ismaileke/MicrosoftBedrockAuthenticationScheme.php

## MicrosoftBedrockAuthenticationScheme.php
<?php

  MinecraftNintendoSwitch: '00000000441cc96b'
  MinecraftPlaystation: '000000004827c78e'
  MinecraftAndroid: '0000000048183522' // we use this
  MinecraftJava: '00000000402b5328'
  MinecraftIOS: '000000004c17c01a'
  XboxAppIOS: '000000004c12ae6f'
  XboxGamepassIOS: '000000004c20a908'

PrivateKey = openssl_pkey_new([
    'curve_name' => 'prime256v1',
    'private_key_type' => OPENSSL_KEYTYPE_EC,
    'private_key_bits' => 384
]);

openssl_pkey_export(PrivateKey, PrivateKeyPEM);

PrivKeyDetails = openssl_pkey_get_details(PrivateKey);
PublicKey = openssl_pkey_get_public(PrivKeyDetails['key']);
PublicKeyDetails = openssl_pkey_get_details(PublicKey);
X = JwtUtils::b64UrlEncode(PublicKeyDetails['ec']['x']);
Y = JwtUtils::b64UrlEncode(PublicKeyDetails['ec']['y']);


LINK: "https://login.live.com/oauth20_connect.srf" // Xbox Live Device Code Request
Headers = [
    'Content-Type: application/x-www-form-urlencoded',
    'Accept-Language: tr' // you can edit
]
Body = [
    'client_id' => '0000000048183522',
    'scope' => 'service::user.auth.xboxlive.com::MBI_SSL',
    'response_type' => 'device_code'
]

RESPONSE CODE CONTENT -> {'user_code', 'device_code', 'verification_uri', 'expires_in', 'interval', 'message'}
print("You can verify by entering the code " . RESPONSE CODE['user_code'] . " from " . RESPONSE CODE['verification_uri'] . ".\n")


while(true) {                                   // In the loop, wait for the user to log in to their microsoft account from the site.

    LINK: "https://login.live.com/oauth20_token.srf" // Xbox Live Token Request
    Headers = [
        'Content-Type: application/x-www-form-urlencoded',
    ]
    Body = [
        'grant_type' => 'urn:ietf:params:oauth:grant-type:device_code',
        'client_id' => "0000000048183522",
        'device_code' => RESPONSE CODE['device_code']
    ]

    RESPONSE CODE CONTENT ->
        // If error = authorization_pending, wait
        IF THERE IS ERROR {'error': ['authorization_pending' or 'invalid_grant' or 'authorization_declined' or 'bad_verification_code' or 'expired_token']}
        IF THERE IS NO ERROR    var TokenData = {'tokenType': 'bearer', 'expires_in': '86400', 'scope': 'service::user.auth.xboxlive.com::MBI_SSL', 'access_token': '...', 'refresh_token': '...', 'user_id'}
        break loop      // Store TokenData
}


LINK: "https://device.auth.xboxlive.com/device/authenticate" // Xbox Device Auth
Body = [
    "Properties" => [
        "AuthMethod" => "ProofOfPossession",
        "DeviceType" => "Android",
        "Id" => "{" . GENERATE_RANDOM_UUID . "}", // i guess you have to generate random uuid
        "ProofKey" => [
            "crv" => "P-256",
            "alg" => "ES256",
            "use" => "sig",
            "kty" => "EC",
            "x" => X,
            "y" => Y
        ],
        "Version" => "10" // Android Version
    ],
    "RelyingParty" => "http://auth.xboxlive.com",
    "TokenType" => "JWT"
];
Headers = [
    "x-xbl-contract-version: 1",
    "Signature: " . signature(Body, PrivateKey)
];

RESPONSE DATA CONTENT -> {"IssueInstant", "NotAfter", "Token", "DisplayClaims": ["xdi": ["did", "dcs"]]}
DeviceToken = RESPONSE DATA["Token"]


