yellows111
4bf934f857
update version file, forgot this repo had one fix mistakes and other such add new information finish passport (SOAP) stuff, may rename to RST later?, just mention in footnote for now next commit WILL be msnp13 on 0.1.4 release, promise
6.8 KiB
Introduction
USR is a command introduced with MSNP2.
The command exists in all services, without a request or response payload.
Specifies a user that wants to authenticate to the service. For the command that is used when sending this to a Dispatch Server, read XFR.
This command can only be sent once. Any further uses of this command in the same session is Undefined Behaviour.
Client/Request
Dispatch Server or Notification Server
The Initial request
USR TrID security-package I user-handle
Depending on the version of the protocol you are using, security-package can be:
CTP: Clear Text Password. Only in MSNP2.MD5: MD5-based authentication. Only in MSNP2 to MSNP7.TWN: "Tweener", Passport 1.4 or compatible authentication service. Since MSNP8.SSO: Single Sign On, usually a more advanced Passport (SOAP) authentication method. Since MSNP15.
The Subsequent request
USR TrID security-package S {...response-args}
Where response-args can be anything, but based on security-package it can be:
CTP: Your password in plain text.MD5: The server's login challenge concatenated with your password.TWN: Thefrom-PPparameter in theAuthentication-Infoheader sent in response to Passport 1.4, or if using Passport (SOAP), the<wsse:BinarySecurityToken>of the relevant<wst:RequestSecurityTokenResponse>.SSO: The same as Passport (SOAP) inTWN, but with the extra parameter being the custom challenge response encoded as base64.
Switchboard Server
USR TrID user-handle cookie
Where user-handle is your current user handle.
Where cookie is the relevant parameter given from XFR or RNG.
Server/Response
Dispatch Server or Notification Server
Requesting a Subsequent action
USR TrID OK security-package S {...challenge}
Where challenge, based on the security-package is:
CTP: Nothing. This parameter is omitted.MD5: The login challenge to concatenate with your password.TWN: The Passport login parameters.SSO: The Passport login policy and a base64-encoded key.
Successfully authenticated
USR TrID OK user-handle {friendly-name} {verified} {account-restricted}
Where OK is always OK.
Where user-handle is your user handle.
Where friendly-name is your current Friendly Name. Removed in MSNP10.
Where verified is the account's verification status,
where 0 is unverified, and 1 is verified. Added since MSNP6.
Where account-restricted is the account's restricted status,
where 0 is unrestricted, and 1 is restricted. Added since MSNP8.
If this is set, the Client may log out automatically and ask to use MSN Explorer.
Switchboard Server
USR TrID OK user-handle friendly-name
Where user-handle is your current user handle.
Where friendly-name is your current friendly name.
Examples
Notification Server
Using CTP
Only in MSNP2.
C: USR 1 CTP I example@hotmail.com
S: USR 1 CTP S
C: USR 2 CTP S password
S: USR 2 OK example@hotmail.com example%20user
Using MD5
C: USR 3 MD5 I example@hotmail.com
S: USR 3 MD5 S 1234567890.123456789
C: USR 4 MD5 S f59af8f2fa91d38aff7c870c17f99903
S: USR 4 OK example@hotmail.com example%20user 1
Using TWN
Since MSNP8.
C: USR 5 TWN I example@hotmail.com
S: USR 5 TWN S passport=parameters,neat=huh,lc=1033,id=507
The HTTPS interlude has been moved to the Passport 1.4 article.
C: USR 6 TWN S t=token&p=profile
S: USR 6 OK example@hotmail.com example%20user 1 0
Using SSO
Since MSNP15.
NOTE: This has been line-breaked.
Lines beginning with .. followed by a space are continuations of the previous line.
C: USR 7 SSO I example@hotmail.com
S: USR 7 SSO S MBI_KEY_OLD AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
The HTTPS interlude has been moved to the Passport (SOAP) article.
The key-encryption interlude has been removed from here and is to reinstated as another article.
C: USR 8 SSO S t=ticket HAAAAAEAAAADZgAABIAAAAgAAAAUAAAASAAAAAA
.. AAAAAAAAA7XgT5ohvaZdoXdrWUUcMF2G8OK2JohyYcK5l5MJSitab33scxJe
.. K/RQXcUr0L+R2ZA9CEAzn0izmUzSMp2LZdxSbHtnuxCmptgtoScHp9E26HjQ
.. VkA9YJxgK/HM=
S: USR 8 OK example@hotmail.com
Invalid username or password
C: USR 9 TWN I example@hotmail.com
S: USR 9 TWN S passport=parameters,neat=huh,lc=1033,id=507
C: USR 10 TWN S t=not*a*passport*ticket&p=not*a*profile*either
S: 911 10
Server disconnects client.
Child account not authorized
Since MSNP4.
C: USR 11 MD5 I example@hotmail.com
S: USR 11 MD5 S 1234567890.123456789
C: USR 12 MD5 S f59af8f2fa91d38aff7c870c17f99903
S: 923 12
Server disconnects client.
Account not verified
Hard block
Since MSNP5.
NOTE: This will show the Account Verification dialog.
C: USR 13 MD5 I example@hotmail.com
S: USR 13 MD5 S 1234567890.123456789
C: USR 14 MD5 S f59af8f2fa91d38aff7c870c17f99903
S: 924 14
Server disconnects client.
Soft warning
Since MSNP6.
C: USR 15 MD5 I example@hotmail.com
S: USR 15 MD5 S 1234567890.123456789
C: USR 16 MD5 S f59af8f2fa91d38aff7c870c17f99903
S: USR 16 OK example@hotmail.com example%20user 0
Account restricted
Since MSNP8.
NOTE: This will automatically log you out and force you to use MSN Explorer instead.
C: USR 17 TWN I example@hotmail.com
S: USR 17 TWN S passport=parameters,neat=huh,lc=1033,id=507
C: USR 18 TWN S t=token&p=profile
S: USR 18 OK example@hotmail.com example%20user 1 1
Client disconnects from server.
Wrong server for this account
C: USR 19 TWN I example@hotmail.com
S: 931 19
Server disconnects client.
Switchboard Server
C: USR 20 example@passport.com 1234567890.1234567890.1234567890
S: USR 20 OK example@passport.com example%20user