yellows111/msnp-wiki
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[v0.1.4-beta.2] everything i want before msnp13

Browse source 
update version file, forgot this repo had one
fix mistakes and other such
add new information
finish passport (SOAP) stuff, may rename to RST later?, just mention in footnote for now

next commit WILL be msnp13 on 0.1.4 release, promise
This commit is contained in:
Declan B. 2024-11-26 21:15:34 +00:00
parent a9bfe9e6d6
commit 4bf934f857
Signed by: yellows111
SSH key fingerprint: SHA256:ynw5IJBU1pb7fZfHgLihKu9gHHA8FVpixZbB6IEB3r8
19 changed files with 986 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/commands/ipg.md
View file

@ -23,7 +23,7 @@ Where `payload` is a [`<NOTIFICATION>` document](../files/notification.md).
## Incoming page
```
S: IPG 471
S: IPG 478
<NOTIFICATION id="0" siteid="111100400" siteurl="http://mobile.msn.com/">
<TO name="example@hotmail.com" pid="0x00000001:0x00000002" email="example@hotmail.com">
<VIA agent="mobile"/>

2
docs/commands/msg.md
View file

@ -187,4 +187,4 @@ acknowledged
# Known changes
* [MSNP3](../versions/msnp3.md): Switchboard: Added support for the `X-MMS-IM-Format` header.
* [MSNP9](../versions/msnp9.md): Switchboard: Added acknoledgement type D.
* [MSNP9](../versions/msnp9.md): Switchboard: Added acknowledgement type D.

4
docs/commands/pag.md
View file

@ -25,8 +25,8 @@ Where `payload` is a XML-like payload that encodes the following characters:
* `^` turns into `&#x5E;`
# Server/Response
This command only supports negative-acknoledgement responses only.
There is no postive acknoledgement response.
This command only supports negative-acknowledgement responses only.
There is no postive acknowledgement response.
# Examples

7
docs/commands/pgd.md
View file

@ -29,8 +29,8 @@ Where `payload` is a XML-like payload that encodes the following characters:
* `^` turns into `&#x5E;`
# Server/Response
This command only supports negative-acknoledgement responses only.
There is no postive acknoledgement response.
This command only supports negative-acknowledgement responses only.
There is no postive acknowledgement response.
# Examples
@ -71,7 +71,8 @@ S: 800 5
```
## To a Web Watch
*NOTE: Trying to do this with the buddy property `MOB` set to `Y` is impossible.*
*NOTE: Trying to do this with the buddy property
`MOB` set to `Y` is impossible in the official client.*
### Normal use
```

25
docs/commands/usr.md
View file

@ -19,8 +19,8 @@ Any further uses of this command in the same session is Undefined Behaviour.
Depending on the version of the protocol you are using, `security-package` can be:
* `CTP`: Clear Text Password. Only in [MSNP2](../versions/msnp2.md).
* `MD5`: MD5-based authentication. Only in [MSNP2](../versions/msnp2.md) to [MSNP7](../versions/msnp7.md).
* `TWN`: "Tweener", Passport 1.4 or compatible authentication service. Since [MSNP8](../versions/msnp8.md).
* `SSO`: Single Sign On, usually a more advanced Passport 3.0 authentication method. Since [MSNP15](../versions/msnp15.md).
* `TWN`: "Tweener", [Passport 1.4](../services/passport14.md) or compatible authentication service. Since [MSNP8](../versions/msnp8.md).
* `SSO`: Single Sign On, usually a more advanced [Passport (SOAP)](../services/passportsoap.md) authentication method. Since [MSNP15](../versions/msnp15.md).
### The Subsequent request
`USR TrID security-package S {...response-args}`
@ -28,9 +28,9 @@ Depending on the version of the protocol you are using, `security-package` can b
Where `response-args` can be anything, but based on `security-package` it can be:
* `CTP`: Your password in plain text.
* `MD5`: The server's login challenge concatenated with your password.
* `TWN`: The `from-PP` parameter in the `Authentication-Info` header sent in response to Passport 1.4,
or if using Passport 3.0, the `<wsse:BinarySecurityToken>` of the relevant `<wst:RequestSecurityTokenResponse>`.
* `SSO`: The same as Passport 3.0 in `TWN`, but with the extra parameter
* `TWN`: The `from-PP` parameter in the `Authentication-Info` header sent in response to [Passport 1.4](../services/passport14.md),
or if using [Passport (SOAP)](../services/passportsoap.md), the `<wsse:BinarySecurityToken>` of the relevant `<wst:RequestSecurityTokenResponse>`.
* `SSO`: The same as [Passport (SOAP)](../services/passportsoap.md) in `TWN`, but with the extra parameter
being the custom challenge response encoded as base64.
## Switchboard Server
@ -120,14 +120,15 @@ C: USR 7 SSO I example@hotmail.com
S: USR 7 SSO S MBI_KEY_OLD AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
```
*The HTTPS and key-encryption interlude has been removed from here
and is to reinstated as two seperate pages.*
*The HTTPS interlude has been moved to the [Passport (SOAP)](../services/passportsoap.md) article.*
*The key-encryption interlude has been removed from here and is to reinstated as another article.*
```
C: USR 8 SSO S t=ticket HAAAAAEAAAADZgAABIAAAAgAAAAUAAAASAAAAAAAAA
.. AAAAAA7XgT5ohvaZdoXdrWUUcMF2G8OK2JohyYcK5l5M
.. JSitab33scxJeK/RQXcUr0L+R2ZA9CEAzn0izmUzSMp
.. 2LZdxSbHtnuxCmptgtoScHp9E26HjQVkA9YJxgK/HM=
C: USR 8 SSO S t=ticket HAAAAAEAAAADZgAABIAAAAgAAAAUAAAASAAAAAA
.. AAAAAAAAA7XgT5ohvaZdoXdrWUUcMF2G8OK2JohyYcK5l5MJSitab33scxJe
.. K/RQXcUr0L+R2ZA9CEAzn0izmUzSMp2LZdxSbHtnuxCmptgtoScHp9E26HjQ
.. VkA9YJxgK/HM=
S: USR 8 OK example@hotmail.com
```
@ -206,6 +207,6 @@ S: USR 20 OK example@passport.com example%20user
# Known changes
* [MSNP3](../versions/msnp3.md): Removed the `CTP` security package.
* [MSNP6](../versions/msnp6.md): Added account verification bit to [USR OK](#successfully-authenticated).
* [MSNP8](../versions/msnp8.md): Added an unknown bit to [USR OK](#successfully-authenticated) and
* [MSNP8](../versions/msnp8.md): Added account restriction bit to [USR OK](#successfully-authenticated) and
removed the `MD5` security package, and replaced with the `TWN` security package.
* [MSNP15](../versions/msnp15.md): Added support for the `SSO` security package.

