feat: accept launcher-injected trust token via JSON#1
Merged
Conversation
…N parsing Copy-paste bug on line 570: when using --json mode, g_Password was being set from maybeUsername instead of maybePassword, causing login to always fail because password == username.
Read `trust_token` from the JSON args and prefer it over the disk-loaded
token, so the launcher can hand xiloader an auth-service-minted trust token
to send to xi_connect in place of an OTP.
Also fix two pre-existing `value_or({})` lines that don't compile under
MSVC 14.38 (braced-init can't be deduced) — use `value_or(std::string{})`.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Lets the launcher hand xiloader an auth-service-minted trust token to send to xi_connect in place of an OTP, so players aren't prompted for 2FA a second time at Play.
Changes
main.cpp: readtrust_tokenfrom the JSON args.network.cpp: an injected token wins over the disk-loaded one (both login paths guarded).value_or({})lines (language,error_message) that don't compile under MSVC 14.38 — braced-init can't be type-deduced; usevalue_or(std::string{})(identical behavior).xi_connect already accepts the token (
validateTrustToken), so no server change. Built Win32/x86 (Release) and bundled into the launcher (phoenix-launcher PR #86).Pairs with phoenix-api PR LandSandBoat#46 (mints the token).