public async Task <DoLoginResponse> DoLoginAsync(DoLoginRequest req) { HttpClientHandler handler = new HttpClientHandler { CookieContainer = new CookieContainer() }; using (HttpClient client = new HttpClient(handler)) { var p = new FormUrlEncodedContent(new[] { new KeyValuePair <string, string>("password", req.Password ?? string.Empty), new KeyValuePair <string, string>("username", req.Username ?? string.Empty), new KeyValuePair <string, string>("twofactorcode", req.TwoFactorCode ?? string.Empty), new KeyValuePair <string, string>("emailauth", req.EmailAuth ?? string.Empty), new KeyValuePair <string, string>("loginfriendlyname", req.LoginFriendlyName ?? string.Empty), new KeyValuePair <string, string>("captchagid", req.CaptchaGid.ToString()), new KeyValuePair <string, string>("captcha_text", req.CaptchaText ?? string.Empty), new KeyValuePair <string, string>("emailsteamid", req.EmailSteamId.HasValue ? req.EmailSteamId.Value.ToString() : string.Empty), new KeyValuePair <string, string>("rsatimestamp", req.RsaTimeStamp.ToString()), new KeyValuePair <string, string>("remember_login", req.RememberLogin.ToString().ToLowerInvariant()), }); HttpResponseMessage resp = await client.PostAsync(DoLoginPath, p); if (resp.IsSuccessStatusCode) { string respText = await resp.Content.ReadAsStringAsync(); DoLoginResponse respObj = JsonConvert.DeserializeObject <DoLoginResponse>(respText); if (req.RememberLogin && respObj.TransferParameters != null) { foreach (Cookie cookie in handler.CookieContainer.GetCookies(new Uri(BaseDomain))) { if (cookie.Name == "steamRememberLogin") { string[] bits = WebUtility.UrlDecode(cookie.Value).Split(new[] { "||" }, 2, StringSplitOptions.None); respObj.TransferParameters.RememberLoginToken = bits[1]; break; } } } return(respObj); } else { return(null); } } }
async Task <bool> doLogin() { // Assume validity checks have been done // 1. Get RSA key GetRsaKeyResponse rsaResponse = await loginClient.GetRsaKeyAsync(usernameTextBox.Text); if (!rsaResponse.Success) { setMessage(!string.IsNullOrEmpty(rsaResponse.Message) ? rsaResponse.Message : "Can't get RSA key for sending login info."); return(false); } // 2. Encrypt password string encryptedPassword; using (var rsa = new RSACryptoServiceProvider()) { rsa.ImportParameters(new RSAParameters { Modulus = hexToBytes(rsaResponse.PublicKeyMod), Exponent = hexToBytes(rsaResponse.PublicKeyExp) }); // Filter password to ASCII characters (the login script does this) string password = System.Text.RegularExpressions.Regex.Replace(passwordTextBox.Text, "[^\u0000-\u007F]", string.Empty); byte[] passwordBlob = Encoding.UTF8.GetBytes(password); byte[] crypted = rsa.Encrypt(passwordBlob, false); encryptedPassword = Convert.ToBase64String(crypted); } // 3. Send request to server DoLoginRequest request = new DoLoginRequest { Password = encryptedPassword, Username = usernameTextBox.Text, TwoFactorCode = mobileAuthTextBox.Text, EmailAuth = emailAuthTextBox.Text, LoginFriendlyName = friendlyNameTextBox.Text, CaptchaText = captchaTextBox.Text, RsaTimeStamp = rsaResponse.Timestamp, RememberLogin = true }; if (loginResponse != null) { request.CaptchaGid = loginResponse.CaptchaGid; request.EmailSteamId = loginResponse.EmailSteamId; } else { request.CaptchaGid = -1; } loginResponse = await loginClient.DoLoginAsync(request); if (loginResponse == null) { return(false); } return(loginResponse.Success && loginResponse.LoginComplete); }