/// <summary>
/// Edits a SGA file to either encrypt or decrypt the file
/// </summary>
/// <param name="account">Account to edit</param>
/// <param name="secret">secret for the file</param>
/// <returns></returns>
public static bool DecryptSGAFile(SteamGuardAccount account)
{
/*First we find the file related to the account*/
FileInfo sgaFile = GetAccountFile(account);
if (sgaFile != null)
{
if (!File.Exists(sgaFile.FullName))
return false;
/*Read the content of the file*/
string fileContent = File.ReadAllText(sgaFile.FullName);
if (IsSGAFileEncrypted(account))
{
/*If the file looks encrypted, decrypt and save the file if decryption worked*/
string decryptedText = Crypto.DecryptStringAES(fileContent);
if (decryptedText.Length > 0)
{
File.WriteAllText(sgaFile.FullName, decryptedText);
return true;
}
}
}
return false;
}
public static bool SaveMaFile(SteamGuardAccount account)
{
string filename = "./maFiles/" + account.Session.SteamID + ".maFile";
if (!Directory.Exists("./maFiles"))
{
try
{
Directory.CreateDirectory("./maFiles");
}
catch (Exception ex)
{
return false;
}
}
try
{
string contents = JsonConvert.SerializeObject(account, Formatting.Indented);
File.WriteAllText(filename, contents);
}
catch (Exception ex)
{
return false;
}
return true;
}
public ConfirmationFormWeb(SteamGuardAccount steamAccount)
{
InitializeComponent();
this.steamAccount = steamAccount;
this.Text = String.Format("Trade Confirmations - {0}", steamAccount.AccountName);
CefSettings settings = new CefSettings();
settings.PersistSessionCookies = false;
settings.UserAgent = "Mozilla/5.0 (Linux; Android 6.0; Nexus 6P Build/XXXXX; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/47.0.2526.68 Mobile Safari/537.36";
steamCookies = String.Format("mobileClientVersion=0 (2.1.3); mobileClient=android; steamid={0}; steamLogin={1}; steamLoginSecure={2}; Steam_Language=english; dob=;", steamAccount.Session.SteamID.ToString(), steamAccount.Session.SteamLogin, steamAccount.Session.SteamLoginSecure);
if (!Cef.IsInitialized)
{
Cef.Initialize(settings);
}
browser = new ChromiumWebBrowser(steamAccount.GenerateConfirmationURL())
{
Dock = DockStyle.Fill,
};
this.splitContainer1.Panel2.Controls.Add(browser);
BrowserRequestHandler handler = new BrowserRequestHandler();
handler.Cookies = steamCookies;
browser.RequestHandler = handler;
browser.AddressChanged += Browser_AddressChanged;
browser.LoadingStateChanged += Browser_LoadingStateChanged;
}
public ConfirmationForm(SteamGuardAccount account)
{
InitializeComponent();
this.mCurrentAccount = account;
btnDenyConfirmation.Enabled = btnAcceptConfirmation.Enabled = false;
loadConfirmations();
}
public LinkResult AddAuthenticator()
{
bool hasPhone = _hasPhoneAttached();
if (hasPhone && PhoneNumber != null)
{
return(LinkResult.MustRemovePhoneNumber);
}
if (!hasPhone && PhoneNumber == null)
{
return(LinkResult.MustProvidePhoneNumber);
}
if (!hasPhone)
{
if (!_addPhoneNumber())
{
return(LinkResult.GeneralFailure);
}
}
var postData = new NameValueCollection();
postData.Add("access_token", _session.OAuthToken);
postData.Add("steamid", _session.SteamID.ToString());
postData.Add("authenticator_type", "1");
postData.Add("device_identifier", this.DeviceID);
postData.Add("sms_phone_id", "1");
string response = SteamWeb.MobileLoginRequest(APIEndpoints.STEAMAPI_BASE + "/ITwoFactorService/AddAuthenticator/v0001", "POST", postData);
if (response == null)
{
return(LinkResult.GeneralFailure);
}
var addAuthenticatorResponse = JsonConvert.DeserializeObject <AddAuthenticatorResponse>(response);
if (addAuthenticatorResponse == null || addAuthenticatorResponse.Response == null)
{
return(LinkResult.GeneralFailure);
}
if (addAuthenticatorResponse.Response.Status == 29)
{
return(LinkResult.AuthenticatorPresent);
}
if (addAuthenticatorResponse.Response.Status != 1)
{
return(LinkResult.GeneralFailure);
}
this.LinkedAccount = addAuthenticatorResponse.Response;
LinkedAccount.Session = this._session;
LinkedAccount.DeviceID = this.DeviceID;
return(LinkResult.AwaitingFinalization);
}
protected override void OnNavigatedTo(NavigationEventArgs e)
{
