示例#1
0
        private static bool AuthenticateUser()
        {
            // 32 byte random blob of data
            var sessionKey = CryptoHelper.GenerateRandomBlock(32);

            byte[] encryptedSessionKey;

            // ... which is then encrypted with RSA using the Steam system's public key
            using (var rsa = new RSACrypto(KeyDictionary.GetPublicKey(Steam.Instance.Client.Universe)))
            {
                encryptedSessionKey = rsa.Encrypt(sessionKey);
            }

            // users hashed loginkey, AES encrypted with the sessionkey
            var encryptedLoginKey = CryptoHelper.SymmetricEncrypt(Encoding.ASCII.GetBytes(WebAPIUserNonce), sessionKey);

            using (dynamic userAuth = WebAPI.GetInterface("ISteamUserAuth"))
            {
                KeyValue result;

                try
                {
                    result = userAuth.AuthenticateUser(
                        steamid: Steam.Instance.Client.SteamID.ConvertToUInt64(),
                        sessionkey: WebHelpers.UrlEncode(encryptedSessionKey),
                        encrypted_loginkey: WebHelpers.UrlEncode(encryptedLoginKey),
                        method: "POST",
                        secure: true
                        );
                }
                catch (WebException e)
                {
                    var response = (HttpWebResponse)e.Response;

                    if (response.StatusCode == HttpStatusCode.Unauthorized || response.StatusCode == HttpStatusCode.Forbidden)
                    {
                        IsAuthorized = false;

                        if (Steam.Instance.Client.IsConnected)
                        {
                            Steam.Instance.User.RequestWebAPIUserNonce();
                        }
                    }

                    Log.WriteWarn("WebAuth", "Failed to authenticate: {0}", e.Message);

                    return(false);
                }

                Cookies = new CookieContainer();
                Cookies.Add(new Cookie("steamLogin", result["token"].AsString(), "/", "store.steampowered.com"));
                Cookies.Add(new Cookie("steamLoginSecure", result["tokensecure"].AsString(), "/", "store.steampowered.com"));
            }

            IsAuthorized = true;

            Log.WriteInfo("WebAuth", "Authenticated");

            return(true);
        }
示例#2
0
        public bool Authenticate(string myUniqueId, SteamClient client, string myLoginKey)
        {
            Token     = TokenSecure = String.Empty;
            SessionID = Convert.ToBase64String(Encoding.UTF8.GetBytes(myUniqueId));

            _cookies = new CookieContainer();

            using (dynamic userAuth = WebAPI.GetInterface("ISteamUserAuth"))
            {
                // userAuth.Timeout = TimeSpan.FromSeconds(5);
                // Generate an AES session key.
                var sessionKey = CryptoHelper.GenerateRandomBlock(32);

                // rsa encrypt it with the public key for the universe we're on
                byte[] cryptedSessionKey = null;

                using (RSACrypto rsa = new RSACrypto(KeyDictionary.GetPublicKey(client.Universe)))
                {
                    cryptedSessionKey = rsa.Encrypt(sessionKey);
                }
                byte[] loginKey = new byte[20];
                Array.Copy(Encoding.ASCII.GetBytes(myLoginKey), loginKey, myLoginKey.Length);

                // AES encrypt the loginkey with our session key.
                byte[] cryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

                KeyValue authResult;

                // Get the Authentification Result.
                try
                {
                    Dictionary <string, object> sessionArgs = new Dictionary <string, object>()
                    {
                        { "steamid", client.SteamID.ConvertToUInt64() },
                        { "sessionkey", cryptedSessionKey },
                        { "encrypted_loginkey", cryptedLoginKey }
                    };
                    authResult = userAuth.Call(HttpMethod.Post, "AuthenticateUser", args: sessionArgs);
                }
                catch (Exception hehe)
                {
                    Console.WriteLine("Unable to make AuthenticateUser API Request: {0}", hehe.Message);

                    Token = TokenSecure = null;
                    return(false);
                }

                Token       = authResult["token"].AsString();
                TokenSecure = authResult["tokensecure"].AsString();

                // Adding cookies to the cookie container.
                _cookies.Add(new Cookie("sessionid", SessionID, string.Empty, SteamCommunityDomain));
                _cookies.Add(new Cookie("steamLogin", Token, string.Empty, SteamCommunityDomain));
                _cookies.Add(new Cookie("steamLoginSecure", TokenSecure, string.Empty, SteamCommunityDomain));
                _cookies.Add(new Cookie("Steam_Language", "english", string.Empty, SteamCommunityDomain));

                Console.WriteLine("Crukies: " + VerifyCookies());
                return(true);
            }
        }
示例#3
0
        public static async Task <WebSession> AuthenticateWebSession(
            this SteamClient client,
            string userNonce
            )
        {
            // Generate random SessionId
            var sessionId = Guid.NewGuid().ToString("N");

            // Generate an AES SessionKey.
            var sessionKey = CryptoHelper.GenerateRandomBlock(32);

            // rsa encrypt it with the public key for the universe we're on
            byte[] encryptedSessionKey;

            using (var rsa = new RSACrypto(KeyDictionary.GetPublicKey(client.Universe)))
            {
                encryptedSessionKey = rsa.Encrypt(sessionKey);
            }

            // AES encrypt the loginkey with our session key.
            var encryptedLoginKey = CryptoHelper.SymmetricEncrypt(
                Encoding.ASCII.GetBytes(userNonce),
                sessionKey
                );

            try
            {
                using (var steamUserAuth = WebAPI.GetAsyncInterface("ISteamUserAuth"))
                {
                    var result = await steamUserAuth.CallAsync(
                        HttpMethod.Post,
                        "AuthenticateUser",
                        1,
                        new Dictionary <string, object>
                    {
                        { "steamid", client.SteamID.ConvertToUInt64().ToString() },
                        { "sessionkey", encryptedSessionKey },
                        { "encrypted_loginkey", encryptedLoginKey }
                    }
                        ).ConfigureAwait(false);

                    return(new WebSession(
                               client.SteamID.ConvertToUInt64(),
                               result["token"]?.Value?.ToUpper(),
                               result["tokensecure"]?.Value?.ToUpper(),
                               sessionId,
                               null,
                               null
                               ));
                }
            }
            catch
            {
                return(null);
            }
        }
示例#4
0
        ///<summary>
        /// Authenticate using SteamKit2 and ISteamUserAuth.
        /// This does the same as SteamWeb.DoLogin(), but without contacting the Steam Website.
        /// </summary>
        /// <remarks>Should this one doesnt work anymore, use <see cref="SteamWeb.DoLogin"/></remarks>
        /// <param name="myUniqueId">Id what you get to login.</param>
        /// <param name="client">An instance of a SteamClient.</param>
        /// <param name="myLoginKey">Login Key of your account.</param>
        /// <returns>A bool, which is true if the login was successful.</returns>
        public bool Authenticate(string myUniqueId, SteamClient client, string myLoginKey)
        {
            Token     = TokenSecure = "";
            SessionId = Convert.ToBase64String(Encoding.UTF8.GetBytes(myUniqueId));
            _cookies  = new CookieContainer();

            using (dynamic userAuth = WebAPI.GetInterface("ISteamUserAuth"))
            {
                // Generate an AES session key.
                var sessionKey = CryptoHelper.GenerateRandomBlock(32);