9
docs/index.md
View file

@ -33,6 +33,7 @@ More is to come soon! Hopefully!
* [Contact Sharing Service](services/sharingservice.md)
* [Messenger Config Service](services/msgrconfig.md)
* [Passport 1.4](services/passport14.md)
* [Passport (SOAP)](services/passportsoap.md)
More is to come soon! Hopefully!
@ -79,12 +80,12 @@ More is to come soon! Hopefully!
## We know, but isn't written
* [Messenger Config service](services/msgrconfig.md): maybe provide examples?
* [MSNP13](versions/msnp13.md): just write this page already
* [Passport SOAP](services/passportsoap.md): document this service for [MSNP12](versions/msnp12.md), [MSNP13](versions/msnp13.md) and above.
Examples would be nice, too.
* MSNC1: the client-to-client subprotocol introduced with [MSNP9](versions/msnp9.md), un-sure where to put this one...
* MSNP2P: the sub-protocol used for file transfers in [MSNP5](versions/msnp5.md), also un-sure where to put this one...
### We know SOME Information
* Offline IMs (OIM) SOAP service: Absolutely needs a service page, since it's been in since [MSNP11](versions/msnp11.md).
## Unsolved Mysteries
* [INF command](commands/inf.md): ***Why*** does the [MSNP2](versions/msnp2.md) [draft](https://datatracker.ietf.org/doc/html/draft-movva-msn-messenger-protocol-00#section-7.2) have this in Switchboard? It's not used by any client as far as i'm aware.
* [FND command](commands/fnd.md): Why does this have an iterator if you can't send it over multiple packets?
@ -101,7 +102,7 @@ More is to come soon! Hopefully!
* `svcs.microsoft.com`: Usually a grab-bag of random XML files or services used for clients older than Client Version 6.0.
* Protocol Split: A MSNP version that usually defines a point of no return.
* PP14: [Passport SSI Version 1.4](services/passport14.md).
* PP30: Passport over SOAP that was implemented in Client Version 7.5+ ([MSNP12](versions/msnp12.md)).
* PPSOAP: [Passport (SOAP)](services/passportsoap.md) that was implemented in Client Version 7.5+ ([MSNP12](versions/msnp12.md)).
* SOAP: Simple Object Access Protocol, A message schema based on XML. That's the kindest thing I can write about it.
* Passport: The Authentication Server and/or Protocol.
* Undefined Behaviour: An intentional blank left in the documentation, basically as a "I am not responsible for what this does to your client or server" warning.

2
docs/services/abservice.md
View file

@ -37,7 +37,7 @@ This is used by all Actions listed, as far as we know.
The following also applies to the [Contact Sharing Service](sharingservice.md).
## Client/Request
The following sub-headings are XML elements for the server's response.
The following sub-headings are XML elements for the client's request.
### soap:Envelope
This element has four attributes:

2
docs/services/abservice/abfindall.md
View file

@ -68,7 +68,7 @@ This element contains six children:
This element contains any amount of `<Contact>` elements.
##### Contact
This element contains x children:
This element contains five children:
* `<contactId>`: The GUID of this contact.
* `<contactInfo`: Described on it's [own page](contactinfo.md).
* `<propertiesChanged>`: Contains a space delimited list of changed elements in `<contactInfo>`:

6
docs/services/passport14.md
View file

@ -2,7 +2,7 @@
Passport 1.4, or "Tweener", as it's sometimes called,
is an HTTP-based authentication system that was introduced with [MSNP8](../versions/msnp8.md).
For [MSNP12](../versions/msnp12.md) and above, read Passport 3.0.
For [MSNP12](../versions/msnp12.md) and above, read the [Passport (SOAP)](passportsoap.md) article.
# Nexus
The Passport Nexus is a server that provides information to other parties about how to use Passport.
@ -57,7 +57,7 @@ Where `user-handle` is the URL-encoded user handle of the user to authenticate.
Where `password` is the URL-encoded password of the user to authenticate.
Where `server-args` is the parameter given to the server's response to the Initial [USR](../commands/usr.md).
Where `server-args` is the parameter given to the server's response to the initial [USR](../commands/usr.md).
### Server/Response
@ -95,7 +95,7 @@ The `dastatus` may instead be `failed-noretry`.
HTTP/1.1 Unauthorized
Cache-Control: no-cache
cachecontrol: no-store
WWW-Authenticate Passport1.4 dastatus=failed,srealm=Passport.NET,ts=-1,prompt,cburl=http://www.passportimages.com/XPPassportLogo.gif
WWW-Authenticate: Passport1.4 dastatus=failed,srealm=Passport.NET,ts=-1,prompt,cburl=http://www.passportimages.com/XPPassportLogo.gif
Content-Length: 154
<HTML><HEAD><META HTTP-EQUIV="REFRESH" CONTENT="0; URL=https://login.passport.com/pp25/login2.srf?f=11"><script>function OnBack(){}</script></HEAD></HTML>