ConfirmationWeb.ScriptNotify += WebNotify;
ConfirmationWeb.NavigationCompleted += InjectCode;
HardwareButtons.BackPressed += BackPressed;
this.account = Storage.SGAFromStore();
SteamGuardButton_Click(null, null);
}
/// <summary>
/// Changes the current account depending on which is selected in the listbox
/// </summary>
private void accountListBox_SelectedIndexChanged(object sender, EventArgs e)
{
foreach(SteamGuardAccount account in accountList)
{
if(account.AccountName == (string)accountListBox.SelectedItem)
{
accountCurrent = account;
loadAccountInfo();
break;
}
}
}
private static void AcceptConfirmationsLoop(SteamGuardAccount sgAccount)
{
sgAccount.Session.SteamLogin = _account.FindCookieByName("steamlogin").Value;
sgAccount.Session.SteamLoginSecure = _account.FindCookieByName("steamloginsecure").Value;
while (true) //permanent loop, can be changed
{
Thread.Sleep(10000);
Console.WriteLine(sgAccount.GenerateSteamGuardCode());
foreach (Confirmation confirmation in sgAccount.FetchConfirmations())
{
sgAccount.AcceptConfirmation(confirmation);
}
}
}
public LoginForm(LoginType loginReason = LoginType.Initial, SteamGuardAccount account = null)
{
InitializeComponent();
this.LoginReason = loginReason;
this.androidAccount = account;
if (this.LoginReason != LoginType.Initial)
{
txtUsername.Text = account.AccountName;
txtUsername.Enabled = false;
}
if(this.LoginReason == LoginType.Refresh)
{
labelLoginExplanation.Text = "Your Steam credentials have expired. For trade and market confirmations to work properly, please login again.";
}
}
internal static SteamGuardAccount SGAFromStore(ulong steamid)
{
SteamGuardAccount response = null;
ApplicationDataContainer localSettings = Windows.Storage.ApplicationData.Current.LocalSettings;
if (localSettings.Values.ContainsKey("steamGuard-" + steamid))
{
string data = (string)localSettings.Values["steamGuard-" + steamid];
response = JsonConvert.DeserializeObject<SteamGuardAccount>(data);
}
else
{
response = new SteamGuardAccount();
}
return response;
}
/// <summary>
/// Deletes a SGA file of an account if it exists
/// </summary>
/// <param name="account">Account to delete files of</param>
/// <returns>Returns true if successful</returns>
public static bool DeleteSGAFile(SteamGuardAccount account)
{
try
{
string fileName = string.Format(Path.Combine(Application.StartupPath, "SGAFiles\\{0}.SGA"), account.Session.SteamID);
if (File.Exists(fileName))
{
File.Delete(fileName);
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.ToString());
return false;
}
return true;
}
public LinkResult AddAuthenticator()
{
bool hasPhone = _hasPhoneAttached();
if (hasPhone && PhoneNumber != null)
return LinkResult.MustRemovePhoneNumber;
if (!hasPhone && PhoneNumber == null)
return LinkResult.MustProvidePhoneNumber;
if (!hasPhone)
{
if (!_addPhoneNumber())
{
return LinkResult.GeneralFailure;
}
}
var postData = new NameValueCollection();
postData.Add("access_token", _session.OAuthToken);
postData.Add("steamid", _session.SteamID.ToString());
postData.Add("authenticator_type", "1");
postData.Add("device_identifier", this.DeviceID);
postData.Add("sms_phone_id", "1");
string response = SteamWeb.MobileLoginRequest(APIEndpoints.STEAMAPI_BASE + "/ITwoFactorService/AddAuthenticator/v0001", "POST", postData);
if (response == null) return LinkResult.GeneralFailure;
var addAuthenticatorResponse = JsonConvert.DeserializeObject<AddAuthenticatorResponse>(response);
if (addAuthenticatorResponse == null || addAuthenticatorResponse.Response == null || addAuthenticatorResponse.Response.Status != 1)
{
return LinkResult.GeneralFailure;
}
this.LinkedAccount = addAuthenticatorResponse.Response;
LinkedAccount.Session = this._session;
LinkedAccount.DeviceID = this.DeviceID;
return LinkResult.AwaitingFinalization;
}
public bool SaveAccount(SteamGuardAccount account, bool encrypt, string passKey = null)
{
if (encrypt && String.IsNullOrEmpty(passKey)) return false;
if (!encrypt && this.Encrypted) return false;
string salt = null;
string iV = null;
string jsonAccount = JsonConvert.SerializeObject(account);
if (encrypt)
{
