halo-infinite-api 1.2.2 → 2.0.0

package/src/authentication/xbox-authentication-client.ts

@@ -3,6 +3,9 @@ import pkceChallenge from "pkce-challenge";
 import { DateTime } from "luxon";
 import { XboxTicket } from "../models/xbox-ticket";
 import { coalesceDateTime } from "../util/date-time";
+import { ResolvablePromise } from "../util/resolvable-promise";
+import { ExpiryTokenCache } from "../util/expiry-token-cache";
+import { TokenPersister } from "../core/token-persisters";
 
 const SCOPES = ["Xboxlive.signin", "Xboxlive.offline_access"];
 
@@ -18,22 +21,90 @@ export interface XboxAuthenticationToken {
 }
 
 export class XboxAuthenticationClient {
-  private currentTokenPromise: Promise<XboxAuthenticationToken> | undefined =
-    undefined;
+  private accessTokenPromise:
+    | ResolvablePromise<XboxAuthenticationToken>
+    | undefined = undefined;
+  private userTokenCache = new ExpiryTokenCache(async (accessToken: string) => {
+    const persistedToken = await this.tokenPersister?.load<
+      XboxTicket & { expiresAt: DateTime }
+    >("xbox.userToken");
+
+    if (persistedToken && persistedToken.expiresAt > DateTime.now()) {
+      return persistedToken;
+    }
+
+    const response = await this.httpClient.post<XboxTicket>(
+      "https://user.auth.xboxlive.com/user/authenticate",
+      {
+        RelyingParty: "http://auth.xboxlive.com",
+        TokenType: "JWT",
+        Properties: {
+          AuthMethod: "RPS",
+          SiteName: "user.auth.xboxlive.com",
+          RpsTicket: `d=${accessToken}`,
+        },
+      },
+      {
+        headers: {
+          "Content-Type": "application/json",
+          Accept: "application/json",
+          "x-xbl-contract-version": "1",
+        },
+      }
+    );
+
+    const result = {
+      ...response.data,
+      expiresAt: DateTime.fromISO(response.data.NotAfter),
+    };
+    await this.tokenPersister?.save("xbox.userToken", result);
+    return result;
+  });
+  private xstsTicketCache = new ExpiryTokenCache(
+    async (userToken: string, relyingParty: RelyingParty) => {
+      const persistedToken = await this.tokenPersister?.load<
+        XboxTicket & { expiresAt: DateTime }
+      >("xbox.xstsTicket");
+
+      if (persistedToken && persistedToken.expiresAt > DateTime.now()) {
+        return persistedToken;
+      }
+
+      const response = await this.httpClient.post<XboxTicket>(
+        "https://xsts.auth.xboxlive.com/xsts/authorize",
+        {
+          RelyingParty: relyingParty,
+          TokenType: "JWT",
+          Properties: {
+            SandboxId: "RETAIL",
+            UserTokens: [userToken],
+          },
+        },
+        {
+          headers: {
+            "Content-Type": "application/json",
+            Accept: "application/json",
+            "x-xbl-contract-version": "1",
+          },
+        }
+      );
+
+      const result = {
+        ...response.data,
+        expiresAt: DateTime.fromISO(response.data.NotAfter),
+      };
+      await this.tokenPersister?.save("xbox.xstsTicket", result);
+      return result;
+    }
+  );
+
   private readonly httpClient: AxiosInstance;
 
   constructor(
     private readonly clientId: string,
     private readonly redirectUri: string,
     private readonly getAuthCode: (authorizeUrl: string) => Promise<string>,
-    private readonly loadToken: () => Promise<{
-      token?: string;
-      expiresAt?: unknown;
-      refreshToken?: string;
-    } | null>,
-    private readonly saveToken: (
-      token: XboxAuthenticationToken
-    ) => Promise<void>
+    private readonly tokenPersister?: TokenPersister
   ) {
     this.httpClient = axios.create();
   }
@@ -43,50 +114,41 @@ export class XboxAuthenticationClient {
   }
 
   public async getAccessToken() {
-    if (this.currentTokenPromise) {
+    if (this.accessTokenPromise) {
       // Someone either already has a token or is in the process of getting one
       // Wait for them to finish, then check for validity
-      const currentToken = await this.currentTokenPromise;
+      const currentToken = await this.accessTokenPromise;
 
       if (currentToken.expiresAt > DateTime.now()) {
         // Current token is valid, return it
         return currentToken.token;
       } else {
         // Current token expired, start a new promise
-        let promiseResolver!: (token: XboxAuthenticationToken) => void;
-        let promiseRejector!: (error: unknown) => void;
-        this.currentTokenPromise = new Promise<XboxAuthenticationToken>(
-          (resolve, reject) => {
-            promiseResolver = resolve;
-            promiseRejector = reject;
-          }
-        );
+        this.accessTokenPromise =
+          new ResolvablePromise<XboxAuthenticationToken>();
 