922
docs/services/passportsoap.md Normal file
View file

@ -0,0 +1,922 @@
# Introduction
Passport (SOAP), or "Passport 3.0" as it's sometimes called,
is a HTTP-based authentication system that was introduced with [MSNP12](../versions/msnp12.md).
The endpoint is called `RST.srf`, reciding on the `login.passport.net` or `login.live.com` domain.
For [MSNP8](../versions/msnp8.md) to [MSNP11](../versions/msnp11.md), read the [Passport 1.4](passport14.md) article.
# Client/Request
The following sub-headers are XML elements for the client's request.
## soap:Envelope
This element has eight attributes:
* `xmlns:soap`: Is always set to `http://schemas.xmlsoap.org/soap/envelope/`.
* `xmlns:wsse`: Is always set to `http://schemas.xmlsoap.org/ws/2003/06/secext`.
* `xmlns:saml`: Is always set to `urn:oasis:names:tc:SAML:1.0:assertion`.
* `xmlns:wsp`: Is always set to `http://schemas.xmlsoap.org/ws/2002/12/policy`.
* `xmlns:wsu`: Is always set to `http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd`.
* `xmlns:wsa`: Is always set to `http://schemas.xmlsoap.org/ws/2004/03/addressing`.
* `xmlns:wssc`: Is always set to `http://schemas.xmlsoap.org/ws/2004/04/sc`.
* `xmlns:wst`: Is always seto to `http://schemas.xmlsoap.org/ws/2004/04/trust`.
### soap:Header
This element only contains both the `<ps:AuthInfo>` and `<wsse:Security>` children.
#### ps:AuthInfo
This element has two attributes:
* `xmlns:ps`: Is always set to `http://schemas.microsoft.com/Passport/SoapServices/PPCRL`.
* `Id`: Is always set to `PPAuthInfo`.
This element has five children:
* `<ps:HostingApp>`: The GUID (with braces) of the client that is authenticating.
* `<ps:BinaryVersion>`: A number, usually `4`, but can be higher, or lowered to `3`.
* `<ps:UIVersion>`: Is always set to `1`.
* `<ps:Cookies>`: This element is always empty.
* `<ps:RequestParams>`: A base64-encoded binary structure that seems to be in
the format of a 32-bit little endian integer of the amount of parameters,
then an 32-bit little endian integer length and character data for the side of the pair,
with there being a key side of the pair, and a value side of the pair.
#### wsse:Security
This element only contains the `<wsse:UsernameToken>` element.
##### wsse:UsernameToken
This element has only one attribute:
* `Id`: Is always set to `user`.
This element has two children:
* `<wsse:Username>`: The XML-encoded user handle of the user authenticating.
* `<wsse:Password>`: The XML-encoded password of the user authenticating.
### soap:Body
This element only contains the `<ps:RequestMultipleSecurityTokens>` element.
If there is only one [`<wst:RequestSecurityToken>`](#wstrequestsecuritytoken) element,
it may replace the `<ps:RequestMultipleSecurityTokens>` element.
#### ps:RequestMultipleSecurityTokens
This element has two attributes:
* `xmlns:ps`: Is always set to `http://schemas.microsoft.com/Passport/SoapServices/PPCRL`.
* `Id`: Is always set to `RSTS`.
This element contains one or multiple
[`<wst:RequestSecurityToken>`](#wstrequestsecuritytoken) elements.
# wst:RequestSecurityToken
This element has only one attribute:
* `Id`: Is set to `RST#`, with `#` incrementing every use of this element, starting from `0`.
## wst:RequestType
This element always contains the value `http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue`.
## wsp:AppliesTo
This element only contains the `<wsa:EndpointReference>` element.
### wsa:EndpointReference
This element only contains one of two mutually exclusive elements:
1. `<wsa:Address>`: By URL or domain name
2. `<wsa:ServiceName>`: By service name
#### wsa:Address
This element contains the target domain for this security token:
* `http://Passport.NET/tb`: Legacy authentication, One of these is always required (usually as `RST0`). Does not set a `<wsse:PolicyReference>`.
* `messengerclear.live.com`: The domain used for solving `MBI_KEY_OLD` challenges. Uses a policy defined by the MSNP server, which is usually `MBI_KEY_OLD`.
* `messenger.msn.com`: The usual domain for authenticating to the Messenger Service. Uses passport unique parameters (`?...`)
defined by the MSNP server, or `?id=507` if using `messengerclear.live.com` to authenticate.
* `contacts.msn.com`: Used for the [Address Book Service](abservice.md). Uses passport unique parameters (`?...`) or `MBI`
(since [MSNP15](../versions/msnp15.md)). Required since [MSNP13](../versions/msnp13.md).
* `messengersecure.live.com`: A secure version of `messenger.msn.com`, with unknown use. Uses `MBI_SSL`.
* `spaces.msn.com`: The blog service. Uses `MBI`.
* `spaces.live.com`: The blog service. Uses `MBI`.
* `livecontacts.live.com`: The Live Contacts ABI, apparently a simplified version of the [Address Book Service](abservice.md).
* `storage.msn.com`: The user storage service. Uses `MBI_SSL`. Required for [MSNP15](../versions/msnp15.md)'s roaming user content support.
#### wsa:ServiceName
This element contains the target service name for this security token:
* `p2pslc.messenger.msn.com`: The peer-to-peer "slc" service. Uses `MBI_X509_CID`.
## wst:Supporting
This optional element only exists if the [`<wsse:PolicyReference>`](#wssepolicyreference) requires it.
### wsse:BinarySecurityToken
This element has two attributes:
* `ValueType`: Usually only seen set to `http://schemas.microsoft.com/Passport/SoapServices/PPCRL#PKCS10`.
* `EncodingType`: Usually only seen set to `wsse:Base64Binary`.
This element's value is the binary token, which has only been observed to be a PKCS#10 certificate request
in SHA1-RSA format (1024 bits), with the Common Name (CN) set to `MSIDCRL`.
## wsse:PolicyReference
This optional element has only one attribute:
* `URI`: The security policy of this security token:
* `MBI_KEY_OLD`: Calculate a challenge with the server's `<wst:BinarySecret>`.
* `MBI_KEY`: Unknown, but probably not unlike `MBI_KEY_OLD`?
* `MBI`: No special parameters.
* `MBI_SSL`: No special parameters and encrypted transport only.