salt = FileEncryptor.GetRandomSalt();
iV = FileEncryptor.GetInitializationVector();
string encrypted = FileEncryptor.EncryptData(passKey, salt, iV, jsonAccount);
if (encrypted == null) return false;
jsonAccount = encrypted;
}
string maDir = Manifest.GetExecutableDir() + "/maFiles/";
string filename = account.Session.SteamID.ToString() + ".maFile";
ManifestEntry newEntry = new ManifestEntry()
{
SteamID = account.Session.SteamID,
IV = iV,
Salt = salt,
Filename = filename
};
bool foundExistingEntry = false;
for (int i = 0; i < this.Entries.Count; i++)
{
if (this.Entries[i].SteamID == account.Session.SteamID)
{
this.Entries[i] = newEntry;
foundExistingEntry = true;
break;
}
}
if (!foundExistingEntry)
this.Entries.Add(newEntry);
bool wasEncrypted = this.Encrypted;
this.Encrypted = encrypt || this.Encrypted;
if (!this.Save())
{
this.Encrypted = wasEncrypted;
return false;
}
try
{
File.WriteAllText(maDir + filename, jsonAccount);
return true;
}
catch (Exception e)
{
return false;
}
}
internal static void PushStore(SteamGuardAccount account)
{
ApplicationDataContainer localSettings = Windows.Storage.ApplicationData.Current.LocalSettings;
localSettings.Values["steamGuard-" + account.Session.SteamID] = JsonConvert.SerializeObject(account);
localSettings.Values["steamUser-" + account.Username] = account.Session.SteamID;
}
public static void DeleteMaFile(SteamGuardAccount account)
{
string filename = "./maFiles/" + account.Session.SteamID + ".maFile";
File.Delete(filename);
}
public bool RemoveAccount(SteamGuardAccount account)
{
ManifestEntry entry = (from e in this.Entries where e.SteamID == account.Session.SteamID select e).FirstOrDefault();
if (entry == null) return true; //If something never existed, did you do what they asked?
string maDir = Manifest.GetExecutableDir() + "/maFiles/";
string filename = maDir + entry.Filename;
this.Entries.Remove(entry);
if (this.Entries.Count == 0)
this.Encrypted = false;
if (this.Save())
{
try
{
File.Delete(filename);
return true;
}
catch (Exception e)
{
return false;
}
}
return false;
}
/// <summary>
/// Display a login form to the user to refresh their OAuth Token
/// </summary>
/// <param name="account">The account to refresh</param>
private void PromptRefreshLogin(SteamGuardAccount account)
{
var loginForm = new LoginForm(LoginForm.LoginType.Refresh, account);
loginForm.ShowDialog();
}
/// <summary>
/// Decrypts files and populates list UI with accounts
/// </summary>
private void loadAccountsList()
{
currentAccount = null;
listAccounts.Items.Clear();
listAccounts.SelectedIndex = -1;
trayAccountList.Items.Clear();
trayAccountList.SelectedIndex = -1;
allAccounts = manifest.GetAllAccounts(passKey);
if (allAccounts.Length > 0)
{
for (int i = 0; i < allAccounts.Length; i++)
{
SteamGuardAccount account = allAccounts[i];
listAccounts.Items.Add(account.AccountName);
trayAccountList.Items.Add(account.AccountName);
}
listAccounts.SelectedIndex = 0;
trayAccountList.SelectedIndex = 0;
}
menuDeactivateAuthenticator.Enabled = btnTradeConfirmations.Enabled = allAccounts.Length > 0;
}
// Misc UI handlers
private void listAccounts_SelectedValueChanged(object sender, EventArgs e)
{
for (int i = 0; i < allAccounts.Length; i++)
{
SteamGuardAccount account = allAccounts[i];
if (account.AccountName == (string)listAccounts.Items[listAccounts.SelectedIndex])
{
trayAccountList.Text = account.AccountName;
currentAccount = account;
loadAccountInfo();
break;
}
}
}
// Other methods
/// <summary>
/// Refresh this account's session data using their OAuth Token
/// </summary>
/// <param name="account">The account to refresh</param>
/// <param name="attemptRefreshLogin">Whether or not to prompt the user to re-login if their OAuth token is expired.</param>
/// <returns></returns>
private async Task<bool> RefreshAccountSession(SteamGuardAccount account, bool attemptRefreshLogin = true)
{
if (account == null) return false;
try
{
bool refreshed = await account.RefreshSessionAsync();
return refreshed; //No exception thrown means that we either successfully refreshed the session or there was a different issue preventing us from doing so.
