ModRealms · TheFlash787 · Jan 20, 2022 · Jan 19, 2022 · Jan 20, 2022
diff --git a/app/assets/js/authmanager.js b/app/assets/js/authmanager.js
@@ -1,11 +1,11 @@
 /**
  * AuthManager
- * 
+ *
  * This module aims to abstract login procedures. Results from Mojang's REST api
  * are retrieved through our Mojang module. These results are processed and stored,
  * if applicable, in the config using the ConfigManager. All login procedures should
  * be made through this module.
- * 
+ *
  * @module authmanager
  */
 // Requirements
@@ -54,12 +54,12 @@ async function validateSelectedMicrosoft() {
             if (MSExpired) {
                 const newAccessToken = await Microsoft.refreshAccessToken(current.microsoft.refresh_token)
                 const newMCAccessToken = await Microsoft.authMinecraft(newAccessToken.access_token)
-                ConfigManager.updateMicrosoftAuthAccount(current.uuid, newMCAccessToken.access_token, newAccessToken.expires_at)
+                ConfigManager.updateMicrosoftAuthAccount(current.uuid, newMCAccessToken.access_token, newAccessToken.access_token, newAccessToken.refresh_token, newAccessToken.expires_at, newMCAccessToken.expires_at)
                 ConfigManager.save()
                 return true
             }
             const newMCAccessToken = await Microsoft.authMinecraft(current.microsoft.access_token)
-            ConfigManager.updateMicrosoftAuthAccount(current.uuid, newMCAccessToken.access_token, current.microsoft.access_token, current.microsoft.expires_at, newMCAccessToken.expires_at)
+            ConfigManager.updateMicrosoftAuthAccount(current.uuid, newMCAccessToken.access_token, current.microsoft.access_token, current.microsoft.refresh_token, current.microsoft.expires_at, newMCAccessToken.expires_at)
             ConfigManager.save()
 
             return true
@@ -164,7 +164,7 @@ exports.addMSAccount = async authCode => {
                 message: 'The account you are trying to login with has not purchased a copy of Minecraft You may purchase a copy on <a href="https://minecraft.net/">Minecraft.net</a>.'
             })
         }
-        const ret = ConfigManager.addMsAuthAccount(MCProfile.id, MCAccessToken.access_token, MCProfile.name, MCAccessToken.expires_at, accessToken.access_token, accessToken.refresh_token)
+        const ret = ConfigManager.addMsAuthAccount(MCProfile.id, MCAccessToken.access_token, MCProfile.name, MCAccessToken.expires_at, accessToken.access_token, accessToken.refresh_token, accessToken.expires_at)
         ConfigManager.save()
 
         return ret

diff --git a/app/assets/js/configmanager.js b/app/assets/js/configmanager.js
@@ -403,7 +403,7 @@ exports.updateMicrosoftAuthAccount = function(uuid, accessToken, msAccessToken,
     config.authenticationDatabase[uuid].expiresAt = mcExpires
     config.authenticationDatabase[uuid].microsoft.access_token = msAccessToken
     config.authenticationDatabase[uuid].microsoft.refresh_token = msRefreshToken
-    config.authenticationDatabase[uuid].microsoft.expires_at = msRefreshToken
+    config.authenticationDatabase[uuid].microsoft.expires_at = msExpires
     return config.authenticationDatabase[uuid]
 }
 

diff --git a/app/assets/js/microsoft.js b/app/assets/js/microsoft.js
@@ -1,6 +1,7 @@
 // Requirements
-const request = require('request')
 
+const request = require('request')
+//const ejs= require('ejs/ejs')
 // Constants
 const clientId = 'de140eea-429a-4a6b-b67a-30ea6af614f3'
 
@@ -149,28 +150,58 @@ exports.getAccessToken = authCode => {
 exports.refreshAccessToken = refreshToken => {
     return new Promise((resolve, reject) => {
         const expiresAt = new Date()
-        const data = new Object()
 
         const options = {
             method: 'post',
             formData: {
                 client_id: clientId,
                 refresh_token: refreshToken,
-                scope: 'XboxLive.signin',
+                scope: 'XboxLive.signin offline_access',
                 redirect_uri: 'https://login.microsoftonline.com/common/oauth2/nativeclient',
                 grant_type: 'refresh_token'
             }
         }
         requestPromise(tokenUri, options).then(response => {
             const body = JSON.parse(response.body)
             expiresAt.setSeconds(expiresAt.getSeconds() + body.expires_in)
+            const data = new Object()
             data.expires_at = expiresAt
             data.access_token = body.access_token
-
+            data.refresh_token = body.refresh_token
             resolve(data)
         }).catch(error => {
-            reject(error)
+            const errorBody = JSON.parse(error[2].body)
+            switch(errorBody.error) {
+                case 'invalid_grant':
+                    console.log('All tokens are invalid. Going through authcode flow again.')
+                    ipcRenderer.send('openMSALoginWindow', 'open')
+                    ipcRenderer.on('MSALoginWindowReply', ...args => {
+                        const queryMap = args[0]
+                        if (queryMap.has('error')) {
+                            let error = queryMap.get('error')
+                            let errorDesc = queryMap.get('error_description')
+                            if(error === 'access_denied'){
+                                error = 'ERROR'
+                                errorDesc = 'To use our launcher, you must agree to the required permissions, otherwise you can\'t use this launcher with Microsoft accounts. Despite agreeing to the permissions you don\'t give us the possibility to do anything with your account, because all data will always be sent back to you (the launcher).'
+                            }
+                            console.log(error, errorDesc)
+                            return
+                        }
+                        const authCode = queryMap.get('code')
+                        const newAT = this.getAccessToken(authCode)
+                        const data = new Object()
+                        data.expires_at = newAT.expires_at
+                        data.access_token = newAT.access_token
+                        data.refresh_token = newAT.refresh_token
+                        resolve(data)
+                    })
+                    break
+                default:
+                    console.log(error)
+            }
         })
+    }).catch(error => {
+        return
     })
 }
 

diff --git a/app/assets/js/scripts/login.js b/app/assets/js/scripts/login.js
@@ -370,7 +370,7 @@ ipcRenderer.on('MSALoginWindowReply', (event, ...args) => {
         let error = queryMap.get('error')
         let errorDesc = queryMap.get('error_description')
         if(error === 'access_denied'){
-            error = 'ERRPR'
+            error = 'ERROR'
             errorDesc = 'To use our launcher, you must agree to the required permissions, otherwise you can\'t use this launcher with Microsoft accounts.<br><br>Despite agreeing to the permissions you don\'t give us the possibility to do anything with your account, because all data will always be sent back to you (the launcher).'
         }        
         setOverlayContent(error, errorDesc, 'OK')