LINK: "https://sisu.xboxlive.com/authorize" // Sisu Authorize
Body = [
    "AccessToken" => "t=" . TokenData["access_token"],
    "AppId" => "0000000048183522",
    "deviceToken" => DeviceToken,
    "Sandbox" => "RETAIL",
    "UseModernGamertag" => true,
    "SiteName" => "user.auth.xboxlive.com",
    "RelyingParty" => "https://multiplayer.minecraft.net/",
    "ProofKey" => [
    "crv" => "P-256",
    "alg" => "ES256",
    "use" => "sig",
    "kty" => "EC",
    "x" => X,
    "y" => Y
    ]
]
Headers = [
    "x-xbl-contract-version: 1",
    "Signature: " . signature(Body, privateKey)
]

RESPONSE DATA CONTENT -> {'DeviceToken': '...', 'TitleToken': ['DisplayClaims': [...], 'IssueInstant', 'NotAfter', 'Token'], 'UserToken': ['DisplayClaims': [...], 'IssueInstant', 'NotAfter', 'Token'], 'AuthorizationToken': ['DisplayClaims': ['xui': [0: ['uhs': 'intData']]], 'IssueInstant', 'NotAfter', 'Token'], 'WebPage', 'Sandbox': 'RETAIL', 'UseModernGamerTag': true, 'Flow': ''}

XBOXUserID = RESPONSE DATA['AuthorizationToken']['DisplayClaims']['xui'][0]['uhs']
AuthToken = RESPONSE DATA['AuthorizationToken']['Token']


LINK: "https://multiplayer.minecraft.net/authentication" // Bedrock Auth
Body = [
    'identityPublicKey' => base64_encode(JwtUtils::emitDerPublicKey(privateKey)) privateKey-> ('curve_name' => 'secp384r1', 'private_key_type' => OPENSSL_KEYTYPE_EC)
]
Headers = [
    'Content-Type: application/json',
    'User-Agent: MCPE/Android',
    'Client-Version: 1.21.2', // change
    'Authorization: XBL3.0 x=' . XBOXUserID . ';' . AuthToken
]

RESPONSE DATA CONTENT -> {'chain': [0: '...', 1: '...']}
	<?php

	MinecraftNintendoSwitch: '00000000441cc96b'
	MinecraftPlaystation: '000000004827c78e'
	MinecraftAndroid: '0000000048183522' // we use this
	MinecraftJava: '00000000402b5328'
	MinecraftIOS: '000000004c17c01a'
	XboxAppIOS: '000000004c12ae6f'
	XboxGamepassIOS: '000000004c20a908'

	PrivateKey = openssl_pkey_new([
	'curve_name' => 'prime256v1',
	'private_key_type' => OPENSSL_KEYTYPE_EC,
	'private_key_bits' => 384
	]);

	openssl_pkey_export(PrivateKey, PrivateKeyPEM);

	PrivKeyDetails = openssl_pkey_get_details(PrivateKey);
	PublicKey = openssl_pkey_get_public(PrivKeyDetails['key']);
	PublicKeyDetails = openssl_pkey_get_details(PublicKey);
	X = JwtUtils::b64UrlEncode(PublicKeyDetails['ec']['x']);
	Y = JwtUtils::b64UrlEncode(PublicKeyDetails['ec']['y']);





	LINK: "https://login.live.com/oauth20_connect.srf" // Xbox Live Device Code Request
	Headers = [
	'Content-Type: application/x-www-form-urlencoded',
	'Accept-Language: tr' // you can edit
	]
	Body = [
	'client_id' => '0000000048183522',
	'scope' => 'service::user.auth.xboxlive.com::MBI_SSL',
	'response_type' => 'device_code'
	]

	RESPONSE CODE CONTENT -> {'user_code', 'device_code', 'verification_uri', 'expires_in', 'interval', 'message'}
	print("You can verify by entering the code " . RESPONSE CODE['user_code'] . " from " . RESPONSE CODE['verification_uri'] . ".\n")





	while(true) { // In the loop, wait for the user to log in to their microsoft account from the site.

