yellows111/msnp-wiki
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
msnp-wiki/docs/services/passport14.md
yellows111 4bf934f857
[v0.1.4-beta.2] everything i want before msnp13 
update version file, forgot this repo had one
fix mistakes and other such
add new information
finish passport (SOAP) stuff, may rename to RST later?, just mention in footnote for now

next commit WILL be msnp13 on 0.1.4 release, promise
2024-11-26 21:15:34 +00:00

102 lines
3.2 KiB
Markdown
Raw Blame History

# Introduction
Passport 1.4, or "Tweener", as it's sometimes called,
is an HTTP-based authentication system that was introduced with [MSNP8](../versions/msnp8.md).
For [MSNP12](../versions/msnp12.md) and above, read the [Passport (SOAP)](passportsoap.md) article.
# Nexus
The Passport Nexus is a server that provides information to other parties about how to use Passport.
It's default domain is `nexus.passport.com`.
## pprdr.asp
The Passport Redirection service returns the `PassportURLs` header, which contains the `DALogin` parameter
that is used to specify which server to attempt Passport 1.4 authentication with.
### Client/Request
```
GET /rdr/pprdr.asp HTTP/1.1
Host: nexus.passport.com
```
### Server/Response
```
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Content-Length: 0
PassportURLs: DARealm=Passport.Net,DALogin=login.passport.com/login2.srf,ConfigVersion=15
```
Where `PassportURLs` (case-sensitive) contains the following parameters:
* `DARealm`: The Domain Authority's realm name.
* `DALogin`: The Domain Authority's login endpoint.
* `ConfigVersion`: Increases by 1 every time that PassportURLs is updated to flush the URL cache.
# Passport Login
The Passport Login server is a HTTPS server that provides the login service (default is `login2.srf`)
specified in `DALogin` from the [Nexus](#nexus) response.
## login2.srf
The `login2.srf` endpoint is used for programmatic authentication.
### Client/Request
```
GET /login2.srf HTTP/1.1
Authorization: Passport1.4 Passport1.4 OrgVerb=GET,OrgURL=http%3A%2F%2Fmessenger%2Emsn%2Ecom,sign-in={user-handle},pwd={password},{server-args}
User-Agent: MSMSGS
Host: login.passport.com
Connection: Keep-Alive
Cache-Control: no-cache
```
Where `user-handle` is the URL-encoded user handle of the user to authenticate.
Where `password` is the URL-encoded password of the user to authenticate.
Where `server-args` is the parameter given to the server's response to the initial [USR](../commands/usr.md).
### Server/Response
#### Authentication Redirection
If the server you are authenticating to does not support your account type,
but knows a server that does, this is used, otherwise [Authentication Successful](#authentication-successful) is.
If you are redirected, you have to send the `Authorization` header again to the new server specified in `Location`.
```
HTTP/1.1 302 Found
Cache-Control: no-cache
cachecontrol: no-store
Connection: close
Authentication-Info: Passport1.4 da-status=redir
Location: https://loginnet.passport.com/login2.srf?lc=1033
```
#### Authentication Successful
```
HTTP/1.1 200 OK
Cache-Control: no-cache
cachecontrol: no-store
Connection: close
Content-Type: text/html
Authentication-Info: Passport1.4 dastatus=success,from-PP='t=token&p=profile',ru=http://messenger.msn.com
Content-Length: 0
```
#### Authentication Failure
The `dastatus` may instead be `failed-noretry`.
```
HTTP/1.1 Unauthorized
Cache-Control: no-cache
cachecontrol: no-store
WWW-Authenticate: Passport1.4 dastatus=failed,srealm=Passport.NET,ts=-1,prompt,cburl=http://www.passportimages.com/XPPassportLogo.gif
Content-Length: 154
<HTML><HEAD><META HTTP-EQUIV="REFRESH" CONTENT="0; URL=https://login.passport.com/pp25/login2.srf?f=11"><script>function OnBack(){}</script></HEAD></HTML>
```
Reference in a new issue View git blame Copy permalink