}
catch (SteamGuardAccount.WGTokenExpiredException)
{
if (!attemptRefreshLogin) return false;
PromptRefreshLogin(account);
return await RefreshAccountSession(account, false);
}
}
/// <summary>
/// Checks if an SGA file is encrypted
/// </summary>
/// <param name="account">Account to check file of</param>
/// <returns>Also returns false if file is not found</returns>
public static bool IsSGAFileEncrypted(SteamGuardAccount account)
{
try
{
var file = GetAccountFile(account);
if (File.Exists(file.FullName))
{
/*I know this is a shit way to do it, but honestly it works*/
/*If a user wants to f**k with his files then so be it; I don't really care*/
string content = File.ReadAllText(file.FullName);
return content.EndsWith("=");
}
}
catch
{
//
}
return false;
}
private void loadAccountsList()
{
mCurrentAccount = null;
listAccounts.Items.Clear();
listAccounts.SelectedIndex = -1;
allAccounts = MobileAuthenticatorFileHandler.GetAllAccounts();
if (allAccounts.Length > 0)
{
for (int i = 0; i < allAccounts.Length; i++)
{
SteamGuardAccount account = allAccounts[i];
listAccounts.Items.Add(account.AccountName);
}
listAccounts.SelectedIndex = 0;
}
btnDelete.Enabled = btnTradeConfirmations.Enabled = allAccounts.Length > 0;
}
/// <summary>
/// Saves a SteamGuardAccount to file in formatted json
/// </summary>
/// <param name="account">Account to save</param>
/// <returns>Returns true if successful</returns>
public static bool SaveSGAFile(SteamGuardAccount account)
{
try
{
bool encrypt = true;
string fileName = Path.Combine(Application.StartupPath, string.Format("SGAFiles\\{0}.SGA", account.Session.SteamID));
string content = JsonConvert.SerializeObject(account, Formatting.Indented);
/*File already exists, so we need to make sure we don't
encrypt it if it's not meant to be encrypted*/
if (File.Exists(fileName))
{
if(!File.ReadAllText(fileName).EndsWith("="))
{
encrypt = false;
}
}
if (Crypto.crySecret.Length > 0 && encrypt) content = Crypto.EncryptStringAES(content);
File.WriteAllText(fileName, content);
}
catch(Exception ex)
{
Debug.WriteLine(ex.ToString());
return false;
}
return true;
}
private async Task UpdateSession(SteamGuardAccount account)
{
if (account == null) return;
if (updatedSessions.Contains(account.AccountName)) return;
lblStatus.Text = "Refreshing session...";
btnTradeConfirmations.Enabled = false;
await currentAccount.RefreshSessionAsync();
updatedSessions.Add(account.AccountName);
lblStatus.Text = "";
btnTradeConfirmations.Enabled = true;
}
/// <summary>
/// Loads the confirmations pending for the account
/// Will refresh cookies if needed
/// </summary>
/// <param name="account">account to load confirmations from</param>
/// <returns></returns>
private Confirmation[] LoadConfirmations(SteamGuardAccount account)
{
Confirmation[] confirmations = { };
try
{
confirmations = account.FetchConfirmations();
}
catch(SteamGuardAccount.WGTokenInvalidException)
{
if (account.RefreshSession())
{
FileHandler.SaveSGAFile(account);
}
}
return confirmations;
}
private void listAccounts_SelectedValueChanged(object sender, EventArgs e)
{
// Triggered when list item is clicked
for (int i = 0; i < allAccounts.Length; i++)
{
SteamGuardAccount account = allAccounts[i];
if (account.AccountName == (string)listAccounts.Items[listAccounts.SelectedIndex])