* `MBI_X509_CID`: Unknown, but based on user certificates. Only used with `p2pslc.messenger.msn.com`.
* (any policy starting with `?`): Authenticate using special parameters, akin to [Passport 1.4](passport14.md).
# Server/Response
The following sub-headers are XML elements for the server's response.
## soap:Envelope
This element has only one attribute:
* `xmlns:soap`: Is always set to `http://schemas.xmlsoap.org/soap/envelope/`.
### soap:Header
This element only contains the `<psf:pp>` element.
#### psf:pp
This element has only one attribute:
* `xmlns:psf`: Is always set to `http://schemas.microsoft.com/Passport/SoapServices/SOAPFault`.
This element has nine children:
* `<psf:serverVersion>`: Only observed to be `1`.
* `<psf:PUID>`: The user's Passport Unique ID, expressed as a 16-bit captitalized hexadecimal stream.
* `<psf:configVersion>`: The configuration version expressed as a quadruplet.
* `<psf:uiVersion>`: The user interface version expressed as a quadruplet.
* `<psf:authstate>`: This is always `0x48803` (`PPCRL_AUTHSTATE_S_AUTHENTICATED_PASSWORD`) for successful authentications.
* `<psf:regstatus>`: This is always `0x0` for successful authentications.
* `<psf:serverInfo>`: This element has the server's identification string and the following four attributes:
* `Path`: Always set to `Live1`.
* `RollingUpgradeState`: Always set to `ExclusiveNew`.
* `LocVersion`: Always set to `0`.
* `ServerTime`: A ISO 8601 timestamp that specifies the time this response was generated.
* `<psf:cookies>`: This element is always empty.
* `<psf:response>`: This element is always empty.
### soap:Body
This element only contains the `<wst:RequestSecurityTokenResponseCollection>` element.
#### wst:RequestSecurityTokenResponseCollection
This element has six attributes:
* `xmlns:wst`: Is always set to `http://schemas.xmlsoap.org/ws/2004/04/trust`.
* `xmlns:wsse`: Is always set to `http://schemas.xmlsoap.org/ws/2003/06/secext`.
* `xmlns:wsu`: Is always set to `http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd`.
* `xmlns:saml`: Is always set to `urn:oasis:names:tc:SAML:1.0:assertion`.
* `xmlns:wsp`: Is always set to `http://schemas.xmlsoap.org/ws/2002/12/policy`.
* `xmlns:psf`: Is always set to `http://schemas.microsoft.com/Passport/SoapServices/SOAPFault`.
This element contains one or multiple
[`<wst:RequestSecurityTokenResponse>`](#wstrequestsecuritytokenresponse) elements.
# wst:RequestSecurityTokenResponse
This element has four required children and one optional child:
* `<wst:TokenType>`: The type of security token this `<wst:RequestSecurityTokenResponse>` is.
* `<wsp:AppliesTo>`: Defines what can use this security token.
* `<wst:RequestedSecurityToken>`: The security token itself.
* `<wst:RequestedTokenReference>`: The reference location of where the security token is stored.
* `<wst:RequestedProofToken>` (Optional): The proof token used for `urn:passport:legacy` tokens or `MBI_KEY_OLD` policies.
## wst:TokenType
This element only contains either the value `urn:passport:legacy` or `urn:passport:compact`.
## wsp:AppliesTo
This element has only one attribute:
* `xmlns:wsa`: Is always set to `http://schemas.xmlsoap.org/ws/2004/03/addressing`.
This element only contains the `<wsa:EndpointReference>` element.
### wsa:EndpointReference
This element only contains the `<wsa:Address>` element.
#### wsa:Address
This element contains the target domain for this security token:
* `http://Passport.NET/tb`: Legacy authentication, One of these is always required (usually as `RST0`). Does not set a `<wsse:PolicyReference>`.
* `messengerclear.live.com`: The domain used for solving `MBI_KEY_OLD` challenges. Uses a policy defined by the MSNP server, which is usually `MBI_KEY_OLD`.
* `messenger.msn.com`: The usual domain for authenticating to the Messenger Service. Uses passport unique parameters (`?...`)
defined by the MSNP server, or `?id=507` if using `messengerclear.live.com` to authenticate.
* `contacts.msn.com`: Used for the [Address Book Service](abservice.md). Uses passport unique parameters (`?...`) or `MBI`
(since [MSNP15](../versions/msnp15.md)). Required since [MSNP13](../versions/msnp13.md).
* `messengersecure.live.com`: A secure version of `messenger.msn.com`, with unknown use. Uses `MBI_SSL`.
* `spaces.msn.com`: The blog service. Uses `MBI`.
* `spaces.live.com`: The blog service. Uses `MBI`.
* `livecontacts.live.com`: The Live Contacts ABI, apparently a simplified version of the [Address Book Service](abservice.md).
* `storage.msn.com`: The user storage service. Uses `MBI_SSL`. Required for [MSNP15](../versions/msnp15.md)'s roaming user content support.
## wst:LifeTime
This element has two children:
* `<wsu:Created>`: The ISO 8601 timestamp of when this security token was generated.
* `<wsu:Expires>`: The ISO 8601 timestamp of when this security token expires.
## wst:RequestedSecurityToken
This element has different children based on the value of the
[`<wst:TokenType>`](#wsttokentype) element.
### [urn:passport:legacy children]
These elements are only included in `<wst:RequestedSecurityToken>` if the value of
[`<wst:TokenType>`](#wsttokentype) element is set to `urn:passport:legacy`.
#### EncryptedData
This element has three attributes:
* `xmlns`: This is always `http://www.w3.org/2001/04/xmlenc#`.
* `Id`: This is always set to `BinaryDAToken#`, with the `#` being incremented every use of the
`<wst:RequestSecurityTokenResponse>` element starting from `0`.
* `Type`: This is always set to `http://www.w3.org/2001/04/xmlenc#Element`.
##### EncryptionMethod
This empty element has only one attribute:
* `Algorithm`: This is always set to `http://www.w3.org/2001/04/xmlenc#tripledes-cbc`.
##### ds:KeyInfo
This element has only one attribute:
* `xmlns:ds`: This is always set to `http://www.w3.org/2000/09/xmldsig#`.
This element only has one child:
* `<ds:KeyName>`: Only observed to be `http://Passport.NET/STS`
