sammko
commented
3 years ago Open sammko opened 3 years ago
sammko
commented
3 years ago sammko
commented
3 years ago The plans of Mojang to release a solution for 3rd party launchers are, as far as i can tell, dead. The wording on the FAQ page has changed from Wait for further information to " Build and use third-party launchers at your own risk". MultiMC discord also has some information supporting this.
Will still probably wait to see how MultiMC does it, but it is likely that a proper solution will require backend infrastructure to hold the MSA private key. (Or abuse the infra that the official launcher uses, but that is probably a bad idea)
sammko
commented
3 years ago Idea: add an option for pulling the accessToken from the vanilla launcher. I think it can then be refreshed normally? This would require the user to login once using the vanilla launcher. It might be an okay compromise before implementing a proper solution.
Lukasz825700516
commented
2 years ago Hi, are there any plans on implementing new login system into picomc in nerby feature?
sammko
commented
2 years ago Sorry, no concrete timeline at this point
sammko
commented
2 years ago I did some research, we can use the device code flow, which seems the easiest to implement (no need to listen for a redirect callback) and also does not require use of the client_secret. The process would be as follows:
picomc account authenticate <name>. This would give the user a link, currently https://www.microsoft.com/link and the code to enter there.picomc can either periodically check the /token endpoint to see if the user has finished the flow, or just wait until the user confirms in the CLI that picomc can continue the flow. This returns an access_token and a refresh_token. The access_token is only valid for a short time (1 hour?), so the refresh_token needs to be stored to be able to get a new pair.access_token is used to get an XBL tokenThis flow doesn't require the Microsoft account to actually own the game, we can check that separately to warn the user.
I wanted to rewrite the account handling code first though, it's not very nice. I would like to have a look at this in the somewhat near future. I've just migrated my own account to be able to test this, so that's some motivation.
sammko
commented
2 years ago So it's in master now. A question which remains is whether storing the refresh_token on disk in plaintext is a good idea. It can be used at any time to acquire a valid access_token for the microsoft account to the given scopes (XboxLive.signin)
sammko
commented
2 years ago FWIW MultiMC does store the refresh_token on disk.
sammko
commented
2 years ago Support in picomc play should be added.
Fabian42
commented
1 year ago Is this issue related to not being able to chat in 1.19.1+ or should I create a new issue for that?
sammko
commented
1 year ago Have you used the prototypepicomc account create --ms accountName functionality to log in? accountName can be anything, it's just for picomc to refer to the account.
Fabian42
commented
1 year ago Yes, I did. Everything else works fine, just chat encryption seems to not get initialised properly. To be fair, Vanilla also has a couple bugs with that, but those usually get resolved by restarting the game. PojavLauncher (on Android) has the same issue as picomc. I'm using picomc play, would picomc instance launch work? I can test that probably in ~1½ days, as well as giving you the exact error message, if you need it.
sammko
commented
1 year ago Did a quick test, don't seem to have any issues. After creating the account, you also need to authenticate it, using picomc account authenticate accountName. This will give you a device code and a link to the microsoft device auth flow. Chat should work after that.
It's a bit rough around the edges and that's why this issue is still open.
Fabian42
commented
1 year ago "Chat disabled due to missing profile public key. Please try reconnecting."
And yes, I went through that procedure, otherwise I wouldn't be able to connect to the server anyway.
https://www.minecraft.net/en-us/article/java-edition-moving-house. Currently waiting for technical details, closely watching any development over at MultiMC.