	LINK: "https://login.live.com/oauth20_token.srf" // Xbox Live Token Request
	Headers = [
	'Content-Type: application/x-www-form-urlencoded',
	]
	Body = [
	'grant_type' => 'urn:ietf:params:oauth:grant-type:device_code',
	'client_id' => "0000000048183522",
	'device_code' => RESPONSE CODE['device_code']
	]

	RESPONSE CODE CONTENT ->
	// If error = authorization_pending, wait
	IF THERE IS ERROR {'error': ['authorization_pending' or 'invalid_grant' or 'authorization_declined' or 'bad_verification_code' or 'expired_token']}
	IF THERE IS NO ERROR var TokenData = {'tokenType': 'bearer', 'expires_in': '86400', 'scope': 'service::user.auth.xboxlive.com::MBI_SSL', 'access_token': '...', 'refresh_token': '...', 'user_id'}
	break loop // Store TokenData
	}




	LINK: "https://device.auth.xboxlive.com/device/authenticate" // Xbox Device Auth
	Body = [
	"Properties" => [
	"AuthMethod" => "ProofOfPossession",
	"DeviceType" => "Android",
	"Id" => "{" . GENERATE_RANDOM_UUID . "}", // i guess you have to generate random uuid
	"ProofKey" => [
	"crv" => "P-256",
	"alg" => "ES256",
	"use" => "sig",
	"kty" => "EC",
	"x" => X,
	"y" => Y
	],
	"Version" => "10" // Android Version
	],
	"RelyingParty" => "http://auth.xboxlive.com",
	"TokenType" => "JWT"
	];
	Headers = [
	"x-xbl-contract-version: 1",
	"Signature: " . signature(Body, PrivateKey)
	];

	RESPONSE DATA CONTENT -> {"IssueInstant", "NotAfter", "Token", "DisplayClaims": ["xdi": ["did", "dcs"]]}
	DeviceToken = RESPONSE DATA["Token"]



	LINK: "https://sisu.xboxlive.com/authorize" // Sisu Authorize
	Body = [
	"AccessToken" => "t=" . TokenData["access_token"],
	"AppId" => "0000000048183522",
	"deviceToken" => DeviceToken,
	"Sandbox" => "RETAIL",
	"UseModernGamertag" => true,
	"SiteName" => "user.auth.xboxlive.com",
	"RelyingParty" => "https://multiplayer.minecraft.net/",
	"ProofKey" => [
	"crv" => "P-256",
	"alg" => "ES256",
	"use" => "sig",
	"kty" => "EC",
	"x" => X,
	"y" => Y
	]
	]
	Headers = [
	"x-xbl-contract-version: 1",
	"Signature: " . signature(Body, privateKey)
	]

	RESPONSE DATA CONTENT -> {'DeviceToken': '...', 'TitleToken': ['DisplayClaims': [...], 'IssueInstant', 'NotAfter', 'Token'], 'UserToken': ['DisplayClaims': [...], 'IssueInstant', 'NotAfter', 'Token'], 'AuthorizationToken': ['DisplayClaims': ['xui': [0: ['uhs': 'intData']]], 'IssueInstant', 'NotAfter', 'Token'], 'WebPage', 'Sandbox': 'RETAIL', 'UseModernGamerTag': true, 'Flow': ''}

	XBOXUserID = RESPONSE DATA['AuthorizationToken']['DisplayClaims']['xui'][0]['uhs']
	AuthToken = RESPONSE DATA['AuthorizationToken']['Token']



	LINK: "https://multiplayer.minecraft.net/authentication" // Bedrock Auth
	Body = [
	'identityPublicKey' => base64_encode(JwtUtils::emitDerPublicKey(privateKey)) privateKey-> ('curve_name' => 'secp384r1', 'private_key_type' => OPENSSL_KEYTYPE_EC)
	]
	Headers = [
	'Content-Type: application/json',
	'User-Agent: MCPE/Android',
	'Client-Version: 1.21.2', // change
	'Authorization: XBL3.0 x=' . XBOXUserID . ';' . AuthToken
	]

	RESPONSE DATA CONTENT -> {'chain': [0: '...', 1: '...']}