##### CipherData
This element has only one child:
* `<CipherValue>`: Likely to be a Passport Token of some kind, just 3DES encrypted.
(If you know how this is used, please contact me!)
### [urn:passport:compact children]
These elements are only included in `<wst:RequestedSecurityToken>` if the value of
[`<wst:TokenType>`](#wsttokentype) element is set to `urn:passport:compact`.
#### wsse:BinarySecurityToken
This element has only one attribute:
* `Id`: This is always set to `Compact#`, with the `#` being incremented every use of the
`<wst:RequestSecurityTokenResponse>` element starting from `0`.
This element contains the Passport token and profile parameters as a XML-encoded value.
(`t=token&amp;p=profile`)
## wst:RequestedTokenReference
This element has two children:
* `<wsse:KeyIdentifier>`: This empty element has only one attribute:
* `ValueType`: This is either `urn:passport` or `urn:passport:compact`.
* `<wsse:Reference>`: This empty element has only one attribute:
* `URI`: The URI that has the contents of the security token.
Usually refers to the first child of the `<wst:RequestedSecurityToken>` element
via it's `Id` attribute, using the `#` prefix followed by the value of the `Id` attribute.
## wst:RequestedProofToken
This optional element only has one child:
* `<wst:BinarySecret>`: The binary secret for this token
# RST.srf
## Basic Request
*Only in [MSNP12](../versions/msnp12.md).*
### Client/Request
```
POST /RST.srf HTTP/1.1
Cache-Control: no-cache
Content-Type: text/xml; charset=utf-8
Content-Length: {data-length}
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2003/06/secext"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
xmlns:wssc="http://schemas.xmlsoap.org/ws/2004/04/sc"
xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust"
>
<soap:Header>
<ps:AuthInfo
xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL"
Id="PPAuthInfo"
>
<ps:HostingApp>{7108E71A-9926-4FCB-BCC9-9A9D3F32E423}</ps:HostingApp>
<ps:BinaryVersion>4</ps:BinaryVersion>
<ps:UIVersion>1</ps:UIVersion>
<ps:Cookies></ps:Cookies>
<ps:RequestParams>AQAAAAIAAABsYwQAAAAyMDU3</ps:RequestParams>
</ps:AuthInfo>
<wsse:Security>
<wsse:UsernameToken
Id="user
>
<wsse:Username>{user-handle}</wsse:Username>
<wsse:Password>{password}</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<ps:RequestMultipleSecurityTokens
xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL"
Id="RSTS"
>
<wst:RequestSecurityToken
Id="RST0"
>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://Passport.NET/tb</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
</wst:RequestSecurityToken>
<wst:RequestSecurityToken
Id="RST1"
>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>messenger.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wsse:PolicyReference
URI="?{server-args}"
/>
</wst:RequestSecurityToken>
</ps:RequestMultipleSecurityTokens>
</soap:Body>
</soap:Envelope>
```
Where `data-length` is the total size of the XML document with the placeholders changed to their correct values.
Where `user-handle` is the XML-encoded user handle of the user to authenticate.
Where `password` is the XML-encoded password of the user to authenticate.
Where `server-args` is the parameter given to the server's response to the initial [USR](../commands/usr.md).
### Server/Response
*NOTE: The legacy Passport token has been removed to prevent issues with scrolling.*
```
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: 3557
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
>
<soap:Header>
<psf:pp
xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices/SOAPFault"
>
<psf:serverVersion>1</psf:serverVersion>
<psf:PUID>0000000100000002</psf:PUID>
<psf:configVersion>3.0.869.0</psf:configVersion>
<psf:uiVersion>3.0.869.0</psf:uiVersion>
<psf:authstate>0x48803</psf:authstate>
<psf:reqstatus>0x0</psf:reqstatus>
<psf:serverInfo
Path="Live1"
RollingUpgradeState="ExclusiveNew"
LocVersion="0"
ServerTime="2024-11-22T14:45:20Z"
>yellows111 2024.11.22.14.45.20</psf:serverInfo>
<psf:cookies/>
<psf:response/>
</psf:pp>
</soap:Header>
<soap:Body>
<wst:RequestSecurityTokenResponseCollection
xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2003/06/secext"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy"
xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices/SOAPFault"
>
<wst:RequestSecurityTokenResponse>
<wst:TokenType>urn:passport:legacy</wst:TokenType>
<wsp:AppliesTo
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
>
<wsa:EndpointReference>
<wsa:Address>http://Passport.NET/tb</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Created>2024-11-22T14:45:20Z</wsu:Created>
<wsu:Expires>2024-11-22T14:45:20Z</wsu:Expires>
</wst:LifeTime>
<wst:RequestedSecurityToken>
<EncryptedData
xmlns="http://www.w3.org/2001/04/xmlenc#"
Id="BinaryDAToken0"
Type="http://www.w3.org/2001/04/xmlenc#Element"
>
<EncryptionMethod
algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
/>
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
>
<ds:KeyName>http://Passport.NET/STS</ds:KeyName>
</ds:KeyInfo>
<CipherData>
<CipherValue>[[removed intentionally]]</CipherValue>
</CipherData>
</EncryptedData>
</wst:RequestedSecurityToken>
<wst:RequestedTokenReference>
<wsse:KeyIdentifier
ValueType="urn:passport"
/>
<wsse:Reference
URI="#BinaryDAToken0"
/>
</wst:RequestedTokenReference>
<wst:RequestedProofToken>
<wst:BinarySecret>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=</wst:BinarySecret>
</wst:RequestedProofToken>
</wst:RequestSecurityTokenResponse>
<wst:RequestSecurityTokenResponse>
<wst:TokenType>urn:passport:compact</wst:TokenType>
<wsp:AppliesTo
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
>
<wsa:EndpointReference>
<wsa:Address>messenger.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Created>2024-11-22T14:45:20Z</wsu:Created>
<wsu:Expires>2024-11-22T14:45:20Z</wsu:Expires>
</wst:LifeTime>
<wst:RequestedSecurityToken>
<wsse:BinarySecurityToken
