|
1 | | -# Minecraft OAuth server |
| 1 | +# Minecraft OAuth Server |
2 | 2 |
|
3 | | -## Preface |
| 3 | +## 🚀 Description |
| 4 | +A simple way to add Minecraft authentication to your website or project. |
4 | 5 |
|
5 | | -Implementation of the Minecraft authentication flow in Java. After developing the [mc-oauth plugin](https://github.com/Andcool-Systems/mc-oauth), I was very disappointed with the load on my VPS from the original Minecraft server, and even the PaperMC core did not significantly improve the situation. So, I decided to write a server from scratch that would only include the authentication system, without burdening the server with the game world. |
| 6 | +Many developers who have tried to implement user authentication through Minecraft's official system using Microsoft have encountered various difficulties. One of the main issues is the requirement to create and get approval for an authentication application directly from Microsoft, which can be a challenging task. |
6 | 7 |
|
7 | | -All endpoints and response types remain the same as in the plugin. |
| 8 | +## 💡 Why mc-oauth? |
| 9 | +Our service provides an authentication system that does not require complex actions from either users or developers. |
8 | 10 |
|
9 | | ->[!Note] |
10 | | -> This server does not contain game state implementation and cannot be used for full-fledged gameplay. |
11 | | -> |
| 11 | +### 🔑 Features |
| 12 | +- 📋 Retrieve nickname and UUID via REST API |
| 13 | +- 🛡️ Zero Trust (Impossible for users to spoof Minecraft account data) |
| 14 | +- ⚡ Easy to use and implement |
| 15 | +- 🔒 The server handles only the authentication flow and nothing more |
12 | 16 |
|
13 | | -## Retrieving Data |
14 | | -`GET /code/<6-digit code>` |
15 | | -After the user receives the code, you should send a request to the API endpoint, which will return data about the Minecraft account. |
16 | | -The code is valid only once and for 5 minutes (by default) after it is received. After this time, the code is deleted. |
| 17 | +## 🛠️ For Developers |
| 18 | +1. Add a form on your website or project for entering a 6-digit code. |
| 19 | +2. After the user inputs the code provided by the server upon login, make a request to the API endpoint described below. |
17 | 20 |
|
18 | | -**Example of a Successful Response:** |
| 21 | +### 📡 API Endpoint |
| 22 | +``` |
| 23 | +GET /code/<6-digit code> |
| 24 | +``` |
| 25 | + |
| 26 | +### Example of a successful server response: |
19 | 27 | ```json |
20 | 28 | { |
| 29 | + "statusCode": 200, |
21 | 30 | "nickname": "AndcoolSystems", |
22 | | - "UUID": "1420c63c-b111-4453-993f-b3479ba1d4c6", |
23 | | - "status": "success" |
| 31 | + "UUID": "1420c63cb1114453993fb3479ba1d4c6" |
24 | 32 | } |
25 | 33 | ``` |
26 | 34 |
|
27 | | -## Detailed description |
28 | | - |
29 | | -The main stages of establishing a connection with the server: |
30 | | -C–Client S–Server |
31 | | -1. **C -> S** Handshake |
32 | | -2. **C -> S** Login start |
33 | | -3. **S -> C** Encryption request |
34 | | -4. **Client auth** |
35 | | -5. **C -> S** Encryption response |
36 | | -6. **Server auth + generate code** |
37 | | -7. **S -> C** Code response |
38 | | - |
39 | | -The server does not have an offline mode setting, as it would not make sense in this case, so it always tries to authenticate the player through Mojang. |
40 | | - |
41 | | -TODO: |
42 | | -- [x] Add server icon support. |
43 | | -- [ ] Add the ability to choose the authentication server. |
44 | | -- [x] Add configuration. |
45 | | -- [ ] Add a proper logger (instead of the custom SillyLogger). |
46 | | -- [x] Add text formatter for MOTD. |
| 35 | +> [!NOTE] |
| 36 | +> The code can only be used once and is valid for up to 5 minutes after it is issued to the client. After that, it is automatically deleted. |
0 commit comments