         try {
           const newToken = await this.refreshOAuth2Token(
             currentToken.refreshToken
           );
-          promiseResolver(newToken);
-          await this.saveToken(newToken);
+          this.accessTokenPromise.resolve(newToken);
+          await this.tokenPersister?.save("xbox.accessToken", newToken);
           return newToken.token;
         } catch (e) {
-          promiseRejector(e);
+          this.accessTokenPromise.reject(e);
           throw e;
         }
       }
     } else {
       // We are the first caller, create a promise to block subsequent callers
-      let promiseResolver!: (token: XboxAuthenticationToken) => void;
-      let promiseRejector!: (error: unknown) => void;
-      this.currentTokenPromise = new Promise<XboxAuthenticationToken>(
-        (resolve, reject) => {
-          promiseResolver = resolve;
-          promiseRejector = reject;
-        }
-      );
+      this.accessTokenPromise =
+        new ResolvablePromise<XboxAuthenticationToken>();
 
       try {
-        const loadedToken = await this.loadToken();
+        const loadedToken =
+          await this.tokenPersister?.load<XboxAuthenticationToken>(
+            "xbox.accessToken"
+          );
         const currentToken = {
           ...loadedToken,
           token: loadedToken?.token ?? "",
@@ -95,23 +157,25 @@ export class XboxAuthenticationClient {
 
         if (currentToken.expiresAt && currentToken.expiresAt > DateTime.now()) {
           // Current token is valid, return it and alert other callers if applicable
-          promiseResolver(currentToken as XboxAuthenticationToken);
+          this.accessTokenPromise.resolve(
+            currentToken as XboxAuthenticationToken
+          );
           return currentToken.token;
         } else {
           const newToken = await this.fetchOauth2Token();
-          promiseResolver(newToken);
-          await this.saveToken(newToken);
+          this.accessTokenPromise.resolve(newToken);
+          await this.tokenPersister?.save("xbox.accessToken", newToken);
           return newToken.token;
         }
       } catch (e) {
-        promiseRejector(e);
+        this.accessTokenPromise.reject(e);
         throw e;
       }
     }
   }
 
   private async fetchOauth2Token(): Promise<XboxAuthenticationToken> {
-    const { code_verifier, code_challenge } = await this.getPkce();
+    const { code_verifier, code_challenge } = this.getPkce();
 
     const authorizeUrl = `https://login.live.com/oauth20_authorize.srf?${new URLSearchParams(
       {
@@ -126,6 +190,7 @@ export class XboxAuthenticationClient {
 
     const code = await this.getAuthCode(authorizeUrl);
 
+    const requestStart = DateTime.now();
     const response = await this.httpClient.post<{
       access_token: string;
       expires_in: number;
@@ -149,10 +214,9 @@ export class XboxAuthenticationClient {
       }
     );
 
-    const responseDate = DateTime.fromRFC2822(response.headers["date"]);
     return {
       token: response.data.access_token,
-      expiresAt: responseDate.plus({ seconds: response.data.expires_in }),
+      expiresAt: requestStart.plus({ seconds: response.data.expires_in }),
       refreshToken: response.data.refresh_token,
     };
   }
@@ -190,50 +254,12 @@ export class XboxAuthenticationClient {
   }
 
   public async getUserToken(accessToken: string) {
-    const response = await this.httpClient.post<XboxTicket>(
-      "https://user.auth.xboxlive.com/user/authenticate",
-      {
-        RelyingParty: "http://auth.xboxlive.com",
-        TokenType: "JWT",
-        Properties: {
-          AuthMethod: "RPS",
-          SiteName: "user.auth.xboxlive.com",
-          RpsTicket: `d=${accessToken}`,
-        },
-      },
-      {
-        headers: {
-          "Content-Type": "application/json",
-          Accept: "application/json",
-          "x-xbl-contract-version": "1",
-        },
-      }
-    );
-
-    return response.data.Token;
+    const { Token } = await this.userTokenCache.getToken(accessToken);
+    return Token;
   }
 
