private string _generateConfirmationQueryParams(string tag)
{
long time = TimeAligner.GetSteamTime();
return("p=" + this.DeviceID + "&a=" + this.Session.SteamID.ToString() + "&k=" + _generateConfirmationHashForTime(time, tag) + "&t=" + time + "&m=android&tag=" + tag);
}
public string GenerateSteamGuardCode()
{
return(GenerateSteamGuardCodeForTime(TimeAligner.GetSteamTime()));
}
public LoginResult DoLogin()
{
var postData = new NameValueCollection();
var cookies = _cookies;
string response = null;
if (cookies.Count == 0)
{
//Generate a SessionID
cookies.Add(new Cookie("mobileClientVersion", "0 (2.1.3)", "/", ".steamcommunity.com"));
cookies.Add(new Cookie("mobileClient", "android", "/", ".steamcommunity.com"));
cookies.Add(new Cookie("Steam_Language", "english", "/", ".steamcommunity.com"));
NameValueCollection headers = new NameValueCollection();
headers.Add("X-Requested-With", "com.valvesoftware.android.steam.community");
SteamWeb.MobileLoginRequest("https://steamcommunity.com/login?oauth_client_id=DE45CD61&oauth_scope=read_profile%20write_profile%20read_client%20write_client", "GET", null, cookies, headers);
}
postData.Add("donotcache", (TimeAligner.GetSteamTime() * 1000).ToString());
postData.Add("username", this.Username);
response = SteamWeb.MobileLoginRequest(APIEndpoints.COMMUNITY_BASE + "/login/getrsakey", "POST", postData, cookies);
if (response == null || response.Contains("<BODY>\nAn error occurred while processing your request."))
{
return(LoginResult.GeneralFailure);
}
var rsaResponse = JsonConvert.DeserializeObject <RSAResponse>(response);
if (!rsaResponse.Success)
{
return(LoginResult.BadRSA);
}
Thread.Sleep(350); //Sleep for a bit to give Steam a chance to catch up??
/*RNGCryptoServiceProvider secureRandom = new RNGCryptoServiceProvider();
* byte[] encryptedPasswordBytes;
* using (var rsaEncryptor = new RSACryptoServiceProvider())
* {
* var passwordBytes = new byte[0];
* using (var ssb = new SecureStringBytes(Password))
* {
* passwordBytes = ssb.GetBytes();
* }
* var rsaParameters = rsaEncryptor.ExportParameters(false);
* rsaParameters.Exponent = Util.HexStringToByteArray(rsaResponse.Exponent);
* rsaParameters.Modulus = Util.HexStringToByteArray(rsaResponse.Modulus);
* rsaEncryptor.ImportParameters(rsaParameters);
* encryptedPasswordBytes = rsaEncryptor.Encrypt(passwordBytes, false);
* }
*
* string encryptedPassword = Convert.ToBase64String(encryptedPasswordBytes);*/
RNGCryptoServiceProvider secureRandom = new RNGCryptoServiceProvider();
byte[] encryptedPasswordBytes;
using (var rsaEncryptor = new RSACryptoServiceProvider())
{
IntPtr unsecure = Marshal.SecureStringToGlobalAllocUnicode(Password);
string UnsecurePassword = Marshal.PtrToStringUni(unsecure);
var passwordBytes = Encoding.ASCII.GetBytes(UnsecurePassword);
var rsaParameters = rsaEncryptor.ExportParameters(false);
rsaParameters.Exponent = Util.HexStringToByteArray(rsaResponse.Exponent);
rsaParameters.Modulus = Util.HexStringToByteArray(rsaResponse.Modulus);
rsaEncryptor.ImportParameters(rsaParameters);
encryptedPasswordBytes = rsaEncryptor.Encrypt(passwordBytes, false);
}
string encryptedPassword = Convert.ToBase64String(encryptedPasswordBytes);
GC.Collect(); // security at its finest
postData.Clear();
postData.Add("donotcache", (TimeAligner.GetSteamTime() * 1000).ToString());
postData.Add("password", encryptedPassword);
postData.Add("username", this.Username);
postData.Add("twofactorcode", this.TwoFactorCode ?? "");
postData.Add("emailauth", this.RequiresEmail ? this.EmailCode : "");
postData.Add("loginfriendlyname", "");
postData.Add("captchagid", this.RequiresCaptcha ? this.CaptchaGID : "-1");
postData.Add("captcha_text", this.RequiresCaptcha ? this.CaptchaText : "");
postData.Add("emailsteamid", (this.Requires2FA || this.RequiresEmail) ? this.SteamID.ToString() : "");
postData.Add("rsatimestamp", rsaResponse.Timestamp);
postData.Add("remember_login", "true");
postData.Add("oauth_client_id", "DE45CD61");
postData.Add("oauth_scope", "read_profile write_profile read_client write_client");
response = SteamWeb.MobileLoginRequest(APIEndpoints.COMMUNITY_BASE + "/login/dologin", "POST", postData, cookies);
if (response == null)
{
return(LoginResult.GeneralFailure);
}
var loginResponse = JsonConvert.DeserializeObject <LoginResponse>(response);
if (loginResponse.Message != null)
{
if (loginResponse.Message.Contains("There have been too many login failures"))
{
return(LoginResult.TooManyFailedLogins);
}