                // rsa encrypt it with the public key for the universe we're on
                byte[] cryptedSessionKey;
                using (RSACrypto rsa = new RSACrypto(KeyDictionary.GetPublicKey(client.Universe)))
                {
                    cryptedSessionKey = rsa.Encrypt(sessionKey);
                }

                byte[] loginKey = new byte[20];
                Array.Copy(Encoding.ASCII.GetBytes(myLoginKey), loginKey, myLoginKey.Length);

                // AES encrypt the loginkey with our session key.
                byte[] cryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

                KeyValue authResult;

                // Get the Authentification Result.
                try
                {
                    authResult = userAuth.AuthenticateUser(
                        steamid: client.SteamID.ConvertToUInt64(),
                        sessionkey: HttpUtility.UrlEncode(cryptedSessionKey),
                        encrypted_loginkey: HttpUtility.UrlEncode(cryptedLoginKey),
                        method: "POST",
                        secure: true
                        );
                }
                catch (Exception e)
                {
                    Token = TokenSecure = null;
                    return(false);
                }

                Token       = authResult["token"].AsString();
                TokenSecure = authResult["tokensecure"].AsString();

                // Adding cookies to the cookie container.
                _cookies.Add(new Cookie("sessionid", SessionId, string.Empty, SteamCommunityDomain));
                _cookies.Add(new Cookie("steamLogin", Token, string.Empty, SteamCommunityDomain));
                _cookies.Add(new Cookie("steamLoginSecure", TokenSecure, string.Empty, SteamCommunityDomain));
                _cookies.Add(new Cookie("Steam_Language", "english", string.Empty, SteamCommunityDomain));

                return(true);
            }
        }
示例#5
0
        public async Task <bool> AuthenticateAsync(ulong steamId, SteamClient client, string myLoginKey)
        {
            mToken           = mTokenSecure = "";
            mSessionId       = Convert.ToBase64String(Encoding.UTF8.GetBytes(steamId.ToString()));
            mCookieContainer = new CookieContainer();
            KeyValue response;

            using (WebAPI.AsyncInterface iSteamUserAuth = client.Configuration.GetAsyncWebAPIInterface("ISteamUserAuth"))
            {
                // generate an AES session key
                var sessionKey = CryptoHelper.GenerateRandomBlock(32);

                // rsa encrypt it with the public key for the universe we're on
                byte[] cryptedSessionKey = null;
                using (RSACrypto rsa = new RSACrypto(KeyDictionary.GetPublicKey(client.Universe)))
                {
                    cryptedSessionKey = rsa.Encrypt(sessionKey);
                }

                byte[] loginKey = Encoding.UTF8.GetBytes(myLoginKey);

                // aes encrypt the loginkey with our session key
                byte[] cryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

                try
                {
                    response = await iSteamUserAuth.CallAsync(
                        HttpMethod.Post, "AuthenticateUser", args : new Dictionary <string, object>(3, StringComparer.Ordinal)
                    {
                        { "encrypted_loginkey", cryptedLoginKey },
                        { "sessionkey", cryptedSessionKey },
                        { "steamid", client.SteamID.ConvertToUInt64() }
                    });
                }
                catch (TaskCanceledException e)
                {
                    mToken = mTokenSecure = null;
                    return(false);
                }
                catch (Exception e)
                {
                    mToken = mTokenSecure = null;
                    return(false);
                }

                mToken       = response["token"].AsString();
                mTokenSecure = response["tokensecure"].AsString();

                mCookieContainer.Add(new Cookie("sessionid", mSessionId, String.Empty, mSteamCommunityDomain));
                mCookieContainer.Add(new Cookie("steamLogin", mToken, String.Empty, mSteamCommunityDomain));
                mCookieContainer.Add(new Cookie("steamLoginSecure", mTokenSecure, String.Empty, mSteamCommunityDomain));

                return(true);
            }
        }
示例#6
0
        public bool Authenticate(string myUniqueId, SteamClient client, string myLoginKey)
        {
            mToken           = mTokenSecure = "";
            mSessionId       = Convert.ToBase64String(Encoding.UTF8.GetBytes(myUniqueId));
            mCookieContainer = new CookieContainer();

            using (var userAuth = WebAPI.GetInterface("ISteamUserAuth"))
            {
                // generate an AES session key
                var sessionKey = CryptoHelper.GenerateRandomBlock(32);

                // rsa encrypt it with the public key for the universe we're on
                byte[] cryptedSessionKey = null;
                using (RSACrypto rsa = new RSACrypto(KeyDictionary.GetPublicKey(client.Universe)))
                {
                    cryptedSessionKey = rsa.Encrypt(sessionKey);
                }

                byte[] loginKey = new byte[20];
                Array.Copy(Encoding.ASCII.GetBytes(myLoginKey), loginKey, myLoginKey.Length);

                // aes encrypt the loginkey with our session key
                byte[] cryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

