Last active
November 7, 2024 03:48
-
-
Save air/01dc784a18b8c1c9dbcb9514b38c04ee to your computer and use it in GitHub Desktop.
Let's use the Realms API to download our world backup!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # you need httpie (apt-get install httpie) | |
| # you need to replace <these things> with your details | |
| # run with 'source' to export vars to your shell for experimentation | |
| # 1. authenticate to get an access token | |
| auth_server=https://authserver.mojang.com | |
| user=<your login email> | |
| password=<your account password> | |
| client_token=any-constant-string | |
| # log in | |
| response=$(http POST ${auth_server}/authenticate username=${user} password=${password} clientToken=${client_token} agent:='{"name": "Minecraft", "version": 1}') | |
| # strip double quotes | |
| access_token=$(echo ${response} | jq .accessToken | sed 's/"//g') | |
| # 2. Utility: validate an access token is still valid | |
| # http POST ${auth_server}/validate accessToken=${access_token} clientToken=${client_token} | |
| # 3. Utility: refresh the token, getting a new accessToken without having to give password | |
| # http POST ${auth_server}/refresh accessToken=${access_token} clientToken=${client_token} | |
| # 4. access Realms! | |
| # server. Note the real Minecraft client uses pc.realms.minecraft.net | |
| realms_server=https://pc.realms.minecraft.net | |
| # your UUID from https://mcuuid.net, I believe the trimmed version is correct | |
| uuid=<your trimmed UUID> | |
| # your username, e.g. notch | |
| user_id=<your username> | |
| # Minecraft version | |
| version=1.11.2 | |
| # is this user allowed to access Realms? see http://wiki.vg/Realms_API | |
| http --verbose GET ${realms_server}/mco/available "Cookie:sid=token:${access_token}:${uuid};user=${user_id};version=${version}" |
Tried to translate this to python, got 403 forbidden?
username = input('starting first time setup\nenter your username:')
email = input('enter your mojang account email (this information is only sent to mojang, i never see it)\n')
password = input('enter your mojang account password\n')
clientauth = input('enter a client token (this is like a password, treat\nit like one, preferably \nno spaces or special characters)\n')
response = requests.post(url='https://authserver.mojang.com/authenticate', cookies={'username': username, 'password': password, 'clientToken': clientauth, 'agent': '{"name": "Minecraft", "version": 1}'})
print(response)
Tried to translate this to python, got 403 forbidden?
One observation, the POST to authserver (line 15 in my gist) doesn't use cookies (like you're doing). I think it's just URL params. Only the GET to Realms uses cookies.
For those who may want to know, bedrock's endpoint is: https://bedrock.realms.minecraft.net/
Are you sure? I'm getting an ENOTFOUND Error when I try to use that. pocket.realms.minecraft.net however does at least return my requests, so I'd expect this one to be the correct endpoint.
Any way to use this with the recent Microsoft changeover? App passwords or something?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is now fixed, thanks to Brian McCullom who located the new server at
pc.realms.minecraft.net.