MSNPAuth: Authenticating in PHP

MSNPAuth is a PHP class used for authentication when connecting to .NET Messenger Service, you simply pass it the Passport address, the password and the challenge string received in the USR command and it connects to the Passport authentication system to fetch authentication key.

Usage:

$msnpauth = new MSNPAuth($passport, $password, $params[4]);
$hash = $msnpauth->getKey();

$passport would be the e-mail address that is being signed in
$password would be the password for that account
$params[4] would be the string sent in the USR command from the notification server,

With the last argument, the notification server communication goes like this:

[SEND] USR 6 TWN I bob@hotmail.com\r\n
[RECV] USR 6 TWN S lc=1033,id=507,tw=40,fs=1,ru=http%3A%2F%2Fmessenger%2Emsn%2Ecom,ct=1128154104,kpp=1,kv=7,ver=2.1.6000.1,rn=C6D!I5Ic,tpf=41a9cb6f69e60faa44c8570126f045ed\r\n

You use 4th argument (starting from 0) from the response (ie. lc=1033,id=507,tw=40…)
Make sure you are actually sending the right string, if you were to split the response into an array, it should look like this:

Array
(
    [0] => USR
    [1] => 2
    [2] => TWN
    [3] => S
    [4] => lc=1033,id=507,tw=40,fs=1,ru=http%3A%2F%2Fmessenger%2Emsn%2Ecom,ct=1128154104,kpp=1,kv=7,ver=2.1.6000.1,rn=C6D!I5Ic,tpf=41a9cb6f69e60faa44c8570126f045ed
)

Originally when I had to upgrade all my MSN PHP scripts to use MSNP8 in 2003, I tried using fsockopen with SSL. The only problem was, the Web host was using PHP 4.2 and this functionality was introduced in PHP 4.3. Instead, I had to use cURL.

There is now also an alternate version which does use fsockopen, this is now labelled version 1.2, the cURL one will remain version 1.1.

MSNPAuth automatically chooses the right server to authenticate with, skipping nexus and the login.passport.com if applicable, making it a bit faster.

msnpauth.php, v1.1.3 (cURL)
msnpauth.php, v1.2.1 (fsockopen)