-  public async getXstsTicket(userToken: string, relyingParty: RelyingParty) {
-    const response = await this.httpClient.post<XboxTicket>(
-      "https://xsts.auth.xboxlive.com/xsts/authorize",
-      {
-        RelyingParty: relyingParty,
-        TokenType: "JWT",
-        Properties: {
-          SandboxId: "RETAIL",
-          UserTokens: [userToken],
-        },
-      },
-      {
-        headers: {
-          "Content-Type": "application/json",
-          Accept: "application/json",
-          "x-xbl-contract-version": "1",
-        },
-      }
-    );
-
-    return response.data;
+  public getXstsTicket(userToken: string, relyingParty: RelyingParty) {
+    return this.xstsTicketCache.getToken(userToken, relyingParty);
   }
 
   public getXboxLiveV3Token = (userHash: string, userToken: string) =>

package/src/core/halo-infinite-client.ts

@@ -1,10 +1,11 @@
 import axios, { AxiosError, AxiosHeaders, Method } from "axios";
-import { HaloAuthenticationClient } from "../authentication/halo-authentication-client";
-import {
-  RelyingParty,
-  XboxAuthenticationClient,
-} from "../authentication/xbox-authentication-client";
 import { HaloCoreEndpoints } from "../endpoints/halo-core-endpoints";
+import {
+  MapAsset,
+  PlaylistAsset,
+  UgcGameVariantAsset,
+} from "../models/halo-infinite/asset";
+import { AssetKind } from "../models/halo-infinite/asset-kind";
 import { MatchSkill } from "../models/halo-infinite/match-skill";
 import { MatchStats } from "../models/halo-infinite/match-stats";
 import { MatchType } from "../models/halo-infinite/match-type";
@@ -14,12 +15,7 @@ import { PlaylistCsrContainer } from "../models/halo-infinite/playlist-csr-conta
 import { ServiceRecord } from "../models/halo-infinite/service-record";
 import { UserInfo } from "../models/halo-infinite/user-info";
 import { GlobalConstants } from "../util/global-contants";
-import {
-  MapAsset,
-  PlaylistAsset,
-  UgcGameVariantAsset,
-} from "../models/halo-infinite/asset";
-import { AssetKind } from "../models/halo-infinite/asset-kind";
+import { SpartanTokenProvider } from "./spartan-token-providers";
 
 interface ResultContainer<TValue> {
   Id: string;
@@ -38,11 +34,6 @@ interface PaginationContainer<TValue> {
   Results: TValue[];
 }
 
-interface TokenPersister {
-  load: <T>(tokenName: string) => Promise<T>;
-  save: (tokenName: string, token: unknown) => Promise<void>;
-}
-
 export type AssetKindTypeMap = {
   [AssetKind.Map]: MapAsset;
   [AssetKind.UgcGameVariant]: UgcGameVariantAsset;
@@ -67,55 +58,7 @@ function wrapPlayerId(playerId: string) {
 }
 
 export class HaloInfiniteClient {
-  private readonly haloAuthClient: HaloAuthenticationClient;
-
-  constructor(
-    clientId: string,
-    redirectUri: string,
-    getAuthCode: (authorizeUrl: string) => Promise<string>,
-    tokenPersister?: TokenPersister
-  ) {
-    const xboxAuthClient = new XboxAuthenticationClient(
-      clientId,
-      redirectUri,
-      getAuthCode,
-      async () => {
-        if (tokenPersister) {
-          return await tokenPersister.load("xbox.authToken");
-        } else {
-          return null;
-        }
-      },
-      async (token) => {
-        if (tokenPersister) {
-          await tokenPersister.save("xbox.authToken", token);
-        }
-      }
-    );
-    this.haloAuthClient = new HaloAuthenticationClient(
-      async () => {
-        const accessToken = await xboxAuthClient.getAccessToken();
-        const userToken = await xboxAuthClient.getUserToken(accessToken);
-        const xstsTicket = await xboxAuthClient.getXstsTicket(
-          userToken,
-          RelyingParty.Halo
-        );
-        return xstsTicket.Token;
-      },
-      async () => {
-        if (tokenPersister) {
-          return await tokenPersister.load("halo.authToken");
-        } else {
-          return null;
-        }
-      },
-      async (token) => {
-        if (tokenPersister) {
-          await tokenPersister.save("halo.authToken", token);
-        }
-      }
-    );
-  }
+  constructor(private spartanTokenProvider: SpartanTokenProvider) {}
 
   private async executeRequest<T>(
     url: string,
@@ -132,7 +75,7 @@ export class HaloInfiniteClient {
     if (useSpartanToken) {
       headers.set(
         "x-343-authorization-spartan",
-        await this.haloAuthClient.getSpartanToken()
+        await this.spartanTokenProvider.getSpartanToken()
       );
     }
 

