-
Notifications
You must be signed in to change notification settings - Fork 5
Authentication
There's lots of ways to authenticate.
Open a browser to
https://login.live.com/oauth20_authorize.srf?client_id=00000000480BC46C&scope=service::skype.com::MBI_SSL&response_type=token&redirect_uri=https://login.live.com/oauth20_desktop.srf
Allow the user to log in as normal. When they're done, the browser will be redirected to https://login.live.com/oauth20_desktop.srf with an enormous fragment. The fragment might be useful, but what the webclient requires is the three cookies MSPAuth, MSPProf, WLSSC.
Request the same URL as the previous section. Keep the MSPOK cookie.
Buried in the Javascript is a HTML <input> element, with name="PPFT". Keep the value attribute of this element.
Using the same query string as the first request, POST to https://login.live.com/ppsecure/post.srf, with the MSPOK cookie and a body consisting of url-encoded parameters:
| Parameter | Notes |
|---|---|
| PPFT | The PPFT value you got from the first request |
| login | Microsoft account name |
| password | Password for that account |
If all goes well, you are redirected to the same place as the previous section. If not, look for sErrTxt: followed by a Javascript string, the string including an error message.