if (loginResponse.Message.Contains("Incorrect login"))
{
return(LoginResult.BadCredentials);
}
}
if (loginResponse.CaptchaNeeded)
{
this.RequiresCaptcha = true;
this.CaptchaGID = loginResponse.CaptchaGID;
return(LoginResult.NeedCaptcha);
}
if (loginResponse.EmailAuthNeeded)
{
this.RequiresEmail = true;
this.SteamID = loginResponse.EmailSteamID;
return(LoginResult.NeedEmail);
}
if (loginResponse.TwoFactorNeeded && !loginResponse.Success)
{
this.Requires2FA = true;
return(LoginResult.Need2FA);
}
if (loginResponse.OAuthData == null || loginResponse.OAuthData.OAuthToken == null || loginResponse.OAuthData.OAuthToken.Length == 0)
{
return(LoginResult.GeneralFailure);
}
if (!loginResponse.LoginComplete)
{
return(LoginResult.BadCredentials);
}
else
{
var readableCookies = cookies.GetCookies(new Uri("https://steamcommunity.com"));
var oAuthData = loginResponse.OAuthData;
SessionData session = new SessionData();
session.OAuthToken = oAuthData.OAuthToken;
session.SteamID = oAuthData.SteamID;
session.SteamLogin = session.SteamID + "%7C%7C" + oAuthData.SteamLogin;
session.SteamLoginSecure = session.SteamID + "%7C%7C" + oAuthData.SteamLoginSecure;
session.WebCookie = oAuthData.Webcookie;
session.SessionID = readableCookies["sessionid"].Value;
this.Session = session;
this.LoggedIn = true;
return(LoginResult.LoginOkay);
}
}
public FinalizeResult FinalizeAddAuthenticator(string smsCode)
{
//The act of checking the SMS code is necessary for Steam to finalize adding the phone number to the account.
//Of course, we only want to check it if we're adding a phone number in the first place...
if (!String.IsNullOrEmpty(this.PhoneNumber) && !this._checkSMSCode(smsCode))
{
return(FinalizeResult.BadSMSCode);
}
var postData = new NameValueCollection();
postData.Add("steamid", _session.SteamID.ToString());
postData.Add("access_token", _session.OAuthToken);
postData.Add("activation_code", smsCode);
int tries = 0;
while (tries <= 30)
{
postData.Set("authenticator_code", LinkedAccount.GenerateSteamGuardCode());
postData.Set("authenticator_time", TimeAligner.GetSteamTime().ToString());
string response = SteamWeb.MobileLoginRequest(APIEndpoints.STEAMAPI_BASE + "/ITwoFactorService/FinalizeAddAuthenticator/v0001", "POST", postData);
if (response == null)
{
return(FinalizeResult.GeneralFailure);
}
var finalizeResponse = JsonConvert.DeserializeObject <FinalizeAuthenticatorResponse>(response);
if (finalizeResponse == null || finalizeResponse.Response == null)
{
return(FinalizeResult.GeneralFailure);
}
if (finalizeResponse.Response.Status == 89)
{
return(FinalizeResult.BadSMSCode);
}
if (finalizeResponse.Response.Status == 88)
{
if (tries >= 30)
{
return(FinalizeResult.UnableToGenerateCorrectCodes);
}
}
if (!finalizeResponse.Response.Success)
{
return(FinalizeResult.GeneralFailure);
}
if (finalizeResponse.Response.WantMore)
{
tries++;
continue;
}
this.LinkedAccount.FullyEnrolled = true;
return(FinalizeResult.Success);
}
return(FinalizeResult.GeneralFailure);
}
public FinalizeResult FinalizeAddAuthenticator(string smsCode)
{
bool smsCodeGood = false;
var postData = new NameValueCollection();
postData.Add("steamid", _session.SteamID.ToString());
postData.Add("access_token", _session.OAuthToken);
postData.Add("activation_code", smsCode);
postData.Add("authenticator_code", "");
int tries = 0;
while (tries <= 30)
{
postData.Set("authenticator_code", tries == 0 ? "" : LinkedAccount.GenerateSteamGuardCode());
postData.Add("authenticator_time", TimeAligner.GetSteamTime().ToString());
if (smsCodeGood)
{
postData.Set("activation_code", "");
}
string response = SteamWeb.MobileLoginRequest(APIEndpoints.STEAMAPI_BASE + "/ITwoFactorService/FinalizeAddAuthenticator/v0001", "POST", postData);
if (response == null)
{
return(FinalizeResult.GeneralFailure);
}
var finalizeResponse = JsonConvert.DeserializeObject <FinalizeAuthenticatorResponse>(response);
if (finalizeResponse == null || finalizeResponse.Response == null)
{
return(FinalizeResult.GeneralFailure);
}
if (finalizeResponse.Response.Status == 89)
{
return(FinalizeResult.BadSMSCode);
}
if (finalizeResponse.Response.Status == 88)
{
if (tries >= 30)
{
return(FinalizeResult.UnableToGenerateCorrectCodes);
}
}
if (!finalizeResponse.Response.Success)
{
return(FinalizeResult.GeneralFailure);
}
if (finalizeResponse.Response.WantMore)
{
smsCodeGood = true;
tries++;
continue;
}
this.LinkedAccount.FullyEnrolled = true;
return(FinalizeResult.Success);
}
return(FinalizeResult.GeneralFailure);
}
