public static async Task <bool> AuthenticateUser() { SteamUser.WebAPIUserNonceCallback nonce; try { nonce = await Steam.Instance.User.RequestWebAPIUserNonce(); } catch (Exception e) { IsAuthorized = false; Log.WriteWarn("WebAuth", "Failed to get nonce: {0}", e.Message); return(false); } // 32 byte random blob of data var sessionKey = CryptoHelper.GenerateRandomBlock(32); byte[] encryptedSessionKey; // ... which is then encrypted with RSA using the Steam system's public key using (var rsa = new RSACrypto(KeyDictionary.GetPublicKey(Steam.Instance.Client.Universe))) { encryptedSessionKey = rsa.Encrypt(sessionKey); } // users hashed loginkey, AES encrypted with the sessionkey var encryptedLoginKey = CryptoHelper.SymmetricEncrypt(Encoding.ASCII.GetBytes(nonce.Nonce), sessionKey); using (dynamic userAuth = WebAPI.GetAsyncInterface("ISteamUserAuth")) { KeyValue result; try { result = await userAuth.AuthenticateUser( steamid : Steam.Instance.Client.SteamID.ConvertToUInt64(), sessionkey : WebHelpers.UrlEncode(encryptedSessionKey), encrypted_loginkey : WebHelpers.UrlEncode(encryptedLoginKey), method : "POST", secure : true ); } catch (HttpRequestException e) { IsAuthorized = false; Log.WriteWarn("WebAuth", "Failed to authenticate: {0}", e.Message); return(false); } File.WriteAllText(Path.Combine(Application.Path, "files", ".support", "cookie.txt"), $"steamLogin={result["token"].AsString()}; steamLoginSecure={result["tokensecure"].AsString()}"); Cookies = new CookieContainer(); Cookies.Add(new Cookie("steamLogin", result["token"].AsString(), "/", "store.steampowered.com")); Cookies.Add(new Cookie("steamLoginSecure", result["tokensecure"].AsString(), "/", "store.steampowered.com")); } IsAuthorized = true; Log.WriteInfo("WebAuth", "Authenticated"); if (!Settings.IsFullRun) { await AccountInfo.RefreshAppsToIdle(); } return(true); }