public static bool AuthenticateUser()
{
// 32 byte random blob of data
var sessionKey = CryptoHelper.GenerateRandomBlock(32);
byte[] encryptedSessionKey;
// ... which is then encrypted with RSA using the Steam system's public key
using (var rsa = new RSACrypto(KeyDictionary.GetPublicKey(Steam.Instance.Client.Universe)))
{
encryptedSessionKey = rsa.Encrypt(sessionKey);
}
// users hashed loginkey, AES encrypted with the sessionkey
var encryptedLoginKey = CryptoHelper.SymmetricEncrypt(Encoding.ASCII.GetBytes(WebAPIUserNonce), sessionKey);
using (dynamic userAuth = WebAPI.GetInterface("ISteamUserAuth"))
{
KeyValue result;
try
{
result = userAuth.AuthenticateUser(
steamid: Steam.Instance.Client.SteamID.ConvertToUInt64(),
sessionkey: WebHelpers.UrlEncode(encryptedSessionKey),
encrypted_loginkey: WebHelpers.UrlEncode(encryptedLoginKey),
method: "POST",
secure: true
);
}
catch (WebException e)
{
var response = (HttpWebResponse)e.Response;
if (response.StatusCode == HttpStatusCode.Unauthorized || response.StatusCode == HttpStatusCode.Forbidden)
{
IsAuthorized = false;
if (Steam.Instance.Client.IsConnected)
{
Steam.Instance.User.RequestWebAPIUserNonce();
}
}
Log.WriteWarn("WebAuth", "Failed to authenticate: {0}", e.Message);
return(false);
}
File.WriteAllText(Path.Combine(Application.Path, "files", ".support", "cookie.txt"), $"steamLogin={result["token"].AsString()}; steamLoginSecure={result["tokensecure"].AsString()}");
Cookies = new CookieContainer();
Cookies.Add(new Cookie("steamLogin", result["token"].AsString(), "/", "store.steampowered.com"));
Cookies.Add(new Cookie("steamLoginSecure", result["tokensecure"].AsString(), "/", "store.steampowered.com"));
}
IsAuthorized = true;
Log.WriteInfo("WebAuth", "Authenticated");
TaskManager.RunAsync(async() => await AccountInfo.RefreshAppsToIdle());
return(true);
}
