JavaScript is required to use Bungie.net

Group Avatar

BungieNetPlatform

"Updates, discussions, and documentation of the BungieNetPlatform API."

Request Join
originally posted in:BungieNetPlatform
Edited by lowlines: 5/10/2015 3:41:34 AM
5

Authentication with PSN, Xbox & Facebook

[edit 10.05.15] Removed Facebook login code (no longer supported by Bungie.net). Updated Xbox Auth flow. [edit 11.03.15] Added "Stay signed in" flags for Xbox and Facebook logins. Should hopefully allow you to stay in for a longer period of time. [edit 09.03.15] While messing around with my brother's account, I realised my function didn't take into account if someone used an unregistered account to sign-in. I've updated it to account for this and I've also added more comments to make it more clear what's going on (mainly for Xbox sign-ins...). [original post] While in the process of putting together a pastebin of my code to try and debug what I was doing wrong, I actually managed to get PSN sign-in working (I can't say exactly what it was that was wrong though...), and while I was at it I went and figured out Facebook and Xbox sign-ins too. The latter (Xbox) is just plain ugly because they've rigged their sign-in form to "Require Javascript", but if anyone has a cleaner solution more in-line with how PSN and Facebook are done, please let me know. Here's a straight forward PHP function you can use to enable logging in with all 3 methods, resulting in either success or fail. If it wasn't for @abl's [url=https://www.bungie.net/en/Clan/Post/39966/106896643/0/0]post[/url], I was pretty content with the idea that this wasn't possible (not for all 3 anyway, especially Xbox *scoffs*). If people have suggestions on how to make this better, please let me know. [url]http://pastebin.com/pQTH7WR7[/url]

Posting in language:

 

Cancel Edit Create Fireteam Post Play nice. Take a minute to review our Code of Conduct before submitting your post.

  • Edited by Emrikol: 4/23/2015 8:51:51 PM
    Thanks for posting this. PSN works fine but I can't seem to get the xbox login working. After a successful auth, the resulting html is something like this: [quote]Object moved to here.[/quote] Where "here" is linked to /en/User/SignIn?id=Xuid. It looks like its trying to get back to bungie's login page. Any suggestions? I've double checked that user/pass are valid.

    Posting in language:

     

    Cancel Edit Create Fireteam Post Play nice. Take a minute to review our Code of Conduct before submitting your post.

    3 Replies
    • The PSN section doesn't work if you have two-step authentication set up for your account. I actually get the text message with my code after testing the function, but I obviously have no where to enter it to finish the process. I'm stuck and could use some help! I know Bungie has official authentication support possibly in the pipe, but I wanted a workaround in the meantime. :) Thanks in advance!

      Posting in language:

       

      Cancel Edit Create Fireteam Post Play nice. Take a minute to review our Code of Conduct before submitting your post.

      4 Replies
      • While trying to figure out why PSN Auth wasn't working (for a time), I was looking at the Xbox Auth and it looks like its changed a bit since the last time I looked at it. Not only that, but you will also have to log into Xbox.com and agree to the updated Terms and Conditions before you can use it as a login method to Bungie.net. The good news is that it is now more in line with the PSN Auth flow: First off, when you are constructing the Bungie SignIn url, don't use Wlid, use Xuid from now on. And here's the updated Xbox Auth that you can replace the old one with in my code. [quote]$login_url = 'https://login.live.com/ppsecure/post.srf?'.substr($redirect_url, strpos($redirect_url, '?')+1); preg_match('/id\="i0327" value\="(.*?)"\//', $auth_result, $ppft); if (count($ppft) == 2) { $ch = curl_init(); curl_setopt_array($ch, $default_options); curl_setopt_array($ch, array( CURLOPT_URL => $login_url, CURLOPT_POST => 3, CURLOPT_POSTFIELDS => http_build_query(array( 'login' => $username, 'passwd' => $password, 'KMSI' => 1, // Stay signed in 'PPFT' => $ppft[1] )), CURLOPT_FOLLOWLOCATION => true )); $auth_result = curl_exec($ch); $auth_url = curl_getinfo($ch)['url']; curl_close($ch); if (strpos($auth_url, $url.'?code') === 0) { return true; } } return false;[/quote]

        Posting in language:

         

        Cancel Edit Create Fireteam Post Play nice. Take a minute to review our Code of Conduct before submitting your post.

      • Edited by Ashesheart: 3/10/2015 8:52:29 AM
        Thanks for this example. It seems that it doesn't work with me :( the $redirect_url is empty so i think the curl_exec is not being executed with success. Edit : i'm testing it in a local environment (localhost)

        Posting in language:

         

        Cancel Edit Create Fireteam Post Play nice. Take a minute to review our Code of Conduct before submitting your post.

        8 Replies
        • Edited by dazarobbo: 3/9/2015 5:48:40 AM
          It's probably overkill, but if you really need the responses to be handled by a browser for whatever reason (like running extensive JavaScript), you might find [url=http://phantomjs.org/]PhantomJS[/url] useful.

          Posting in language:

           

          Cancel Edit Create Fireteam Post Play nice. Take a minute to review our Code of Conduct before submitting your post.

          1 Reply
          You are not allowed to view this content.
          ;
          preload icon
          preload icon
          preload icon