Id="Compact1"
>t=token&amp;p=profile</wsse:BinarySecurityToken>
</wst:RequestedSecurityToken>
<wst:RequestedTokenReference>
<wsse:KeyIdentifier
ValueType="urn:passport:compact"
/>
<wsse:Reference
URI="#Compact1"
/>
</wst:RequestedTokenReference>
</wst:RequestSecurityTokenResponse>
</wst:RequestSecurityTokenResponseCollection>
</soap:Body>
</soap:Envelope>
```
## With contacts.msn.com
*Only in [MSNP13](../versions/msnp13.md) and [MSNP14](../versions/msnp14.md).*
### Client/Request
```
POST /RST.srf HTTP/1.1
Cache-Control: no-cache
Content-Type: text/xml; charset=utf-8
Content-Length: {data-length}
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
>
<soap:Header>
</soap:Header>
<soap:Body>
<ps:RequestMultipleSecurityTokens
xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL"
Id="RSTS"
>
<wst:RequestSecurityToken
Id="RST0"
>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://Passport.NET/tb</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
</wst:RequestSecurityToken>
<wst:RequestSecurityToken
Id="RST1"
>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>messenger.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wsse:PolicyReference
URI="?{server-args}"
/>
</wst:RequestSecurityToken>
<wst:RequestSecurityToken
Id="RST2"
>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>contacts.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wsse:PolicyReference
URI="MBI"
/>
</wst:RequestSecurityToken>
</ps:RequestMultipleSecurityTokens>
</soap:Body>
</soap:Envelope>
```
Where `data-length` is the total size of the XML document with the placeholders changed to their correct values.
Where `user-handle` is the XML-encoded user handle of the user to authenticate.
Where `password` is the XML-encoded password of the user to authenticate.
Where `server-args` is the parameter given to the server's response to the initial [USR](../commands/usr.md).
### Server/Response
*NOTE: The legacy Passport token has been removed to prevent issues with scrolling.*
```
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: 4382
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
>
<soap:Header>
<psf:pp
xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices/SOAPFault"
>
<psf:serverVersion>1</psf:serverVersion>
<psf:PUID>0000000100000002</psf:PUID>
<psf:configVersion>3.0.869.0</psf:configVersion>
<psf:uiVersion>3.0.869.0</psf:uiVersion>
<psf:authstate>0x48803</psf:authstate>
<psf:reqstatus>0x0</psf:reqstatus>
<psf:serverInfo
Path="Live1"
RollingUpgradeState="ExclusiveNew"
LocVersion="0"
ServerTime="2024-11-22T14:45:20Z"
>yellows111 2024.11.22.14.45.20</psf:serverInfo>
<psf:cookies/>
<psf:response/>
</psf:pp>
</soap:Header>
<soap:Body>
<wst:RequestSecurityTokenResponseCollection
xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2003/06/secext"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy"
xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices/SOAPFault"
>
<wst:RequestSecurityTokenResponse>
<wst:TokenType>urn:passport:legacy</wst:TokenType>
<wsp:AppliesTo
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
>
<wsa:EndpointReference>
<wsa:Address>http://Passport.NET/tb</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Created>2024-11-22T14:45:20Z</wsu:Created>
<wsu:Expires>2024-11-22T14:45:20Z</wsu:Expires>
</wst:LifeTime>
<wst:RequestedSecurityToken>
<EncryptedData
xmlns="http://www.w3.org/2001/04/xmlenc#"
Id="BinaryDAToken0"
Type="http://www.w3.org/2001/04/xmlenc#Element"
>
<EncryptionMethod
algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
/>
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
>
<ds:KeyName>http://Passport.NET/STS</ds:KeyName>
</ds:KeyInfo>
<CipherData>
<CipherValue>[[removed intentionally]]</CipherValue>
</CipherData>
</EncryptedData>
</wst:RequestedSecurityToken>
<wst:RequestedTokenReference>
<wsse:KeyIdentifier
ValueType="urn:passport"
/>
<wsse:Reference
URI="#BinaryDAToken0"
/>
</wst:RequestedTokenReference>
<wst:RequestedProofToken>
<wst:BinarySecret>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=</wst:BinarySecret>
</wst:RequestedProofToken>
</wst:RequestSecurityTokenResponse>
<wst:RequestSecurityTokenResponse>
<wst:TokenType>urn:passport:compact</wst:TokenType>
<wsp:AppliesTo
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
>
<wsa:EndpointReference>
<wsa:Address>messenger.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Created>2024-11-22T14:45:20Z</wsu:Created>
<wsu:Expires>2024-11-22T14:45:20Z</wsu:Expires>
</wst:LifeTime>
<wst:RequestedSecurityToken>
<wsse:BinarySecurityToken
Id="Compact1"
>t=token&amp;p=profile</wsse:BinarySecurityToken>
</wst:RequestedSecurityToken>
<wst:RequestedTokenReference>
<wsse:KeyIdentifier
ValueType="urn:passport:compact"
/>
<wsse:Reference
URI="#Compact1"
/>
</wst:RequestedTokenReference>
</wst:RequestSecurityTokenResponse>
<wst:RequestSecurityTokenResponse>
<wst:TokenType>urn:passport:compact</wst:TokenType>
<wsp:AppliesTo
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
>
<wsa:EndpointReference>
<wsa:Address>contacts.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Created>2024-11-22T14:45:20Z</wsu:Created>
<wsu:Expires>2024-11-22T14:45:20Z</wsu:Expires>
</wst:LifeTime>
<wst:RequestedSecurityToken>
<wsse:BinarySecurityToken
Id="Compact2"
>t=token&amp;p=profile</wsse:BinarySecurityToken>
</wst:RequestedSecurityToken>
<wst:RequestedTokenReference>
<wsse:KeyIdentifier
ValueType="urn:passport:compact"
/>
<wsse:Reference
URI="#Compact2"
/>
</wst:RequestedTokenReference>
</wst:RequestSecurityTokenResponseCollection>
</soap:Body>
</soap:Envelope>
```
## WIth MBI\_OLD\_KEY
*Since [MSNP15](../versions/msnp15.md).*
### Client/Request
```
POST /RST.srf HTTP/1.1
Cache-Control: no-cache
Content-Type: text/xml; charset=utf-8
Content-Length: {data-length}
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
>
<soap:Header>
</soap:Header>
<soap:Body>
<ps:RequestMultipleSecurityTokens
xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL"