package/src/core/spartan-token-providers/auto-xsts-spartan-token-provider.ts

@@ -0,0 +1,55 @@
+import {
+  RelyingParty,
+  XboxAuthenticationClient,
+} from "../../authentication/xbox-authentication-client";
+import { TokenPersister } from "../token-persisters";
+import { HaloAuthenticationClient } from "../../authentication/halo-authentication-client";
+import { SpartanTokenProvider } from ".";
+
+/**
+ * A SpartanTokenProvider that fetches both the Xbox and Halo tokens in the same
+ * process. This is useful for applications that do not need to contend with
+ * CORS restrictions.
+ */
+export class AutoXstsSpartanTokenProvider implements SpartanTokenProvider {
+  public readonly getSpartanToken: () => Promise<string>;
+
+  constructor(
+    clientId: string,
+    redirectUri: string,
+    getAuthCode: (authorizeUrl: string) => Promise<string>,
+    tokenPersister?: TokenPersister
+  ) {
+    const xboxAuthClient = new XboxAuthenticationClient(
+      clientId,
+      redirectUri,
+      getAuthCode,
+      tokenPersister
+    );
+    const haloAuthClient = new HaloAuthenticationClient(
+      async () => {
+        const accessToken = await xboxAuthClient.getAccessToken();
+        const userToken = await xboxAuthClient.getUserToken(accessToken);
+        const xstsTicket = await xboxAuthClient.getXstsTicket(
+          userToken,
+          RelyingParty.Halo
+        );
+        return xstsTicket.Token;
+      },
+      async () => {
+        if (tokenPersister) {
+          return await tokenPersister.load("halo.authToken");
+        } else {
+          return null;
+        }
+      },
+      async (token) => {
+        if (tokenPersister) {
+          await tokenPersister.save("halo.authToken", token);
+        }
+      }
+    );
+
+    this.getSpartanToken = () => haloAuthClient.getSpartanToken();
+  }
+}

package/src/core/spartan-token-providers/index.ts

@@ -0,0 +1,3 @@
+export interface SpartanTokenProvider {
+  getSpartanToken(): Promise<string>;
+}

package/src/core/spartan-token-providers/static-xsts-ticket-token-spartan-token-provider.ts

@@ -0,0 +1,36 @@
+import { TokenPersister } from "../token-persisters";
+import { HaloAuthenticationClient } from "../../authentication/halo-authentication-client";
+import { SpartanTokenProvider } from ".";
+
+/**
+ * A SpartanTokenProvider that fetches uses a pre-fetched XSTS ticket token.
+ * Since requests to the Halo API are subject to CORS restrictions a
+ * HaloAuthenticationClient can be instantitated with a pre-fetched XSTS ticket
+ * and run on a server (such as one provided by the user).
+ */
+
+export class StaticXstsTicketTokenSpartanTokenProvider
+  implements SpartanTokenProvider
+{
+  public readonly getSpartanToken: () => Promise<string>;
+
+  constructor(xstsTicketToken: string, tokenPersister?: TokenPersister) {
+    const haloAuthClient = new HaloAuthenticationClient(
+      () => xstsTicketToken,
+      async () => {
+        if (tokenPersister) {
+          return await tokenPersister.load("halo.authToken");
+        } else {
+          return null;
+        }
+      },
+      async (token) => {
+        if (tokenPersister) {
+          await tokenPersister.save("halo.authToken", token);
+        }
+      }
+    );
+
+    this.getSpartanToken = () => haloAuthClient.getSpartanToken();
+  }
+}

package/src/core/token-persisters/index.ts

@@ -0,0 +1,4 @@
+export interface TokenPersister {
+  load: <T>(tokenName: string) => Promise<T> | T;
+  save: (tokenName: string, token: unknown) => Promise<void> | void;
+}

package/src/core/token-persisters/local-storage-token-persister.ts

@@ -0,0 +1,15 @@
+import { TokenPersister } from ".";
+
+export const localStorageTokenPersister: TokenPersister = {
+  load: (tokenName) => {
+    const json = localStorage.getItem(tokenName);
+    if (json) {
+      return JSON.parse(json);
+    } else {
+      return null;
+    }
+  },
+  save: (tokenName, token) => {
+    localStorage.setItem(tokenName, JSON.stringify(token));
+  },
+};