                KeyValue authResult;

                try
                {
                    var dict = new System.Collections.Generic.Dictionary <string, object>()
                    {
                        { "steamid", client.SteamID.ConvertToUInt64() },
                        { "sessionkey", cryptedSessionKey },
                        { "encrypted_loginkey", cryptedLoginKey },
                        { "secure", true }
                    };

                    authResult = userAuth.Call(System.Net.Http.HttpMethod.Post, "AuthenticateUser", 1, dict);
                }
                catch (Exception)
                {
                    mToken = mTokenSecure = null;
                    return(false);
                }

                mToken       = authResult["token"].AsString();
                mTokenSecure = authResult["tokensecure"].AsString();

                mCookieContainer.Add(new Cookie("sessionid", mSessionId, string.Empty, mSteamCommunityDomain));
                mCookieContainer.Add(new Cookie("steamLogin", mToken, string.Empty, mSteamCommunityDomain));
                mCookieContainer.Add(new Cookie("steamLoginSecure", mTokenSecure, string.Empty, mSteamCommunityDomain));

                return(true);
            }
        }
示例#7
0
        ///<summary>
        /// Authenticate using SteamKit2 and ISteamUserAuth.
        /// This does the same as SteamWeb.DoLogin(), but without contacting the Steam Website.
        /// </summary>
        /// <remarks>Should this one doesnt work anymore, use <see cref="SteamWeb.DoLogin"/></remarks>
        public static bool Authenticate(string myUniqueId, SteamClient client, out string sessionId, out string token, out string tokensecure, string myLoginKey)
        {
            sessionId = Convert.ToBase64String(Encoding.UTF8.GetBytes(myUniqueId));

            using (dynamic userAuth = WebAPI.GetInterface("ISteamUserAuth"))
            {
                // generate an AES session key
                var sessionKey = CryptoHelper.GenerateRandomBlock(32);

                // rsa encrypt it with the public key for the universe we're on
                byte[] cryptedSessionKey = null;
                using (RSACrypto rsa = new RSACrypto(KeyDictionary.GetPublicKey(client.ConnectedUniverse)))
                {
                    cryptedSessionKey = rsa.Encrypt(sessionKey);
                }


                byte[] loginKey = new byte[20];
                Array.Copy(Encoding.ASCII.GetBytes(myLoginKey), loginKey, myLoginKey.Length);

                // aes encrypt the loginkey with our session key
                byte[] cryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

                KeyValue authResult;

                try
                {
                    authResult = userAuth.AuthenticateUser(
                        steamid: client.SteamID.ConvertToUInt64(),
                        sessionkey: HttpUtility.UrlEncode(cryptedSessionKey),
                        encrypted_loginkey: HttpUtility.UrlEncode(cryptedLoginKey),
                        method: "POST",
                        secure: true
                        );
                }
                catch (Exception)
                {
                    token       = null;
                    tokensecure = null;
                    return(false);
                }

                token       = authResult ["token"].AsString();
                tokensecure = authResult["tokensecure"].AsString();

                return(true);
            }
        }
示例#8
0
        void HandleEncryptRequest(IPacketMsg packetMsg)
        {
            var encRequest = new Msg <MsgChannelEncryptRequest>(packetMsg);

            EUniverse eUniv        = encRequest.Body.Universe;
            uint      protoVersion = encRequest.Body.ProtocolVersion;

            DebugLog.WriteLine("CMClient", "Got encryption request. Universe: {0} Protocol ver: {1}", eUniv, protoVersion);
            DebugLog.Assert(protoVersion == 1, "CMClient", "Encryption handshake protocol version mismatch!");

            byte[] pubKey = KeyDictionary.GetPublicKey(eUniv);

            if (pubKey == null)
            {
                DebugLog.WriteLine("CMClient", "HandleEncryptionRequest got request for invalid universe! Universe: {0} Protocol ver: {1}", eUniv, protoVersion);
                return;
            }

            ConnectedUniverse = eUniv;

            var encResp = new Msg <MsgChannelEncryptResponse>();

            tempSessionKey = CryptoHelper.GenerateRandomBlock(32);
            byte[] cryptedSessKey = null;

            using (var rsa = new RSACrypto(pubKey))
            {
                cryptedSessKey = rsa.Encrypt(tempSessionKey);
            }

            byte[] keyCrc = CryptoHelper.CRCHash(cryptedSessKey);

            encResp.Write(cryptedSessKey);
            encResp.Write(keyCrc);
            encResp.Write(( uint )0);

            this.Send(encResp);
        }
示例#9
0
        public static async Task <bool> AuthenticateUser()
        {
            SteamUser.WebAPIUserNonceCallback nonce;
            ulong steamid;

            try
            {
                nonce = await Steam.Instance.User.RequestWebAPIUserNonce();

                steamid = Steam.Instance.Client.SteamID.ConvertToUInt64();
            }
            catch (Exception e)
            {
                IsAuthorized = false;

                Log.WriteWarn("WebAuth", "Failed to get nonce: {0}", e.Message);

                return(false);
            }

            // 32 byte random blob of data
            var sessionKey = CryptoHelper.GenerateRandomBlock(32);

            byte[] encryptedSessionKey;

            // ... which is then encrypted with RSA using the Steam system's public key
            using (var rsa = new RSACrypto(KeyDictionary.GetPublicKey(Steam.Instance.Client.Universe) !))
            {
                encryptedSessionKey = rsa.Encrypt(sessionKey);
            }

            // users hashed loginkey, AES encrypted with the sessionkey
            var encryptedLoginKey = CryptoHelper.SymmetricEncrypt(Encoding.ASCII.GetBytes(nonce.Nonce), sessionKey);

            using (var userAuth = Steam.Configuration.GetAsyncWebAPIInterface("ISteamUserAuth"))
            {
                KeyValue result;

                try
                {
                    result = await userAuth.CallAsync(HttpMethod.Post, "AuthenticateUser", 1,
                                                      new Dictionary <string, object>
                    {
                        { "steamid", steamid },
                        { "sessionkey", encryptedSessionKey },
                        { "encrypted_loginkey", encryptedLoginKey },
                    }
                                                      );
                }
                catch (HttpRequestException e)
                {
                    IsAuthorized = false;

                    Log.WriteWarn("WebAuth", "Failed to authenticate: {0}", e.Message);

                    return(false);
                }

                Cookies = new CookieContainer();
                Cookies.Add(new Cookie("steamLogin", result["token"].AsString(), "/", "store.steampowered.com"));
                Cookies.Add(new Cookie("steamLoginSecure", result["tokensecure"].AsString(), "/", "store.steampowered.com"));
            }

            IsAuthorized = true;

            Log.WriteInfo("WebAuth", "Authenticated");

            return(true);
        }
示例#10
0
        internal async Task <bool> Init(SteamClient steamClient, string webAPIUserNonce, string parentalPin)
        {
            if (steamClient == null || steamClient.SteamID == null || string.IsNullOrEmpty(webAPIUserNonce))
            {
                return(false);
            }

            SteamID = steamClient.SteamID;

            string sessionID = Convert.ToBase64String(Encoding.UTF8.GetBytes(SteamID.ToString()));