{
mCurrentAccount = account;
loadAccountInfo();
}
}
}
/// <summary>
/// Finds the account file that belongs to a file
/// </summary>
/// <param name="account">Account the owns the file</param>
/// <returns>Returns null if none found</returns>
private static FileInfo GetAccountFile(SteamGuardAccount account)
{
DirectoryInfo info = new DirectoryInfo(Path.Combine(Application.StartupPath, "SGAFiles"));
FileInfo[] files = info.GetFiles("*.SGA");
foreach (var file in files)
{
if (Path.GetFileNameWithoutExtension(file.Name) == account.Session.SteamID.ToString())
{
return file;
}
}
return null;
}
private void loadAccountsList()
{
mCurrentAccount = null;
listAccounts.Items.Clear();
listAccounts.SelectedIndex = -1;
string passKey = null;
if (mManifest.Encrypted)
{
bool passKeyValid = false;
while (!passKeyValid)
{
InputForm passKeyForm = new InputForm("Please enter your encryption passkey.", true);
passKeyForm.ShowDialog();
if (!passKeyForm.Canceled)
{
passKey = passKeyForm.txtBox.Text;
passKeyValid = this.mManifest.VerifyPasskey(passKey);
if (!passKeyValid)
{
MessageBox.Show("That passkey is invalid.");
}
}
else
{
this.Close();
return;
}
}
btnManageEncryption.Text = "Manage Encryption";
}
else
{
btnManageEncryption.Text = "Setup Encryption";
}
btnManageEncryption.Enabled = mManifest.Entries.Count > 0;
allAccounts = mManifest.GetAllAccounts(passKey);
if (allAccounts.Length > 0)
{
for (int i = 0; i < allAccounts.Length; i++)
{
SteamGuardAccount account = allAccounts[i];
listAccounts.Items.Add(account.AccountName);
}
listAccounts.SelectedIndex = 0;
}
btnDelete.Enabled = btnTradeConfirmations.Enabled = allAccounts.Length > 0;
}
/// <summary>
/// Loads all account from file
/// </summary>
private void loadAccounts()
{
/*Reset current values*/
accountCurrent = null;
accountList.Clear();
accountListBox.Items.Clear();
/*Get accounts from save list and load them up*/
var unloadedList = new List<string>();
var accList = FileHandler.GetAllAccounts();
if (accList.Count > 0)
{
lock (accList)
{
foreach (var accHolder in accList)
{
if (!accHolder.loaded)
{
/*This account wasn't loaded successfully*/
/*We'll add it in a seperate list to display*/
unloadedList.Add(accHolder.filename);
continue;
}
else
{
/*This was loaded*/
accountList.Add(accHolder.account);
}
/*Add the account*/
accountListBox.Items.Add(accHolder.account.AccountName);
if (!notifyMenu.Items.ContainsKey(accHolder.account.AccountName))
{
/*Add account to notifyMenu (contextMenuStrip attatched to notifyIcon) so user can access things quickly*/
ToolStripMenuItem tsm = new ToolStripMenuItem();
tsm.Text = accHolder.account.AccountName;
tsm.DropDownItems.Add("Copy Steam Guard code", null, new EventHandler(menuGetCode_Click));
tsm.DropDownItems.Add("Accept all trades", null, new EventHandler(menuAcceptTrades_Click));
notifyMenu.Items.Add(tsm);
}
}
}
accountListBox.SelectedIndex = 0;
}
/*If we haven't already displayed the list of unloaded accounts, do it here*/
if (!applicationShownUnloadedAccounts && unloadedList.Count > 0)
{
notloadedForm = new NotloadedForm(unloadedList);
notloadedBtn.Text = string.Format("{0} accounts not loaded", unloadedList.Count);
notloadedBtn.Visible = true;
applicationShownUnloadedAccounts = true;
}
}