent":                "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36",
            "Authorization":             bearer,
        }

        reqE, err := http.NewRequest("GET", "https://account-public-service-prod.ol.epicgames.com/account/api/oauth/exchange", nil)
        if err != nil {
            fmt.Println(err)
        }

        for k, v := range headersE {
            reqE.Header.Set(k, v)
        }

        if proxyURL != nil {
            client.Transport.(*http.Transport).Proxy = http.ProxyURL(proxyURL)
        }

        respE, err := client.Do(reqE)
        if err != nil {
            fmt.Println(err)
        }

        defer func() {
            io.Copy(io.Discard, respE.Body)
            respE.Body.Close()
        }()

        contentEncoding2 := respE.Header.Get("Content-Encoding")
        bodyStrE, err := decompressBody(respE.Body, contentEncoding2)
        if err != nil {
            errorss++
        }

        var respCode Response
        err = json.Unmarshal([]byte(bodyStrE), &respCode)
        if err != nil {
            fmt.Println(err)
        }

        fmt.Println(respCode.Code)

        fmt.Println(bodyStrE)
        //fmt.Println(respE.Cookies())

        headersP := map[string]string{
            "Accept":                "application/json, text/plain, */*",
            "Accept-Encoding":       "gzip, deflate, br, zstd",
            "Accept-Language":       "en-US",
            "Content-Type":          "application/json",
            "Origin":                "https://www.twinmotion.com",
            "Priority":              "u=1, i",
            "Referer":               "https://www.twinmotion.com/id/register?redirect_uri=https%3A%2F%2Fwww.twinmotion.com%2Fen-US%2F&client_id=4f5e975e1b4c4b5caca20f70daa90c17&lang=en-US",
            "Sec-CH-UA":             `"Brave";v="129", "Not=A?Brand";v="8", "Chromium";v="129"`,
            "Sec-CH-UA-Mobile":      "?0",
            "Sec-CH-UA-Platform":    `"Windows"`,
            "Sec-Fetch-Dest":        "empty",
            "Sec-Fetch-Mode":        "cors",
            "Sec-Fetch-Site":        "same-origin",
            "Sec-GPC":               "1",
            "User-Agent":            "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36",
            "X-Epic-Access-Key":     "undefined",
            "X-Epic-Client-ID":      "4f5e975e1b4c4b5caca20f70daa90c17",
            "X-Epic-Display-Mode":   "web",
            "X-Epic-Duration":       "23764",
            "X-Epic-Event-Action":   "register",
            "X-Epic-Event-Category": "register",
            "X-Epic-Flow":           "register",
            "X-Epic-Platform":       "WEB",
            "X-Epic-Strategy-Flags": "isolatedTestFlagEnabled=false",
            "X-Requested-With":      "XMLHttpRequest",
            "X-XSRF-Token":          xsrfToken,
            "Authorization":         bearer,
        }

        dataP := map[string]interface{}{
            "grant_type":    "exchange_code",
            "exchange_code": respCode.Code,
            "token_type":    "eg1",
        }

        jsonData, err := json.Marshal(dataP)
        if err != nil {
            fmt.Println(err)
        }

        reqP, err := http.NewRequest("POST", "https://fngw-mcp-gc-livefn.ol.epicgames.com/fortnite/api/game/v2/privacy/account/fbec52b969644409a011a18851311dd6", bytes.NewBuffer(jsonData))
        if err != nil {
            fmt.Println(err)
            errorss++
        }

        for k, v := range headersP {
            reqP.Header.Add(k, v)
        }

        if proxyURL != nil {
            client.Transport.(*http.Transport).Proxy = http.ProxyURL(proxyURL)
        }

is there anything wrong here? the first request for the exchange code works, and it gives me an exchange code, but on the second one theres still the error. im using the bearer for the correct client id:

image

LeleDerGrasshalmi commented 2 weeks ago

there is so much 'wrong' here, why the heck are you using browser request headers here?? why is there an xsrf token?

why are you using twinmotion web request headers

doesnt make any sense & you did NOT include the basic auth u are using

ad1txx1 commented 2 weeks ago

there is so much 'wrong' here, why the heck are you using browser request headers here?? why is there an xsrf token?

why are you using twinmotion web request headers

doesnt make any sense & you did NOT include the basic auth u are using

well its the same with or without headers but i finally fixed it. although now im getting this:

{
  "errorCode" : "errors.com.epicgames.fortnite.operation_not_found",
  "errorMessage" : "Operation campaign not valid",
  "messageVars" : [ "campaign" ],
  "numericErrorCode" : 16035,
  "originatingService" : "fortnite",
  "intent" : "prod-live"
}

this is the request:

reqP, err := http.NewRequest("POST", "https://fngw-mcp-gc-livefn.ol.epicgames.com/fortnite/api/game/v2/profile/8e2e55d4e5884cab869bd802d0a17508/client/campaign", bytes.NewBuffer(jsonData))
        if err != nil {
            fmt.Println(err)
            errorss++
        }
LeleDerGrasshalmi commented 2 weeks ago

thats because your request url is wrong, please read the docs

https://github.com/LeleDerGrasshalmi/FortniteEndpointsDocumentation/blob/main/EpicGames/FN-Service/Game/Profile/README.md#request

ad1txx1 commented 2 weeks ago

https://fngw-mcp-gc-livefn.ol.epicgames.com/fortnite/api/game/v2/profile/8e2e55d4e5884cab869bd802d0a17508/client/athena?profileId=athena&rvn=-1

is this right?

LeleDerGrasshalmi commented 2 weeks ago

no, follow the linked docs.

ad1txx1 commented 2 weeks ago

no, follow the linked docs.

{ "errorCode" : "errors.com.epicgames.modules.profiles.invalid_payload", "errorMessage" : "Unable to parse command com.epicgames.fortnite.core.game.commands.QueryProfile. Could not deserialize payload for com.epicgames.fortnite.core.game.commands.QueryProfile", "messageVars" : [ "com.epicgames.fortnite.core.game.commands.QueryProfile", "Could not deserialize payload for com.epicgames.fortnite.core.game.commands.QueryProfile" ], "numericErrorCode" : 12806, "originatingService" : "fortnite", "intent" : "prod-live" }

LeleDerGrasshalmi commented 2 weeks ago

you do not follow the docs.

image

ad1txx1 commented 2 weeks ago

ok i thought it meant empty as in no payload. thanks for all the patience and help <3