            // Generate an AES session key
            byte[] sessionKey = CryptoHelper.GenerateRandomBlock(32);

            // RSA encrypt it with the public key for the universe we're on
            byte[] cryptedSessionKey;
            using (RSACrypto rsa = new RSACrypto(KeyDictionary.GetPublicKey(steamClient.ConnectedUniverse))) {
                cryptedSessionKey = rsa.Encrypt(sessionKey);
            }

            // Copy our login key
            byte[] loginKey = new byte[webAPIUserNonce.Length];
            Array.Copy(Encoding.ASCII.GetBytes(webAPIUserNonce), loginKey, webAPIUserNonce.Length);

            // AES encrypt the loginkey with our session key
            byte[] cryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

            // Do the magic
            Logging.LogGenericInfo("Logging in to ISteamUserAuth...", Bot.BotName);

            KeyValue authResult;

            using (dynamic iSteamUserAuth = WebAPI.GetInterface("ISteamUserAuth")) {
                iSteamUserAuth.Timeout = Timeout;

                try {
                    authResult = iSteamUserAuth.AuthenticateUser(
                        steamid: SteamID,
                        sessionkey: Encoding.ASCII.GetString(WebUtility.UrlEncodeToBytes(cryptedSessionKey, 0, cryptedSessionKey.Length)),
                        encrypted_loginkey: Encoding.ASCII.GetString(WebUtility.UrlEncodeToBytes(cryptedLoginKey, 0, cryptedLoginKey.Length)),
                        method: WebRequestMethods.Http.Post,
                        secure: !Program.GlobalConfig.ForceHttp
                        );
                } catch (Exception e) {
                    Logging.LogGenericException(e, Bot.BotName);
                    return(false);
                }
            }

            if (authResult == null)
            {
                return(false);
            }

            Logging.LogGenericInfo("Success!", Bot.BotName);

            string steamLogin       = authResult["token"].AsString();
            string steamLoginSecure = authResult["tokensecure"].AsString();

            Cookie["sessionid"]        = sessionID;
            Cookie["steamLogin"]       = steamLogin;
            Cookie["steamLoginSecure"] = steamLoginSecure;

            // The below is used for display purposes only
            Cookie["webTradeEligibility"] = "{\"allowed\":0,\"reason\":0,\"allowed_at_time\":0,\"steamguard_required_days\":0,\"sales_this_year\":0,\"max_sales_per_year\":0,\"forms_requested\":0}";

            await UnlockParentalAccount(parentalPin).ConfigureAwait(false);

            return(true);
        }
        internal async Task <bool> Init(ulong steamID, EUniverse universe, string webAPIUserNonce, string parentalPin)
        {
            if ((steamID == 0) || (universe == EUniverse.Invalid) || string.IsNullOrEmpty(webAPIUserNonce) || string.IsNullOrEmpty(parentalPin))
            {
                Logging.LogNullError(nameof(steamID) + " || " + nameof(universe) + " || " + nameof(webAPIUserNonce) + " || " + nameof(parentalPin), Bot.BotName);
                return(false);
            }

            SteamID = steamID;

            string sessionID = Convert.ToBase64String(Encoding.UTF8.GetBytes(steamID.ToString()));

            // Generate an AES session key
            byte[] sessionKey = SteamKit2.CryptoHelper.GenerateRandomBlock(32);

            // RSA encrypt it with the public key for the universe we're on
            byte[] cryptedSessionKey;
            using (RSACrypto rsa = new RSACrypto(KeyDictionary.GetPublicKey(universe))) {
                cryptedSessionKey = rsa.Encrypt(sessionKey);
            }

            // Copy our login key
            byte[] loginKey = new byte[webAPIUserNonce.Length];
            Array.Copy(Encoding.ASCII.GetBytes(webAPIUserNonce), loginKey, webAPIUserNonce.Length);

            // AES encrypt the loginkey with our session key
            byte[] cryptedLoginKey = SteamKit2.CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

            // Do the magic
            Logging.LogGenericInfo("Logging in to ISteamUserAuth...", Bot.BotName);

            KeyValue authResult;

            using (dynamic iSteamUserAuth = WebAPI.GetInterface("ISteamUserAuth")) {
                iSteamUserAuth.Timeout = Timeout;

                try {
                    authResult = iSteamUserAuth.AuthenticateUser(
                        steamid: steamID,
                        sessionkey: Encoding.ASCII.GetString(WebUtility.UrlEncodeToBytes(cryptedSessionKey, 0, cryptedSessionKey.Length)),
                        encrypted_loginkey: Encoding.ASCII.GetString(WebUtility.UrlEncodeToBytes(cryptedLoginKey, 0, cryptedLoginKey.Length)),
                        method: WebRequestMethods.Http.Post,
                        secure: !Program.GlobalConfig.ForceHttp
                        );
                } catch (Exception e) {
                    Logging.LogGenericException(e, Bot.BotName);
                    return(false);
                }
            }

            if (authResult == null)
            {
                Logging.LogNullError(nameof(authResult), Bot.BotName);
                return(false);
            }

            string steamLogin = authResult["token"].Value;

            if (string.IsNullOrEmpty(steamLogin))
            {
                Logging.LogNullError(nameof(steamLogin), Bot.BotName);
                return(false);
            }

            string steamLoginSecure = authResult["tokensecure"].Value;

            if (string.IsNullOrEmpty(steamLoginSecure))
            {
                Logging.LogNullError(nameof(steamLoginSecure), Bot.BotName);
                return(false);
            }

            WebBrowser.CookieContainer.Add(new Cookie("sessionid", sessionID, "/", "." + SteamCommunityHost));
            WebBrowser.CookieContainer.Add(new Cookie("steamLogin", steamLogin, "/", "." + SteamCommunityHost));
            WebBrowser.CookieContainer.Add(new Cookie("steamLoginSecure", steamLoginSecure, "/", "." + SteamCommunityHost));

            Logging.LogGenericInfo("Success!", Bot.BotName);

            // Unlock Steam Parental if needed
            if (!parentalPin.Equals("0"))
            {
                if (!await UnlockParentalAccount(parentalPin).ConfigureAwait(false))
                {
                    return(false);
                }
            }

