Skip to content

Commit f495cb8

Browse files
Daniel-RicDaniel-Ric
authored
Merge pull request #8 from Daniel-Ric/feature/2026-01-22/list-missing-user-related-tokens-in-callback
Return both PlayFab entity tokens in auth callbacks
2 parents f33cc04 + 3afb0af commit f495cb8

5 files changed

Lines changed: 26 additions & 6 deletions

File tree

src/routes/auth.routes.js

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -102,6 +102,9 @@ router.post("/callback", authLimiter, asyncHandler(async (req, res) => {
102102
const {SessionTicket, PlayFabId} = await loginWithXbox(playfabToken, titleId);
103103
const mcToken = await getMCToken(SessionTicket);
104104
const entityData = await getEntityToken(SessionTicket);
105+
const masterEntityData = PlayFabId ? await getEntityToken(SessionTicket, {
106+
Type: "master_player_account", Id: PlayFabId
107+
}) : null;
105108
const jwtToken = signJwt({xuid: xid, gamertag: gtg});
106109

107110
res.json(buildAuthCallbackResponse({
@@ -121,7 +124,9 @@ router.post("/callback", authLimiter, asyncHandler(async (req, res) => {
121124
sessionTicket: SessionTicket,
122125
playFabId: PlayFabId,
123126
entityToken: entityData.EntityToken,
124-
entityTokenExpiresOn: entityData.TokenExpiration
127+
entityTokenExpiresOn: entityData.TokenExpiration,
128+
entityTokenMaster: masterEntityData?.EntityToken,
129+
entityTokenMasterExpiresOn: masterEntityData?.TokenExpiration
125130
}));
126131
}));
127132

@@ -188,6 +193,9 @@ router.post("/refresh", authLimiter, asyncHandler(async (req, res) => {
188193
const {SessionTicket, PlayFabId} = await loginWithXbox(playfabToken, titleId);
189194
const mcToken = await getMCToken(SessionTicket);
190195
const entityData = await getEntityToken(SessionTicket);
196+
const masterEntityData = PlayFabId ? await getEntityToken(SessionTicket, {
197+
Type: "master_player_account", Id: PlayFabId
198+
}) : null;
191199
const jwtToken = signJwt({xuid: xid, gamertag: gtg});
192200

193201
res.json(buildAuthCallbackResponse({
@@ -207,7 +215,9 @@ router.post("/refresh", authLimiter, asyncHandler(async (req, res) => {
207215
sessionTicket: SessionTicket,
208216
playFabId: PlayFabId,
209217
entityToken: entityData.EntityToken,
210-
entityTokenExpiresOn: entityData.TokenExpiration
218+
entityTokenExpiresOn: entityData.TokenExpiration,
219+
entityTokenMaster: masterEntityData?.EntityToken,
220+
entityTokenMasterExpiresOn: masterEntityData?.TokenExpiration
211221
}));
212222
}));
213223

src/routes/debug.routes.js

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -157,6 +157,7 @@ router.post("/decode-callback", jwtMiddleware, asyncHandler(async (req, res) =>
157157
sessionTicket: bundle.sessionTicket,
158158
playFabId: bundle.playFabId,
159159
entityToken: bundle.entityToken,
160+
entityTokenMaster: bundle.entityTokenMaster,
160161
xstsXbox: bundle.xstsXbox,
161162
xstsRedeem: bundle.xstsRedeem,
162163
xstsPlayFab: bundle.xstsPlayFab
@@ -208,6 +209,7 @@ router.post("/decode-callback", jwtMiddleware, asyncHandler(async (req, res) =>
208209
add("mcToken", extracted.mcToken);
209210
add("sessionTicket", extracted.sessionTicket);
210211
add("entityToken", extracted.entityToken);
212+
add("entityTokenMaster", extracted.entityTokenMaster);
211213

212214
const user = {
213215
xuid: extracted.xuid || decoded.jwt?.payload?.xuid || get(bundle, "xsts.xbox.DisplayClaims.xui.0.xid") || null,

src/utils/authResponse.js

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@ export function buildAuthCallbackResponse(data) {
1616
sessionTicket: data.sessionTicket,
1717
playFabId: data.playFabId,
1818
entityToken: data.entityToken,
19-
entityTokenExpiresOn: data.entityTokenExpiresOn
19+
entityTokenExpiresOn: data.entityTokenExpiresOn,
20+
entityTokenMaster: data.entityTokenMaster,
21+
entityTokenMasterExpiresOn: data.entityTokenMasterExpiresOn
2022
};
2123
}

src/utils/swagger.js

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -82,7 +82,9 @@ const options = {
8282
sessionTicket: {type: "string"},
8383
playFabId: {type: "string"},
8484
entityToken: {type: "string"},
85-
entityTokenExpiresOn: {type: "string"}
85+
entityTokenExpiresOn: {type: "string"},
86+
entityTokenMaster: {type: "string"},
87+
entityTokenMasterExpiresOn: {type: "string"}
8688
}
8789
}, ProfileOverviewRequest: {
8890
type: "object", properties: {

tests/authResponse.test.js

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,9 @@ test("buildAuthCallbackResponse maps callback payload", () => {
2121
sessionTicket: "ticket",
2222
playFabId: "pfid",
2323
entityToken: "entity-token",
24-
entityTokenExpiresOn: "2025-01-01T00:00:00Z"
24+
entityTokenExpiresOn: "2025-01-01T00:00:00Z",
25+
entityTokenMaster: "entity-master",
26+
entityTokenMasterExpiresOn: "2025-01-01T01:00:00Z"
2527
});
2628

2729
assert.deepEqual(result, {
@@ -41,6 +43,8 @@ test("buildAuthCallbackResponse maps callback payload", () => {
4143
sessionTicket: "ticket",
4244
playFabId: "pfid",
4345
entityToken: "entity-token",
44-
entityTokenExpiresOn: "2025-01-01T00:00:00Z"
46+
entityTokenExpiresOn: "2025-01-01T00:00:00Z",
47+
entityTokenMaster: "entity-master",
48+
entityTokenMasterExpiresOn: "2025-01-01T01:00:00Z"
4549
});
4650
});

0 commit comments

Comments
 (0)