Id="RSTS"
>
<wst:RequestSecurityToken
Id="RST0"
>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://Passport.NET/tb</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
</wst:RequestSecurityToken>
<wst:RequestSecuirtyToken
Id="RST1"
>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>messengerclear.live.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wsse:PolicyReference
URI="MBI_KEY_OLD"
/>
</wst:RequestSecurityToken>
<wst:RequestSecurityToken
Id="RST2"
>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>messenger.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wsse:PolicyReference
URI="?id=507"
/>
</wst:RequestSecurityToken>
<wst:RequestSecurityToken
Id="RST3"
>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>contacts.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wsse:PolicyReference
URI="MBI"
/>
</wst:RequestSecurityToken>
</ps:RequestMultipleSecurityTokens>
</soap:Body>
</soap:Envelope>
```
Where `data-length` is the total size of the XML document with the placeholders changed to their correct values.
Where `user-handle` is the XML-encoded user handle of the user to authenticate.
Where `password` is the XML-encoded password of the user to authenticate.
*NOTE: Technically `MBI_KEY_OLD` is just defined by the server's response to the initial [USR](../commands/usr.md).*
### Server/Response
*NOTE: The legacy Passport token has been removed to prevent issues with scrolling.*
```
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: 5427
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
>
<soap:Header>
<psf:pp
xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices/SOAPFault"
>
<psf:serverVersion>1</psf:serverVersion>
<psf:PUID>0000000100000002</psf:PUID>
<psf:configVersion>3.0.869.0</psf:configVersion>
<psf:uiVersion>3.0.869.0</psf:uiVersion>
<psf:authstate>0x48803</psf:authstate>
<psf:reqstatus>0x0</psf:reqstatus>
<psf:serverInfo
Path="Live1"
RollingUpgradeState="ExclusiveNew"
LocVersion="0"
ServerTime="2024-11-22T14:45:20Z"
>yellows111 2024.11.22.14.45.20</psf:serverInfo>
<psf:cookies/>
<psf:response/>
</psf:pp>
</soap:Header>
<soap:Body>
<wst:RequestSecurityTokenResponseCollection
xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2003/06/secext"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy"
xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices/SOAPFault"
>
<wst:RequestSecurityTokenResponse>
<wst:TokenType>urn:passport:legacy</wst:TokenType>
<wsp:AppliesTo
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
>
<wsa:EndpointReference>
<wsa:Address>http://Passport.NET/tb</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Created>2024-11-22T14:45:20Z</wsu:Created>
<wsu:Expires>2024-11-22T14:45:20Z</wsu:Expires>
</wst:LifeTime>
<wst:RequestedSecurityToken>
<EncryptedData
xmlns="http://www.w3.org/2001/04/xmlenc#"
Id="BinaryDAToken0"
Type="http://www.w3.org/2001/04/xmlenc#Element"
>
<EncryptionMethod
algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
/>
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
>
<ds:KeyName>http://Passport.NET/STS</ds:KeyName>
</ds:KeyInfo>
<CipherData>
<CipherValue>[[removed intentionally]]</CipherValue>
</CipherData>
</EncryptedData>
</wst:RequestedSecurityToken>
<wst:RequestedTokenReference>
<wsse:KeyIdentifier
ValueType="urn:passport"
/>
<wsse:Reference
URI="#BinaryDAToken0"
/>
</wst:RequestedTokenReference>
<wst:RequestedProofToken>
<wst:BinarySecret>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=</wst:BinarySecret>
</wst:RequestedProofToken>
</wst:RequestSecurityTokenResponse>
<wst:RequestSecurityTokenResponse>
<wst:TokenType>urn:passport:compact</wst:TokenType>
<wsp:AppliesTo
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
>
<wsa:EndpointReference>
<wsa:Address>messengerclear.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Created>2024-11-22T14:45:20Z</wsu:Created>
<wsu:Expires>2024-11-22T14:45:20Z</wsu:Expires>
</wst:LifeTime>
<wst:RequestedSecurityToken>
<wsse:BinarySecurityToken
Id="Compact1"
>t=token&amp;p=profile</wsse:BinarySecurityToken>
</wst:RequestedSecurityToken>
<wst:RequestedTokenReference>
<wsse:KeyIdentifier
ValueType="urn:passport:compact"
/>
<wsse:Reference
URI="#Compact1"
/>
</wst:RequestedTokenReference>
<wst:RequestedProofToken>
<wst:BinarySecret>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=</wst:BinarySecret>
</wst:RequestedProofToken>
</wst:RequestSecurityTokenResponse>
<wst:RequestSecurityTokenResponse>
<wst:TokenType>urn:passport:compact</wst:TokenType>
<wsp:AppliesTo
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
>
<wsa:EndpointReference>
<wsa:Address>messenger.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Created>2024-11-22T14:45:20Z</wsu:Created>
<wsu:Expires>2024-11-22T14:45:20Z</wsu:Expires>
</wst:LifeTime>
<wst:RequestedSecurityToken>
<wsse:BinarySecurityToken
Id="Compact2"
>t=token&amp;p=profile</wsse:BinarySecurityToken>
</wst:RequestedSecurityToken>
<wst:RequestedTokenReference>
<wsse:KeyIdentifier
ValueType="urn:passport:compact"
/>
<wsse:Reference
URI="#Compact2"
/>
</wst:RequestedTokenReference>
</wst:RequestSecurityTokenResponse>
<wst:RequestSecurityTokenResponse>
<wst:TokenType>urn:passport:compact</wst:TokenType>
<wsp:AppliesTo
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
>
<wsa:EndpointReference>
<wsa:Address>contacts.msn.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Created>2024-11-22T14:45:20Z</wsu:Created>
<wsu:Expires>2024-11-22T14:45:20Z</wsu:Expires>
</wst:LifeTime>
<wst:RequestedSecurityToken>
<wsse:BinarySecurityToken
Id="Compact3"
>t=token&amp;p=profile</wsse:BinarySecurityToken>
</wst:RequestedSecurityToken>
<wst:RequestedTokenReference>
<wsse:KeyIdentifier
ValueType="urn:passport:compact"
/>
<wsse:Reference
URI="#Compact3"
/>
</wst:RequestedTokenReference>
</wst:RequestSecurityTokenResponse>
</wst:RequestSecurityTokenResponseCollection>
</soap:Body>
</soap:Envelope>
```