            Ready = true;
            LastSessionRefreshCheck = DateTime.Now;
            return(true);
        }
        ///<summary>
        /// Authenticate using SteamKit2 and ISteamUserAuth.
        /// This does the same as SteamWeb.DoLogin(), but without contacting the Steam Website.
        /// </summary>
        /// <remarks>Should this one doesnt work anymore, use <see cref="SteamWeb.DoLogin"/></remarks>
        /// <param name="myUniqueId">Id what you get to login.</param>
        /// <param name="client">An instance of a SteamClient.</param>
        /// <param name="myLoginKey">Login Key of your account.</param>
        /// <returns>A bool, which is true if the login was successful.</returns>
        public bool Authenticate(string myUniqueId, SteamClient client, string myLoginKey)
        {
            Token     = TokenSecure = "";
            SessionId = Convert.ToBase64String(Encoding.UTF8.GetBytes(myUniqueId));
            _cookies  = new CookieContainer();

            using (dynamic userAuth = WebAPI.GetInterface("ISteamUserAuth"))
            {
                // Generate an AES session key.
                var sessionKey = CryptoHelper.GenerateRandomBlock(32);

                // rsa encrypt it with the public key for the universe we're on
                byte[] cryptedSessionKey;
                using (RSACrypto rsa = new RSACrypto(KeyDictionary.GetPublicKey(client.ConnectedUniverse)))
                {
                    cryptedSessionKey = rsa.Encrypt(sessionKey);
                }

                byte[] loginKey = new byte[20];
                Array.Copy(Encoding.ASCII.GetBytes(myLoginKey), loginKey, myLoginKey.Length);

                // AES encrypt the loginkey with our session key.
                byte[] cryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

                KeyValue authResult;

                // Get the Authentification Result.
                try
                {
                    authResult = userAuth.AuthenticateUser(
                        steamid: client.SteamID.ConvertToUInt64(),
                        sessionkey: HttpUtility.UrlEncode(cryptedSessionKey),
                        encrypted_loginkey: HttpUtility.UrlEncode(cryptedLoginKey),
                        method: "POST",
                        secure: true
                        );
                }
                catch (Exception)
                {
                    Token = TokenSecure = null;
                    return(false);
                }

                Token       = authResult["token"].AsString();
                TokenSecure = authResult["tokensecure"].AsString();

                // Adding cookies to the cookie container.
                _cookies.Add(new Cookie("sessionid", SessionId, string.Empty, SteamCommunityDomain));
                _cookies.Add(new Cookie("steamLogin", Token, string.Empty, SteamCommunityDomain));
                _cookies.Add(new Cookie("steamLoginSecure", TokenSecure, string.Empty, SteamCommunityDomain));

                //Add custom shit to the cookie
                _cookies.Add(new Cookie("webTradeEligibility",
                                        "%7B%22allowed%22%3A1%2C%22allowed_at_time%22%3A0%2C%22steamguard_required_days%22%3A15%2C%22sales_this_year%22%3A6%2C%22max_sales_per_year%22%3A200%2C%22forms_requested%22%3A0%2C%22new_device_cooldown_days%22%3A7%7D",
                                        string.Empty,
                                        SteamCommunityDomain));
                _cookies.Add(new Cookie("strInventoryLastContext", "730_2", string.Empty, SteamCommunityDomain));

                return(true);
            }
        }
示例#13
0
        internal async Task Init(SteamClient steamClient, string webAPIUserNonce, string vanityURL, string parentalPin)
        {
            if (steamClient == null || steamClient.SteamID == null || string.IsNullOrEmpty(webAPIUserNonce))
            {
                return;
            }

            SteamID   = steamClient.SteamID;
            VanityURL = vanityURL;

            string sessionID = Convert.ToBase64String(Encoding.UTF8.GetBytes(SteamID.ToString(CultureInfo.InvariantCulture)));

            // Generate an AES session key
            byte[] sessionKey = CryptoHelper.GenerateRandomBlock(32);

            // RSA encrypt it with the public key for the universe we're on
            byte[] cryptedSessionKey = null;
            using (RSACrypto rsa = new RSACrypto(KeyDictionary.GetPublicKey(steamClient.ConnectedUniverse))) {
                cryptedSessionKey = rsa.Encrypt(sessionKey);
            }

            // Copy our login key
            byte[] loginKey = new byte[20];
            Array.Copy(Encoding.ASCII.GetBytes(webAPIUserNonce), loginKey, webAPIUserNonce.Length);

            // AES encrypt the loginkey with our session key
            byte[] cryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

            // Send the magic
            KeyValue authResult;

            Logging.LogGenericInfo(Bot.BotName, "Logging in to ISteamUserAuth...");
            using (dynamic iSteamUserAuth = WebAPI.GetInterface("ISteamUserAuth")) {
                iSteamUserAuth.Timeout = Timeout;

                try {
                    authResult = iSteamUserAuth.AuthenticateUser(
                        steamid: SteamID,
                        sessionkey: Encoding.ASCII.GetString(WebUtility.UrlEncodeToBytes(cryptedSessionKey, 0, cryptedSessionKey.Length)),
                        encrypted_loginkey: Encoding.ASCII.GetString(WebUtility.UrlEncodeToBytes(cryptedLoginKey, 0, cryptedLoginKey.Length)),
                        method: WebRequestMethods.Http.Post,
                        secure: true
                        );
                } catch (Exception e) {
                    Logging.LogGenericException(Bot.BotName, e);
                    steamClient.Disconnect();                     // We may get 403 if we use the same webAPIUserNonce twice
                    return;
                }
            }

            if (authResult == null)
            {
                steamClient.Disconnect();                 // Try again
                return;
            }

            Logging.LogGenericInfo(Bot.BotName, "Success!");

            string steamLogin       = authResult["token"].AsString();
            string steamLoginSecure = authResult["tokensecure"].AsString();

            SteamCookieDictionary.Clear();
            SteamCookieDictionary.Add("sessionid", sessionID);
            SteamCookieDictionary.Add("steamLogin", steamLogin);
            SteamCookieDictionary.Add("steamLoginSecure", steamLoginSecure);
            SteamCookieDictionary.Add("birthtime", "-473356799");             // ( ͡° ͜ʖ ͡°)

            if (!string.IsNullOrEmpty(parentalPin) && !parentalPin.Equals("0"))
            {
                Logging.LogGenericInfo(Bot.BotName, "Unlocking parental account...");
                Dictionary <string, string> postData = new Dictionary <string, string>()
                {
                    { "pin", parentalPin }
                };

