-
-
Save iXyles/ec40cb40a2a186425ec6bfb9dcc2ddda to your computer and use it in GitHub Desktop.
| using System; | |
| using System.Linq; | |
| using System.Net; | |
| using Newtonsoft.Json; | |
| using RestSharp; | |
| namespace FNFlowAuthNETCore | |
| { | |
| public class EpicFortniteAuthFlow | |
| { | |
| static void Main(string[] args) | |
| { | |
| new EpicFortniteAuthFlow(); | |
| } | |
| public EpicFortniteAuthFlow() | |
| { | |
| var email = ""; | |
| var password = ""; | |
| Console.WriteLine(GetOAuthToken(email, password)); | |
| Console.ReadKey(); | |
| } | |
| public string GetOAuthToken(string email, string password, CookieContainer cookieJar = null, string authMethod = null) | |
| { | |
| if (cookieJar == null) | |
| cookieJar = new CookieContainer(); | |
| var client = new RestClient("https://www.epicgames.com/id/api/") | |
| { | |
| CookieContainer = cookieJar | |
| }; | |
| var csrfRes = client.Execute(new RestRequest("csrf", Method.GET)); | |
| var token = csrfRes.Cookies.First(x => x.Name == "XSRF-TOKEN").Value; | |
| var loginRequest = new RestRequest(!string.IsNullOrEmpty(authMethod) ? "login/mfa" : "login", Method.POST) | |
| .AddHeader("Content-Type", "application/x-www-form-urlencoded") | |
| .AddHeader("x-xsrf-token", token); | |
| if (!string.IsNullOrEmpty(authMethod)) | |
| { | |
| try | |
| { | |
| Console.Write("Two factor detected, write the 6 number code from 2FA: "); | |
| var authKey = Int32.Parse(Console.ReadLine()); | |
| var twoStep = client.Execute(loginRequest | |
| .AddParameter("code", authKey) | |
| .AddParameter("method", authMethod) | |
| .AddParameter("rememberDevice", false)); | |
| if (twoStep.StatusCode == HttpStatusCode.BadRequest) | |
| return "WRONG AUTHENTICATED 2AUTH KEY"; | |
| } | |
| catch (Exception) | |
| { | |
| return "WRONG AUTHENTICATED 2AUTH KEY"; | |
| } | |
| } | |
| else | |
| { | |
| IRestResponse loginRes = client.Execute(loginRequest | |
| .AddParameter("email", email) | |
| .AddParameter("password", password) | |
| .AddParameter("rememberMe", true)); | |
| if (loginRes.StatusCode == HttpStatusCode.Conflict) | |
| return GetOAuthToken(email, password, cookieJar); | |
| if (loginRes.StatusCode == HttpStatusCode.RequestHeaderFieldsTooLarge) | |
| return GetOAuthToken(email, password, cookieJar, (string) JsonConvert.DeserializeObject<dynamic>(loginRes.Content)["metadata"].twoFactorMethod); | |
| } | |
| var exchangeRes = client.Execute( | |
| new RestRequest("exchange", Method.POST) | |
| .AddHeader("x-xsrf-token", token)); | |
| var oauthClient = new RestClient("https://account-public-service-prod03.ol.epicgames.com/account/api/oauth/token"); | |
| var oauthRes = oauthClient.Execute( | |
| new RestRequest(Method.POST) | |
| .AddHeader("Content-Type", "application/x-www-form-urlencoded") | |
| .AddHeader("Authorization", "basic MzQ0NmNkNzI2OTRjNGE0NDg1ZDgxYjc3YWRiYjIxNDE6OTIwOWQ0YTVlMjVhNDU3ZmI5YjA3NDg5ZDMxM2I0MWE=") | |
| .AddParameter("grant_type", "exchange_code") | |
| .AddParameter("exchange_code", JsonConvert.DeserializeObject<dynamic>(exchangeRes.Content)["code"]) | |
| .AddParameter("includePerms", true) | |
| .AddParameter("token_type", "eg1")); | |
| return JsonConvert.DeserializeObject<dynamic>(oauthRes.Content)["access_token"]; | |
| } | |
| } | |
| } |
Hello Marcus.
I was searching Google to find a snippet for Epic Games web-based authentication and i came across your Github. I tried to copy exactly what you had but I'm getting an error saying that Authorization code was not found or is invalid. I would really appreciate it if you can help me with this issue. I just don't understand where i need to get the Authorization code. I have been told that it's base64 of client id and client secret. Below is my snippet. Any help is appreciate it.
var credentials = Convert.ToBase64String(Encoding.ASCII.GetBytes(CLIENT_ID:CLIENT_SECRET));
var oauthClient = new RestClient(https://api.epicgames.dev/epic/oauth/v1/token);
var oauthRes = oauthClient.Execute(
new RestRequest(Method.POST)
.AddHeader("Content-Type", "application/x-www-form-urlencoded")
.AddHeader("Host", "api.epicgames.dev")
.AddHeader("Authorization", "Basic "+ credentials)
.AddParameter("grant_type", "authorization_code")
.AddParameter("deployment_id", "a5aa686defa64131b1edc48c31b40d1a")
.AddParameter("scope", "basic_profile")
.AddParameter("code", code)
.AddParameter("redirect_uri", "https://test:44300/EOSAuth"));
var res = JsonConvert.DeserializeObject<dynamic>(oauthRes.Content);
Sorry, I am not fully sure that I understand your use-case of what you are trying to do. This is an old gist of how you did it earlier in an easy way. I am not planning to create a gist/version of what you are trying to do above.
var credentials = Convert.ToBase64String(Encoding.ASCII.GetBytes(CLIENT_ID:CLIENT_SECRET));
Client_ID + CLIENT_SECRET both code are stored in binary,
but luckily I can read base64 decode and this is what it looks like:
Authorization Header is present: basic MzQ0NmNkNzI2OTRjNGE0NDg1ZDgxYjc3YWRiYjIxNDE6OTIwOWQ0YTVlMjVhNDU3ZmI5YjA3NDg5ZDMxM2I0MWE= code is above..
Decoded Username:Password= 3446cd72694c4a4485d81b77adbb2141:9209d4a5e25a457fb9b07489d313b41a
so ez..
I'm having difficulty implementing this for myself but I did verify the changes you made are working. Thanks for making an update!
/id/api/csrfand getXSRF-TOKEN/id/api/loginand set 'x-xsrf-token' token in header and cookie from #1errors.com.epicgames.accountportal.session_invalidatedon first call/id/api/csrfand get the newXSRF-TOKENand cookie/id/api/loginand set 'x-xsrf-token' to token in header and cookie from #4I just keep getting the
errors.com.epicgames.accountportal.session_invalidatederror.