package/src/core/token-persisters/node-fs-token-persister.ts

@@ -0,0 +1,23 @@
+import fs from "fs/promises";
+import { TokenPersister } from ".";
+
+export const nodeFsTokenPersister: TokenPersister = {
+  load: async (tokenName) => {
+    const storageFileName = `./tokens/${tokenName}`;
+    try {
+      const json = await fs.readFile(storageFileName, { encoding: "utf-8" });
+      return JSON.parse(json);
+    } catch (e) {
+      if (e && typeof e === "object" && "code" in e && e.code === "ENOENT") {
+        return null;
+      } else {
+        throw e;
+      }
+    }
+  },
+  save: async (tokenName, token) => {
+    const storageFileName = `./tokens/${tokenName}`;
+    await fs.mkdir(`./tokens/`, { recursive: true });
+    await fs.writeFile(storageFileName, JSON.stringify(token));
+  },
+};

package/src/index.ts

@@ -2,6 +2,10 @@ export {
   HaloInfiniteClient,
   AssetKindTypeMap,
 } from "./core/halo-infinite-client";
+export {
+  XboxAuthenticationClient,
+  RelyingParty,
+} from "./authentication/xbox-authentication-client";
 export { Playlist } from "./models/halo-infinite/playlist";
 export { PlaylistCsrContainer } from "./models/halo-infinite/playlist-csr-container";
 export { UserInfo } from "./models/halo-infinite/user-info";
@@ -17,3 +21,7 @@ export { MatchOutcome } from "./models/halo-infinite/match-outcome";
 export { MatchSkill } from "./models/halo-infinite/match-skill";
 export { AssetVersionLink } from "./models/halo-infinite/asset-version-link";
 export { MatchInfo } from "./models/halo-infinite/match-info";
+export { SpartanTokenProvider } from "./core/spartan-token-providers";
+export { AutoXstsSpartanTokenProvider } from "./core/spartan-token-providers/auto-xsts-spartan-token-provider";
+export { StaticXstsTicketTokenSpartanTokenProvider } from "./core/spartan-token-providers/static-xsts-ticket-token-spartan-token-provider";
+export { TokenPersister } from "./core/token-persisters";

package/src/util/expiry-token-cache.ts

@@ -0,0 +1,51 @@
+import { DateTime } from "luxon";
+import { ResolvablePromise } from "./resolvable-promise";
+
+export class ExpiryTokenCache<
+  TToken extends { expiresAt: DateTime },
+  TArgs extends any[]
+> {
+  private tokenFetchPromise: ResolvablePromise<TToken> | undefined = undefined;
+
+  constructor(
+    private readonly tokenFetcher: (...args: TArgs) => Promise<TToken>
+  ) {}
+
+  // TODO: Compare args and separate cache entries based on input
+  async getToken(...args: TArgs): Promise<TToken> {
+    if (this.tokenFetchPromise) {
+      // Someone either already has a token or is in the process of getting one
+      // Wait for them to finish, then check for validity
+      const currentToken = await this.tokenFetchPromise;
+
+      if (currentToken.expiresAt > DateTime.now()) {
+        // Current token is valid, return it
+        return currentToken;
+      } else {
+        // Current token expired, start a new promise
+        this.tokenFetchPromise = new ResolvablePromise<TToken>();
+
+        try {
+          const newToken = await this.tokenFetcher(...args);
+          this.tokenFetchPromise.resolve(newToken);
+          return newToken;
+        } catch (e) {
+          this.tokenFetchPromise.reject(e);
+          throw e;
+        }
+      }
+    } else {
+      // No one has a token, start a new promise
+      this.tokenFetchPromise = new ResolvablePromise<TToken>();
+
+      try {
+        const newToken = await this.tokenFetcher(...args);
+        this.tokenFetchPromise.resolve(newToken);
+        return newToken;
+      } catch (e) {
+        this.tokenFetchPromise.reject(e);
+        throw e;
+      }
+    }
+  }
+}

package/src/util/resolvable-promise.ts

@@ -0,0 +1,32 @@
+export class ResolvablePromise<TReturn> extends Promise<TReturn> {
+  isCompleted = false;
+  readonly resolve: (value: TReturn | PromiseLike<TReturn>) => void;
+  readonly reject: (reason?: unknown) => void;
+  constructor() {
+    let resolve!: (value: TReturn | PromiseLike<TReturn>) => void;
+    let reject!: (reason?: unknown) => void;
+    super((res, rej) => {
+      resolve = res;
+      reject = rej;
+    });
+    this.resolve = (v) => {
+      this.isCompleted = true;
+      return resolve(v);
+    };
+    this.reject = (r) => {
+      this.isCompleted = true;
+      return reject(r);
+    };
+  }
+
+  // you can also use Symbol.species in order to
+  // return a Promise for then/catch/finally
+  static get [Symbol.species]() {
+    return Promise;
+  }
+
+  // Promise overrides his Symbol.toStringTag
+  get [Symbol.toStringTag]() {
+    return "ResolvablePromise";
+  }
+}