                HttpResponseMessage response = await Utilities.UrlPostRequestWithResponse("https://steamcommunity.com/parental/ajaxunlock", postData, SteamCookieDictionary, "https://steamcommunity.com/").ConfigureAwait(false);

                if (response != null && response.IsSuccessStatusCode)
                {
                    Logging.LogGenericInfo(Bot.BotName, "Success!");

                    var setCookieValues = response.Headers.GetValues("Set-Cookie");
                    foreach (string setCookieValue in setCookieValues)
                    {
                        if (setCookieValue.Contains("steamparental="))
                        {
                            string setCookie = setCookieValue.Substring(setCookieValue.IndexOf("steamparental=") + 14);
                            setCookie = setCookie.Substring(0, setCookie.IndexOf(';'));
                            SteamCookieDictionary.Add("steamparental", setCookie);
                            break;
                        }
                    }
                }
                else
                {
                    Logging.LogGenericInfo(Bot.BotName, "Failed!");
                }
            }

            Bot.Trading.CheckTrades();
        }
示例#14
0
        /// <summary>
        ///     重新获取新 Cookies,如果是第一次调用本方法,会同时启用定时检测计时器
        /// </summary>
        public async Task Refresh()
        {
            if (!_checkTimer.Enabled)
            {
                _logger.Info($"#{BotSequenceNumber} Cookies check timer started.");
                _checkTimer.Start();
            }

            if (string.IsNullOrWhiteSpace(WebApiUserNonce))
            {
                return;
            }

            // generate an AES session key
            var sessionKey = CryptoHelper.GenerateRandomBlock(32);

            // RSA encrypt it with the public key for the universe we're on
            byte[] encryptedSessionKey;
            using (var rsa = new RSACrypto(KeyDictionary.GetPublicKey(ConnectedUniverse)))
            {
                encryptedSessionKey = rsa.Encrypt(sessionKey);
            }

            var loginKey = new byte[20];

            Array.Copy(Encoding.ASCII.GetBytes(WebApiUserNonce), loginKey, WebApiUserNonce.Length);

            // AES encrypt the loginkey with our session key
            var encryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

            try
            {
                await _retryPolicy.ExecuteAsync(async() =>
                {
                    using (dynamic userAuth = WebAPI.GetAsyncInterface("ISteamUserAuth"))
                    {
                        KeyValue authResult =
                            await userAuth.AuthenticateUser(steamid: SteamId.ConvertToUInt64(),
                                                            sessionkey: HttpUtility.UrlEncode(encryptedSessionKey),
                                                            encrypted_loginkey: HttpUtility.UrlEncode(encryptedLoginKey),
                                                            method: "POST",
                                                            secure: true);

                        _cookieContainer.Add(new Cookie("sessionid",
                                                        Convert.ToBase64String(Encoding.UTF8.GetBytes(LoginKeyUniqueId.ToString())),
                                                        string.Empty,
                                                        "steamcommunity.com"));

                        _cookieContainer.Add(new Cookie("steamLogin", authResult["token"].AsString(),
                                                        string.Empty,
                                                        "steamcommunity.com"));

                        _cookieContainer.Add(new Cookie("steamLoginSecure", authResult["tokensecure"].AsString(),
                                                        string.Empty,
                                                        "steamcommunity.com"));

                        _logger.Info($"#{BotSequenceNumber} Cookies refreshed.");
                    }
                });
            }
            catch (Exception e)
            {
                _logger.Warn($"#{BotSequenceNumber} Cookies refresh failed.", e);
            }
        }
示例#15
0
        /// <summary>
        /// Authenticate the user at the online services of Steam
        /// </summary>
        public bool AuthenticateUser(SteamClient _steamClient, string _webAPIUserNonce)
        {
            m_steamClient = _steamClient;

            // Get the interface for the authentication of the steamuser
            using (dynamic authenticator = WebAPI.GetInterface("ISteamUserAuth"))
            {
                SessionID = Convert.ToBase64String(Encoding.UTF8.GetBytes(_steamClient.SteamID.ToString()));

                // Generate a random block of 32 bytes for the security
                byte[] sessionKey = CryptoHelper.GenerateRandomBlock(32);

                // Encrypt the above generated block of bytes with the Steam systems public key
                byte[] encryptedSessionKey;
                using (RSACrypto rsa = new RSACrypto(KeyDictionary.GetPublicKey(_steamClient.ConnectedUniverse)))
                {
                    encryptedSessionKey = rsa.Encrypt(sessionKey);
                }

                // Copy the string into the bytearray
                byte[] loginkey = new byte[_webAPIUserNonce.Length];
                Array.Copy(Encoding.ASCII.GetBytes(_webAPIUserNonce), loginkey, _webAPIUserNonce.Length);

                // AES encrypt the loginkey with our sessionkey
                byte[] encryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginkey, sessionKey);

                // The value returned by the AuthenticateUser function are KeyValues
                KeyValue authResult;

                // Always TRY to work with interfaces, because it could go wrong and destroy everything
                try
                {
                    authResult = authenticator.AuthenticateUser(
                        steamid: _steamClient.SteamID.ConvertToUInt64(),
                        sessionkey: Encoding.ASCII.GetString(WebUtility.UrlEncodeToBytes(encryptedSessionKey, 0, encryptedSessionKey.Length)),
                        encrypted_loginkey: Encoding.ASCII.GetString(WebUtility.UrlEncodeToBytes(encryptedLoginKey, 0, encryptedLoginKey.Length)),
                        method: WebRequestMethods.Http.Post,
                        secure: true);
                }
                catch (Exception e)
                {
                    if (!e.Message.Contains("403"))
                    {
                        m_logger.Error(e.Message);
                    }
                    return(false);
                }

                // Double check if it is null then return because we do not have anything to do here
                if (authResult == null)
                {
                    return(false);
                }

                // Set the cookies
                SteamLogin       = authResult["token"].Value;
                SteamLoginSecure = authResult["tokensecure"].Value;

                // Create a new instance of the cookieContainer
                // After loosing connection a second m_domainTable will be created, holding the sessionID from the time we were not authenticated
                // This will lead to inactive session while requesting API/WebCalls
                m_WebHelper.m_CookieContainer = new CookieContainer();

                m_WebHelper.m_CookieContainer.Add(new Cookie("sessionid", SessionID, string.Empty, m_SteamStoreHost));
                m_WebHelper.m_CookieContainer.Add(new Cookie("sessionid", SessionID, string.Empty, m_SteamCommunityHost));

                m_WebHelper.m_CookieContainer.Add(new Cookie("steamLogin", SteamLogin, string.Empty, m_SteamStoreHost));
                m_WebHelper.m_CookieContainer.Add(new Cookie("steamLogin", SteamLogin, string.Empty, m_SteamCommunityHost));

                m_WebHelper.m_CookieContainer.Add(new Cookie("steamLoginSecure", SteamLoginSecure, string.Empty, m_SteamStoreHost));
                m_WebHelper.m_CookieContainer.Add(new Cookie("steamLoginSecure", SteamLoginSecure, string.Empty, m_SteamCommunityHost));

                return(true);
            }
        }
示例#16
0
        public static async Task <bool> AuthenticateUser()
        {
            SteamUser.WebAPIUserNonceCallback nonce;

            try
            {
                nonce = await Steam.Instance.User.RequestWebAPIUserNonce();
            }
            catch (Exception e)
            {
                IsAuthorized = false;

                Log.WriteWarn("WebAuth", "Failed to get nonce: {0}", e.Message);

                return(false);
            }

            // 32 byte random blob of data
            var sessionKey = CryptoHelper.GenerateRandomBlock(32);

            byte[] encryptedSessionKey;

            // ... which is then encrypted with RSA using the Steam system's public key
            using (var rsa = new RSACrypto(KeyDictionary.GetPublicKey(Steam.Instance.Client.Universe)))
            {
                encryptedSessionKey = rsa.Encrypt(sessionKey);
            }

            // users hashed loginkey, AES encrypted with the sessionkey
            var encryptedLoginKey = CryptoHelper.SymmetricEncrypt(Encoding.ASCII.GetBytes(nonce.Nonce), sessionKey);

            using (dynamic userAuth = WebAPI.GetAsyncInterface("ISteamUserAuth"))
            {
                KeyValue result;

                try
                {
                    result = await userAuth.AuthenticateUser(
                        steamid : Steam.Instance.Client.SteamID.ConvertToUInt64(),
                        sessionkey : WebHelpers.UrlEncode(encryptedSessionKey),
                        encrypted_loginkey : WebHelpers.UrlEncode(encryptedLoginKey),
                        method : "POST",
                        secure : true
                        );
                }
                catch (HttpRequestException e)
                {
                    IsAuthorized = false;

                    Log.WriteWarn("WebAuth", "Failed to authenticate: {0}", e.Message);

                    return(false);
                }

                File.WriteAllText(Path.Combine(Application.Path, "files", ".support", "cookie.txt"), $"steamLogin={result["token"].AsString()}; steamLoginSecure={result["tokensecure"].AsString()}");

                Cookies = new CookieContainer();
                Cookies.Add(new Cookie("steamLogin", result["token"].AsString(), "/", "store.steampowered.com"));
                Cookies.Add(new Cookie("steamLoginSecure", result["tokensecure"].AsString(), "/", "store.steampowered.com"));
            }

            IsAuthorized = true;

            Log.WriteInfo("WebAuth", "Authenticated");

            if (!Settings.IsFullRun)
            {
                await AccountInfo.RefreshAppsToIdle();
            }

            return(true);
        }
示例#17
0
        bool HandleEncryptRequest(IPacketMsg packetMsg)
        {
            var encRequest = new Msg <MsgChannelEncryptRequest>(packetMsg);

            EUniverse eUniv        = encRequest.Body.Universe;
            uint      protoVersion = encRequest.Body.ProtocolVersion;

            DebugLog.WriteLine("CMClient", "Got encryption request. Universe: {0} Protocol ver: {1}", eUniv, protoVersion);
            DebugLog.Assert(protoVersion == 1, "CMClient", "Encryption handshake protocol version mismatch!");

            byte[] randomChallenge;
            if (encRequest.Payload.Length >= 16)
            {
                randomChallenge = encRequest.Payload.ToArray();
            }
            else
            {
                randomChallenge = null;
            }

            byte[] pubKey = KeyDictionary.GetPublicKey(eUniv);

            if (pubKey == null)
            {
                connection.Disconnect();

                DebugLog.WriteLine("CMClient", "HandleEncryptionRequest got request for invalid universe! Universe: {0} Protocol ver: {1}", eUniv, protoVersion);
                return(false);
            }

            ConnectedUniverse = eUniv;

            var encResp = new Msg <MsgChannelEncryptResponse>();

            var tempSessionKey = CryptoHelper.GenerateRandomBlock(32);

            byte[] encryptedHandshakeBlob = null;

            using (var rsa = new RSACrypto(pubKey))
            {
                if (randomChallenge != null)
                {
                    var blobToEncrypt = new byte[tempSessionKey.Length + randomChallenge.Length];
                    Array.Copy(tempSessionKey, blobToEncrypt, tempSessionKey.Length);
                    Array.Copy(randomChallenge, 0, blobToEncrypt, tempSessionKey.Length, randomChallenge.Length);

                    encryptedHandshakeBlob = rsa.Encrypt(blobToEncrypt);
                }
                else
                {
                    encryptedHandshakeBlob = rsa.Encrypt(tempSessionKey);
                }
            }

            var keyCrc = CryptoHelper.CRCHash(encryptedHandshakeBlob);

            encResp.Write(encryptedHandshakeBlob);
            encResp.Write(keyCrc);
            encResp.Write(( uint )0);

            if (randomChallenge != null)
            {
                pendingNetFilterEncryption = new NetFilterEncryptionWithHMAC(tempSessionKey);
            }
            else
            {
                pendingNetFilterEncryption = new NetFilterEncryption(tempSessionKey);
            }

            this.Send(encResp);
            return(true);
        }
示例#18
0
        internal async Task Init(string webAPIUserNonce)
        {
            steamID = _bot.steamClient.SteamID;

            sessionID = Convert.ToBase64String(Encoding.UTF8.GetBytes(steamID.ToString()));

            // Generate an AES session key
            byte[] sessionKey = CryptoHelper.GenerateRandomBlock(32);

            // RSA encrypt it with the public key for the universe we're on
            byte[] cryptedSessionKey;
            using (var crypto = new RSACrypto(KeyDictionary.GetPublicKey(_bot.steamClient.ConnectedUniverse)))
            {
                cryptedSessionKey = crypto.Encrypt(sessionKey);
            }
            // Copy our login key
            byte[] loginKey = new byte[webAPIUserNonce.Length];
            Array.Copy(Encoding.ASCII.GetBytes(webAPIUserNonce), loginKey, webAPIUserNonce.Length);

            // AES encrypt the loginkey with our session key
            byte[] cryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

            _bot.Log("Logging in to ISteamUserAuth", LogType.Info);

