nocci/free-games-claimer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
free-games-claimer/OAUTH_DEVICE_FLOW_ISSUE.md
root 5d41b323e5
All checks were successful
build-and-push / lint (push) Successful in 8s
Details
build-and-push / sonar (push) Successful in 20s
Details
build-and-push / docker (push) Successful in 11s
Details
feat: Final hybrid login implementation (FlareSolverr + Cookie persistence) 
- epic-claimer-new.js: Complete rewrite with practical approach
  - FlareSolverr integration for Cloudflare solving
  - Cookie persistence (saved to epic-cookies.json)
  - Auto-load cookies on startup (no login needed if valid)
  - Manual login fallback via noVNC if needed
  - Proper 2FA/OTP support
  - Better error handling and logging

- SETUP.md: Complete setup guide
  - Docker Compose examples
  - Environment variable reference
  - Troubleshooting section
  - 2FA setup instructions
  - Volume backup/restore

- README.md: Add reference to SETUP.md

- OAUTH_DEVICE_FLOW_ISSUE.md: Document why OAuth Device Flow doesn't work
  - Epic Games doesn't provide public device auth credentials
  - Client credentials flow requires registered app
  - Hybrid approach is the practical solution

How it works:
1. First run: Login via browser (FlareSolverr helps with Cloudflare)
2. Cookies saved to epic-cookies.json
3. Subsequent runs: Load cookies, no login needed
4. If cookies expire: Auto-fallback to login flow
5. Manual login via noVNC if automation fails

This is the approach used by all successful Epic Games claimer projects.
2026-03-08 14:52:13 +00:00

2.3 KiB
Raw Blame History

OAuth Device Flow funktioniert NICHT mit öffentlichen Credentials

Problem

Epic Games OAuth Device Flow erfordert gültige Client Credentials die NICHT öffentlich verfügbar sind.

Fehler:

errors.com.epicgames.account.invalid_client_credentials
Sorry the client credentials you are using are invalid

Warum es nicht funktioniert

  1. Device Auth Client ID/Secret sind bei Epic Games nicht öffentlich
  2. Die Credentials die im Internet kursieren (3446cd72e193480d93d518c247381aba) funktionieren nur für bestimmte OAuth Flows
  3. Client Credentials Flow (grant_type=client_credentials) ist für Server-zu-Server Kommunikation und erfordert registrierte App

claabs/epicgames-freegames-node Lösung

Das claabs Projekt verwendet:

  • Eigene OAuth App Registration bei Epic Games
  • ODER: Reverse-engineered Credentials aus dem Epic Games Launcher
  • Diese sind nicht im Code sondern in der Config-Datei

Unsere Lösung

Da wir keine gültigen Device Auth Credentials haben:

Option 1: Puppeteer mit besserem Stealth (Empfohlen)

Verwende puppeteer-extra-plugin-stealth mit optimierten Einstellungen:

import puppeteer from 'puppeteer-extra';
import StealthPlugin from 'puppeteer-extra-plugin-stealth';

puppeteer.use(StealthPlugin({
  enabledEvasions: [
    'chrome.app',
    'chrome.csi',
    'chrome.loadTimes',
    'chrome.runtime',
    'iframe.contentWindow',
    'media.codecs',
    'navigator.hardwareConcurrency',
    'navigator.languages',
    'navigator.permissions',
    'navigator.plugins',
    'navigator.webdriver',
    'sourceurl',
    'user-agent-override',
    'webgl.vendor',
    'window.outerdimensions',
  ],
}));

Option 2: FlareSolverr für Cloudflare

FlareSolverr kann Cloudflare Challenges automatisch lösen:

services:
  flaresolverr:
    image: ghcr.io/flaresolverr/flaresolverr:latest
    ports:
      - "8191:8191"
    environment:
      - LOG_LEVEL=info
      - CAPTCHA_SOLVER=none

Option 3: Manuelles Login mit Cookie-Export

  1. Einmal im Browser manuell einloggen
  2. Cookies exportieren
  3. Cookies für Automation verwenden

Fazit

OAuth Device Flow ist keine Option ohne:

  • Eigene Epic Games Developer App Registration, ODER
  • Gültige Launcher Credentials (die sich ändern können)

Bester Weg: Browser-Automation mit verbessertem Stealth + FlareSolverr