-
-
Save pirica/9a957d6ff3ce1349025c388487dc6456 to your computer and use it in GitHub Desktop.
Simple small OAuth flow for Epicgames new login system, 2FA support
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Linq; | |
| using System.Net; | |
| using Newtonsoft.Json; | |
| using RestSharp; | |
| namespace FNFlowAuthNETCore | |
| { | |
| public class EpicFortniteAuthFlow | |
| { | |
| static void Main(string[] args) | |
| { | |
| new EpicFortniteAuthFlow(); | |
| } | |
| public EpicFortniteAuthFlow() | |
| { | |
| var email = ""; | |
| var password = ""; | |
| Console.WriteLine(GetOAuthToken(email, password)); | |
| Console.ReadKey(); | |
| } | |
| public string GetOAuthToken(string email, string password, CookieContainer cookieJar = null, string authMethod = null) | |
| { | |
| if (cookieJar == null) | |
| cookieJar = new CookieContainer(); | |
| var client = new RestClient("https://www.epicgames.com/id/api/") | |
| { | |
| CookieContainer = cookieJar | |
| }; | |
| var csrfRes = client.Execute(new RestRequest("csrf", Method.GET)); | |
| var token = csrfRes.Cookies.First(x => x.Name == "XSRF-TOKEN").Value; | |
| var loginRequest = new RestRequest(!string.IsNullOrEmpty(authMethod) ? "login/mfa" : "login", Method.POST) | |
| .AddHeader("Content-Type", "application/x-www-form-urlencoded") | |
| .AddHeader("x-xsrf-token", token); | |
| if (!string.IsNullOrEmpty(authMethod)) | |
| { | |
| try | |
| { | |
| Console.Write("Two factor detected, write the 6 number code from 2FA: "); | |
| var authKey = Int32.Parse(Console.ReadLine()); | |
| var twoStep = client.Execute(loginRequest | |
| .AddParameter("code", authKey) | |
| .AddParameter("method", authMethod) | |
| .AddParameter("rememberDevice", false)); | |
| if (twoStep.StatusCode == HttpStatusCode.BadRequest) | |
| return "WRONG AUTHENTICATED 2AUTH KEY"; | |
| } | |
| catch (Exception) | |
| { | |
| return "WRONG AUTHENTICATED 2AUTH KEY"; | |
| } | |
| } | |
| else | |
| { | |
| IRestResponse loginRes = client.Execute(loginRequest | |
| .AddParameter("email", email) | |
| .AddParameter("password", password) | |
| .AddParameter("rememberMe", true)); | |
| if (loginRes.StatusCode == HttpStatusCode.Conflict) | |
| return GetOAuthToken(email, password, cookieJar); | |
| if (loginRes.StatusCode == HttpStatusCode.RequestHeaderFieldsTooLarge) | |
| return GetOAuthToken(email, password, cookieJar, (string) JsonConvert.DeserializeObject<dynamic>(loginRes.Content)["metadata"].twoFactorMethod); | |
| } | |
| var exchangeRes = client.Execute( | |
| new RestRequest("exchange", Method.POST) | |
| .AddHeader("x-xsrf-token", token)); | |
| var oauthClient = new RestClient("https://account-public-service-prod03.ol.epicgames.com/account/api/oauth/token"); | |
| var oauthRes = oauthClient.Execute( | |
| new RestRequest(Method.POST) | |
| .AddHeader("Content-Type", "application/x-www-form-urlencoded") | |
| .AddHeader("Authorization", "basic MzQ0NmNkNzI2OTRjNGE0NDg1ZDgxYjc3YWRiYjIxNDE6OTIwOWQ0YTVlMjVhNDU3ZmI5YjA3NDg5ZDMxM2I0MWE=") | |
| .AddParameter("grant_type", "exchange_code") | |
| .AddParameter("exchange_code", JsonConvert.DeserializeObject<dynamic>(exchangeRes.Content)["code"]) | |
| .AddParameter("includePerms", true) | |
| .AddParameter("token_type", "eg1")); | |
| return JsonConvert.DeserializeObject<dynamic>(oauthRes.Content)["access_token"]; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment