MOVE ALONG NOTHING TO SEE HERE
All new docs are being written in the github msndevs wiki
The old contents are left here for historical reference
old contents
Placeholder page for docs about MSNP22, the protocol version introduced with the "messaging" client included in Windows 8.0 (not 8.1), version string 16.4.4206.0722.
Not supported through port 1863, only through the https gateway.
WEB Authentication
The windows 8 client uses an authentication method known as WEB. Two headers are added to the open request, X-MSN-Auth and X-MSN-SslAuthToken, and the USR command
The X-MSN-SslAuthToken field, censored below, has 672 base64 chars that decode to a 504 byte token, in the same format of the SSO tickets (MSPAuth, I believe), although the content is probably different.
How exactly that ticket is requested, I don't know. That part of the auth is integrated with win8 stuff and I haven't caught it yet.
POST https://geo.gateway.messenger.live.com/gateway/gateway.dll?Action=open&Server=NS&SessionTimeout=21660&AutoIdleTimeout=960&Queue=system,chat HTTP/1.1
Accept: */*
Content-Type: text/xml; charset=utf-8
X-MSN-Auth: Use-X-MSN-SslAuthToken
X-MSN-SslAuthToken: t=xxxxxxx...xxxxxxxx&p=
Accept-Language: en-GB
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)
Host: geo.gateway.messenger.live.com
Content-Length: 160
Connection: Keep-Alive
Cache-Control: no-cache
VER 1 MSNP22 CVR0
CVR 2 0x0809 winnt 6.2.0 i386 MoShClient 16.4.4206.0722 MoShClient maxint32@hotmail.com 0
USR 3 WEB {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
HTTP/1.1 200 OK
Content-Length: 159
Content-Type: application/x-msn-messenger
X-MSN-Messenger: SessionID=189740330.1652338749; GW-IP=134.170.18.217:443
X-MSNSERVER: BN1MSGR1011504
X-MSN-Host: BN1MSGR1011504.gateway.messenger.live.com
X-MSN-SessionTimeout: 120
Date: Thu, 02 Oct 2014 02:58:30 GMT
VER 1 MSNP22
CVR 2 1.0.0000 1.0.0000 1.0.0000 http://msgr.dlservice.microsoft.com http://download.live.com/?sku=messenger
USR 3 OK maxint32@hotmail.com 1 0
SSO Authentication
The server seems to accept the SSO method just fine, too.
Modified WLM 2011 log:
POST http://gateway.messenger.hotmail.com/gateway/gateway.dll?Action=open&Server=NS&IP=messenger.hotmail.com HTTP/1.1 Accept: */* X-MSN-GWCapabilities: * Content-Type: text/xml; charset=utf-8 Content-Length: 124 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; Windows Live Essentials 15.4.3555.0308) Host: gateway.messenger.hotmail.com Connection: Keep-Alive Pragma: no-cache VER 1 MSNP22 CVR0 CVR 2 0x0409 winnt 6.1.1 i386 blah 15.4.3555.0308 blah dx@dxzone.com.ar 0 USR 3 SSO I dx@dxzone.com.ar HTTP/1.1 200 OK Content-Length: 210 Content-Type: application/x-msn-messenger X-MSN-Messenger: SessionID=1713566222.677940531; GW-IP=134.170.24.134 X-MSNSERVER: BN1MSGR2011301 X-MSN-Host: BN1MSGR2011301.gateway.messenger.live.com X-MSN-SessionTimeout: 120 X-MSN-GWCapabilities: LP Date: Thu, 02 Oct 2014 01:33:44 GMT VER 1 MSNP22 CVR 2 1.0.0000 1.0.0000 1.0.0000 http://msgr.dlservice.microsoft.com http://download.live.com/?sku=messenger USR 3 SSO S MBI_KEY Dqzblahblahblah
New HTTP gateway parameters
When Action is open:
SessionTimeout=21660AutoIdleTimeout=960
When Action is post, poll or open:
Queue=system,chatorQueue=systemorQueue=system,onlinepresence,chatLifeSpan=90
The server seems to accept Content-Encoding: deflate (client offers gzip too)