4
docs/services/sharingservice.md
View file

@ -7,9 +7,9 @@ It manages the Messenger Service's Allow List (AL), Block List (BL), Reverse Lis
It's default HTTP URL is `http://byrdr.omega.contacts.msn.com/abservice/SharingService.asmx`.
It's default HTTPS URL is `https://byrdr.omega.contacts.msn.com/abservice/SharingService.asmx`.
This service requires [Passport authentication](passport14.md).
This service requires [Passport authentication](passportsoap.md).
Related: [Address Book Service](abservice.md) (for Forward List (PL) members).
Related: [Address Book Service](abservice.md) (for Forward List (FL) members).
# Actions
*All actions listed have the prefix of

7
docs/services/sharingservice/findmembership.md
View file

@ -119,6 +119,10 @@ This element also contains the following five children IF the `<Type>` is set to
* `<PassportChanges>`: A space delimited list of elements changed in an unknown place.
* `<LookedupByCID>`: Did we search for this contact using their `<CID>` (`true` or `false`)?
This element may optionally contain the child:
* `<DisplayName>`: The current display name of the member.
(Only seen in `Reverse` and `Pending` Member roles)
# Examples
## Client/Request
@ -172,7 +176,7 @@ Content-Length: 1190
```
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: 4253
Content-Length: 4304
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
@ -244,6 +248,7 @@ Content-Length: 4253
>
<MembershipId>2</MembershipId>
<Type>Passport</Type>
<DisplayName>another user</DisplayName>
<State>Accepted</State>
<Deleted>false</Deleted>
<LastChanged>2024-11-20T12:58:02.4680000-08:00</LastChanged>

2
docs/table_of_commands.md
View file

@ -20,7 +20,7 @@ This is a list of all known MSNP commands and their originating version.
| [`NAK`](commands/nak.md) | N | N | Y | [MSNP2](versions/msnp2.md) | |
| [`BYE`](commands/bye.md) | N | N | Y | [MSNP2](versions/msnp2.md) | |
| [`ANS`](commands/ans.md) | N | Y | Y | [MSNP2](versions/msnp2.md) | [MSNP16](versions/msnp16.md) (Added MPOP Machine ID appended to the local user's handle parameter, delimited by a semi-colon) |
| [`MSG`](commands/msg.md) | Y | Y | Y | [MSNP2](versions/msnp2.md) | [MSNP9](versions/msnp9.md) (Added Acknoledgement Type D) |
| [`MSG`](commands/msg.md) | Y | Y | Y | [MSNP2](versions/msnp2.md) | [MSNP9](versions/msnp9.md) (Added Acknowledgement Type D) |
| [`IRO`](commands/iro.md) | N | N | Y | [MSNP2](versions/msnp2.md) | [MSNP12](versions/msnp12.md) (Added Client Capability flags support as parameter 5) |
| [`JOI`](commands/joi.md) | N | N | Y | [MSNP2](versions/msnp2.md) | [MSNP12](versions/msnp12.md) (Added Client Capability flags support as parameter 3) |
| [`CAL`](commands/cal.md) | N | Y | N | [MSNP2](versions/msnp2.md) | |

10
docs/versions/cvr0.md
View file

@ -22,6 +22,8 @@ It introduces the commands:
to be no longer always empty, and added current user handle to request (parameter 8)
# Client-server communication examples
*NOTE: This has been line-breaked.
Lines beginning with `..` followed by a space are continuations of the previous line.*
## Older protocols
*Only in[MSNP2](msnp2.md) to [MSNP7](msnp7.md), example using Client Version 1.0.*
@ -29,7 +31,9 @@ It introduces the commands:
C: VER 1 MSNP2 CVR0
S: VER 1 CVR0
C: CVQ 2 0x0409 win 4.10 i386 MSMSGS 1.0.0863
S: CVQ 2 5.0.0537 5.0.0537 1.0.0863 http://download.microsoft.com/download/msnmessenger/install/5.0/w98nt42kmexp/en-us/setupdl.exe http://messenger.microsoft.com
S: CVQ 2 5.0.0537 5.0.0537 1.0.0863
.. http://download.microsoft.com/download/msnmessenger/install/5.0/w98nt42kmexp/en-us/setupdl.exe
.. http://messenger.microsoft.com
```
Server disconnects client.
@ -39,6 +43,8 @@ Server disconnects client.
C: VER 1 MSNP10 MSNP9 CVR0
S: VER 1 CVR0
C: CVQ 2 0x0409 winnt 5.1 i386 MSNMSGR 6.1.0211 MSMSGS example@hotmail.com
S: CVQ 2 7.0.0813 7.0.0813 6.2.0205 http://msgr.dlservice.microsoft.com/download/5/d/9/5d9bb5b2-49c7-4890-94ab-d1d5e44a0e6d/Install_MSN_Messenger.exe http://messenger.msn.com
S: CVQ 2 7.0.0813 7.0.0813 6.2.0205
.. http://msgr.dlservice.microsoft.com/download/5/d/9/5d9bb5b2-49c7-4890-94ab-d1d5e44a0e6d/Install_MSN_Messenger.exe
.. http://messenger.msn.com
```
Server disconnects client.

6
docs/versions/msnp11.md
View file

@ -24,6 +24,12 @@ It introduces the notification service commands:
of time in minutes the client should wait before reconnecting.
* All `ABCHMigrated` changes are now the default - `ABCHMigrated: 0` is Undefined Behaviour from now on.
* [ADC](../commands/adc.md): Now supports a telephone address (`tel:`) for `N=`.
* Entire content of initial email notification changed from
`text/x-msmsgsinitialemailnotification` to `text/x-msmsgsinitialmdatanotification`.
The new format is XML-based.
* Offline Instant Messaging has been introduced, using `text/x-msmsgsoimnotification`
messages from the Notification Server using a XML-based format,
and a SOAP service for receiving message data.
* Official Client: Feature blocks are implemented using the [GCF](../commands/gcf.md) command
to download `Shields.xml`. For more information read the [Shields Configuration Data](../files/shields.md) article.
* Official Client: WebMessenger now canonically exists, the [Client Capability](../files/client_capabilities.md)

6
docs/versions/msnp12.md
View file

@ -49,12 +49,10 @@ S: CVR 5 6.1.0211 6.1.0211 6.1.0155
.. http://messenger.msn.com
C: USR 6 TWN I example@hotmail.com
```
*The HTTPS interlude is described in the [Passport 1.4](../services/passport14.md) article.*
TODO: This is actually meant to be Passport 3.0.
*The HTTPS interlude is described in the [Passport (SOAP)](../services/passportsoap.md) article.*
```
S: USR 6 TWN S passport=parameters,neat=huh,lc=1033,id=507
C: USR 7 TWN S $(pp14response.headers.authenticationInfo["from-PP"])
C: USR 7 TWN S $(xmldecode(passportsoap.BinarySecurityToken#Compact1))
S: USR 7 OK example@hotmail.com 1 0
S: SBS 0 null
S: MSG Hotmail Hotmail 465

10
docs/versions/msnp8.md
View file

@ -19,8 +19,8 @@ The following commands were removed in this version:
* Login process now [VER](../commands/ver.md)-[CVR](../commands/cvr.md)-[USR](../commands/usr.md)
instead of [VER](../commands/ver.md)-[INF](../commands/inf.md)-[USR](../commands/usr.md).
* [USR](../commands/usr.md) OK has a new parameter, Account restriction status, if set to `1`,
the Official Client will log out and ask to log in using MSN Explorer instead.
Unrestricted accounts (those that do not need to log in using MSN Explorer) will have `0` instead.
the Official Client **will** forcefully log out and **demand** that you log in using MSN Explorer instead.
Unrestricted accounts (those that do **not** need to log in using MSN Explorer) will have `0` set instead.
* Introduced `TWN` authentication method, which uses [Passport 1.4](../services/passport14.md) over HTTPS.
* Reworked [SYN](../commands/syn.md) and related response commands (notably [LSG](../commands/lsg.md) and [LST](../commands/lst.md)) drastically:
Iterators are gone, now total size of both groups and total contacts included in SYN response.
@ -28,14 +28,14 @@ The following commands were removed in this version:
Unset properties ([PRP](../commands/prp.md) commands) are now omitted. Hurray.
* [CVR](../commands/cvr.md) request now has a new 8th parameter, which is the current user.
This also applies to [CVQ](../commands/cvq.md) in [CVR0](cvr0.md).
* New initial profile fields: ClientIP and ClientPort.
ClientPort needs to be endian swapped for it's correct value.
* New initial profile fields: `ClientIP` and `ClientPort`.
`ClientPort` needs to be endian swapped for it's correct value.
Formula: `y = (((x & 0xff) * 256) + ((x & 0xff00)/256))`.
* NOTE: [FND](../commands/fnd.md) might still exist in client, but theres no way of triggering it. Practically removed.
All previous protocols also received the 502 error code.
* [BPR](../commands/bpr.md) removes related user, for some reason, default fields share same optimization as [PRP](../commands/prp.md) does.
* [LST](../commands/lst.md) (for [SYN](../commands/syn.md)): Lists are now all combined into a single number, where:
1 = Forward List (FL), 2 = Allow List (AL), 4 = BlocK List (BL), 8 = Reverse List (RL),
1 = Forward List (FL), 2 = Allow List (AL), 4 = Block List (BL), 8 = Reverse List (RL),
For example, a contact on the Forward List (FL), Allow List (AL) and Reverse List (RL)
would have their combined list number be 11.
* [CHG](../commands/chg.md), [ILN](../commands/iln.md), [NLN](../commands/nln.md):

4
package-lock.json generated
View file

@ -1,12 +1,12 @@
{
"name": "yellows-msnp-wiki",
"version": "0.1.3",
"version": "0.1.4-beta.2",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "yellows-msnp-wiki",
"version": "0.1.3",
"version": "0.1.4-beta.2",
"license": "GFDL-1.3-or-later",
"dependencies": {
"yiki": "git+https://git.kevinthe.horse/yellows111/yiki.git#semver:*"

2
package.json
View file

@ -1,6 +1,6 @@
{
"name": "yellows-msnp-wiki",
"version": "0.1.3",
"version": "0.1.4-beta.2",
"description": "The yellows111 MSNP wiki that aims for accuracy.",
"author": "yellows111",
"license": "GFDL-1.3-or-later",