            KeyValue autResult;

            using (dynamic iSteamUserAuth = WebAPI.GetInterface("ISteamUserAuth"))
            {
                iSteamUserAuth.Timeout = 60000;
                try
                {
                    autResult = iSteamUserAuth.AuthenticateUser(
                        steamid: steamID.ConvertToUInt64(),
                        sessionkey:
                        Encoding.ASCII.GetString(WebUtility.UrlEncodeToBytes(cryptedSessionKey, 0,
                                                                             cryptedSessionKey.Length)),
                        encrypted_loginkey:
                        Encoding.ASCII.GetString(WebUtility.UrlEncodeToBytes(cryptedLoginKey, 0,
                                                                             cryptedLoginKey.Length)),
                        method: WebRequestMethods.Http.Post,
                        secure: true);
                }
                catch (Exception e)
                {
                    _bot.Log("Cant AuthenticateUser " + e.Message, LogType.Error);
                    return;
                }
            }
            if (autResult == null)
            {
                return;
            }
            _bot.Log("Success", LogType.Info);

            string steamLogin       = autResult["token"].Value;
            string steamLoginSecure = autResult["tokensecure"].Value;

            webClient.cookieContainer.Add(new Cookie("sessionid", sessionID, "/", "." + SteamCommunityHOST));
            webClient.cookieContainer.Add(new Cookie("steamLogin", steamLogin, "/", "." + SteamCommunityHOST));
            webClient.cookieContainer.Add(new Cookie("steamLoginSecure", steamLoginSecure, "/", "." + SteamCommunityHOST));

            gameminerBot = new GameminerBot(webClient, _bot.BotConfig);

            Initialized = true;
            //GiveawayBotInit().Forget();
        }
示例#19
0
        ////////////////////////////////////////////////////
        // STEAM WEB INTERFACE
        ////////////////////////////////////////////////////

        // Copied this shit straight from ArchisSteamFarm, credit to him
        public override async void LoginWebInterface(ulong steamID)
        {
            if (!IsAuthenticated)
            {
                SteamUser.WebAPIUserNonceCallback callback;

                try
                {
                    callback = await _steamUser.RequestWebAPIUserNonce();
                }
                catch (Exception ex)
                {
                    _log.Error(ex, "Unable to request Web API Nonce. Titan won't be able to execute Web API actions.");
                    return;
                }

                if (string.IsNullOrWhiteSpace(callback?.Nonce))
                {
                    _log.Error("Received empty Web API Nonce. Titan won't be able to execute Web API actions.");
                    return;
                }

                var    sessionID  = Convert.ToBase64String(Encoding.UTF8.GetBytes(steamID.ToString()));
                var    sessionKey = CryptoHelper.GenerateRandomBlock(32);
                byte[] cryptedSessionKey;

                using (var rsa = new RSACrypto(KeyDictionary.GetPublicKey(_steamClient.Universe)))
                {
                    cryptedSessionKey = rsa.Encrypt(sessionKey);
                }

                var loginKey = new byte[callback.Nonce.Length];
                Array.Copy(Encoding.ASCII.GetBytes(callback.Nonce), loginKey, callback.Nonce.Length);

                // AES encrypt the login key with our session key
                var cryptedLoginKey = CryptoHelper.SymmetricEncrypt(loginKey, sessionKey);

                if (!Titan.Instance.WebHandle.AuthentificateUser(
                        steamID, cryptedLoginKey, cryptedSessionKey, out var result
                        ))
                {
                    _log.Error("Failed to authentificate with Web API Nonce. " +
                               "Titan won't be able to execute Web API actions.");
                    return;
                }

                var token       = result["token"].Value;
                var secureToken = result["tokensecure"].Value;

                if (string.IsNullOrWhiteSpace(token) || string.IsNullOrWhiteSpace(secureToken))
                {
                    _log.Error("Failed to authentificate with Web API Nonce. " +
                               "Titan won't be able to execute Web API actions.");
                    return;
                }

                Cookies.Add("sessionid", sessionID);
                Cookies.Add("steamLogin", token);
                Cookies.Add("steamLoginSecure", secureToken);

                if (!Titan.Instance.Options.Secure)
                {
                    _log.Debug("Authorized with Steam Web API. Session ID: {id}", sessionID);
                }

                _log.Information("Successfully authorized with Steam Web API.");

                IsAuthenticated = true;
            }
        }
示例#20
0
        public bool Authenticate(string uniqueID, string loginKey)
        {
            // Check so they are valid
            if (uniqueID == null || loginKey == null)
            {
                return(false);
            }

            var sessionID = Convert.ToBase64String(Encoding.UTF8.GetBytes(uniqueID));

            using (dynamic auth = WebAPI.GetInterface("ISteamUserAuth"))
            {
                // Generate AES session key
                var sessionKey = CryptoHelper.GenerateRandomBlock(32);

                // RSA encrypt it with public key
                byte[] cryptedSessionKey;
                using (var rsa = new RSACrypto(KeyDictionary.GetPublicKey(client.Universe)))
                    cryptedSessionKey = rsa.Encrypt(sessionKey);

                var key = new byte[20];
                Array.Copy(Encoding.ASCII.GetBytes(loginKey), key, loginKey.Length);

                // AES encrypt loginkey with session
                var cryptedLoginKey = CryptoHelper.SymmetricEncrypt(key, sessionKey);

                KeyValue authResult;

                // Get auth result
                try
                {
                    authResult = auth.AuthenticateUser(
                        steamid: client.SteamID.ConvertToUInt64(),
                        sessionkey: HttpUtility.UrlEncode(cryptedSessionKey),
                        encrypted_loginkey: HttpUtility.UrlEncode(cryptedLoginKey),
                        method: "POST",
                        secure: true
                        );
                }
                catch (Exception e)
                {
                    Kraxbot.Log($"Warning: Failed to authenticate: {e.Message}");
                    return(false);
                }

                var token       = authResult["token"].AsString();
                var tokenSecure = authResult["tokensecure"].AsString();

                // Add cookies
                Cookies.Add(new Cookie("sessionid", sessionID, string.Empty, "steamcommunity.com"));
                Cookies.Add(new Cookie("steamLogin", token, string.Empty, "steamcommunity.com"));
                Cookies.Add(new Cookie("steamLoginSecure", tokenSecure, string.Empty, "steamcommunity.com"));

                SessionID        = sessionID;
                SteamLogin       = token;
                SteamLoginSecure = tokenSecure;

                IsLoggedOn = true;

                return(true);
            }
        }