private string _generateConfirmationQueryParams(string tag) { long time = TimeAligner.GetSteamTime(); return("p=" + this.DeviceID + "&a=" + this.Session.SteamID.ToString() + "&k=" + _generateConfirmationHashForTime(time, tag) + "&t=" + time + "&m=android&tag=" + tag); }
public string GenerateSteamGuardCode() { return(GenerateSteamGuardCodeForTime(TimeAligner.GetSteamTime())); }
public LoginResult DoLogin() { var postData = new NameValueCollection(); var cookies = _cookies; string response = null; if (cookies.Count == 0) { //Generate a SessionID cookies.Add(new Cookie("mobileClientVersion", "0 (2.1.3)", "/", ".steamcommunity.com")); cookies.Add(new Cookie("mobileClient", "android", "/", ".steamcommunity.com")); cookies.Add(new Cookie("Steam_Language", "english", "/", ".steamcommunity.com")); NameValueCollection headers = new NameValueCollection(); headers.Add("X-Requested-With", "com.valvesoftware.android.steam.community"); SteamWeb.MobileLoginRequest("https://steamcommunity.com/login?oauth_client_id=DE45CD61&oauth_scope=read_profile%20write_profile%20read_client%20write_client", "GET", null, cookies, headers); } postData.Add("donotcache", (TimeAligner.GetSteamTime() * 1000).ToString()); postData.Add("username", this.Username); response = SteamWeb.MobileLoginRequest(APIEndpoints.COMMUNITY_BASE + "/login/getrsakey", "POST", postData, cookies); if (response == null || response.Contains("<BODY>\nAn error occurred while processing your request.")) { return(LoginResult.GeneralFailure); } var rsaResponse = JsonConvert.DeserializeObject <RSAResponse>(response); if (!rsaResponse.Success) { return(LoginResult.BadRSA); } Thread.Sleep(350); //Sleep for a bit to give Steam a chance to catch up?? /*RNGCryptoServiceProvider secureRandom = new RNGCryptoServiceProvider(); * byte[] encryptedPasswordBytes; * using (var rsaEncryptor = new RSACryptoServiceProvider()) * { * var passwordBytes = new byte[0]; * using (var ssb = new SecureStringBytes(Password)) * { * passwordBytes = ssb.GetBytes(); * } * var rsaParameters = rsaEncryptor.ExportParameters(false); * rsaParameters.Exponent = Util.HexStringToByteArray(rsaResponse.Exponent); * rsaParameters.Modulus = Util.HexStringToByteArray(rsaResponse.Modulus); * rsaEncryptor.ImportParameters(rsaParameters); * encryptedPasswordBytes = rsaEncryptor.Encrypt(passwordBytes, false); * } * * string encryptedPassword = Convert.ToBase64String(encryptedPasswordBytes);*/ RNGCryptoServiceProvider secureRandom = new RNGCryptoServiceProvider(); byte[] encryptedPasswordBytes; using (var rsaEncryptor = new RSACryptoServiceProvider()) { IntPtr unsecure = Marshal.SecureStringToGlobalAllocUnicode(Password); string UnsecurePassword = Marshal.PtrToStringUni(unsecure); var passwordBytes = Encoding.ASCII.GetBytes(UnsecurePassword); var rsaParameters = rsaEncryptor.ExportParameters(false); rsaParameters.Exponent = Util.HexStringToByteArray(rsaResponse.Exponent); rsaParameters.Modulus = Util.HexStringToByteArray(rsaResponse.Modulus); rsaEncryptor.ImportParameters(rsaParameters); encryptedPasswordBytes = rsaEncryptor.Encrypt(passwordBytes, false); } string encryptedPassword = Convert.ToBase64String(encryptedPasswordBytes); GC.Collect(); // security at its finest postData.Clear(); postData.Add("donotcache", (TimeAligner.GetSteamTime() * 1000).ToString()); postData.Add("password", encryptedPassword); postData.Add("username", this.Username); postData.Add("twofactorcode", this.TwoFactorCode ?? ""); postData.Add("emailauth", this.RequiresEmail ? this.EmailCode : ""); postData.Add("loginfriendlyname", ""); postData.Add("captchagid", this.RequiresCaptcha ? this.CaptchaGID : "-1"); postData.Add("captcha_text", this.RequiresCaptcha ? this.CaptchaText : ""); postData.Add("emailsteamid", (this.Requires2FA || this.RequiresEmail) ? this.SteamID.ToString() : ""); postData.Add("rsatimestamp", rsaResponse.Timestamp); postData.Add("remember_login", "true"); postData.Add("oauth_client_id", "DE45CD61"); postData.Add("oauth_scope", "read_profile write_profile read_client write_client"); response = SteamWeb.MobileLoginRequest(APIEndpoints.COMMUNITY_BASE + "/login/dologin", "POST", postData, cookies); if (response == null) { return(LoginResult.GeneralFailure); } var loginResponse = JsonConvert.DeserializeObject <LoginResponse>(response); if (loginResponse.Message != null) { if (loginResponse.Message.Contains("There have been too many login failures")) { return(LoginResult.TooManyFailedLogins); } if (loginResponse.Message.Contains("Incorrect login")) { return(LoginResult.BadCredentials); } } if (loginResponse.CaptchaNeeded) { this.RequiresCaptcha = true; this.CaptchaGID = loginResponse.CaptchaGID; return(LoginResult.NeedCaptcha); } if (loginResponse.EmailAuthNeeded) { this.RequiresEmail = true; this.SteamID = loginResponse.EmailSteamID; return(LoginResult.NeedEmail); } if (loginResponse.TwoFactorNeeded && !loginResponse.Success) { this.Requires2FA = true; return(LoginResult.Need2FA); } if (loginResponse.OAuthData == null || loginResponse.OAuthData.OAuthToken == null || loginResponse.OAuthData.OAuthToken.Length == 0) { return(LoginResult.GeneralFailure); } if (!loginResponse.LoginComplete) { return(LoginResult.BadCredentials); } else { var readableCookies = cookies.GetCookies(new Uri("https://steamcommunity.com")); var oAuthData = loginResponse.OAuthData; SessionData session = new SessionData(); session.OAuthToken = oAuthData.OAuthToken; session.SteamID = oAuthData.SteamID; session.SteamLogin = session.SteamID + "%7C%7C" + oAuthData.SteamLogin; session.SteamLoginSecure = session.SteamID + "%7C%7C" + oAuthData.SteamLoginSecure; session.WebCookie = oAuthData.Webcookie; session.SessionID = readableCookies["sessionid"].Value; this.Session = session; this.LoggedIn = true; return(LoginResult.LoginOkay); } }
public FinalizeResult FinalizeAddAuthenticator(string smsCode) { //The act of checking the SMS code is necessary for Steam to finalize adding the phone number to the account. //Of course, we only want to check it if we're adding a phone number in the first place... if (!String.IsNullOrEmpty(this.PhoneNumber) && !this._checkSMSCode(smsCode)) { return(FinalizeResult.BadSMSCode); } var postData = new NameValueCollection(); postData.Add("steamid", _session.SteamID.ToString()); postData.Add("access_token", _session.OAuthToken); postData.Add("activation_code", smsCode); int tries = 0; while (tries <= 30) { postData.Set("authenticator_code", LinkedAccount.GenerateSteamGuardCode()); postData.Set("authenticator_time", TimeAligner.GetSteamTime().ToString()); string response = SteamWeb.MobileLoginRequest(APIEndpoints.STEAMAPI_BASE + "/ITwoFactorService/FinalizeAddAuthenticator/v0001", "POST", postData); if (response == null) { return(FinalizeResult.GeneralFailure); } var finalizeResponse = JsonConvert.DeserializeObject <FinalizeAuthenticatorResponse>(response); if (finalizeResponse == null || finalizeResponse.Response == null) { return(FinalizeResult.GeneralFailure); } if (finalizeResponse.Response.Status == 89) { return(FinalizeResult.BadSMSCode); } if (finalizeResponse.Response.Status == 88) { if (tries >= 30) { return(FinalizeResult.UnableToGenerateCorrectCodes); } } if (!finalizeResponse.Response.Success) { return(FinalizeResult.GeneralFailure); } if (finalizeResponse.Response.WantMore) { tries++; continue; } this.LinkedAccount.FullyEnrolled = true; return(FinalizeResult.Success); } return(FinalizeResult.GeneralFailure); }
public FinalizeResult FinalizeAddAuthenticator(string smsCode) { bool smsCodeGood = false; var postData = new NameValueCollection(); postData.Add("steamid", _session.SteamID.ToString()); postData.Add("access_token", _session.OAuthToken); postData.Add("activation_code", smsCode); postData.Add("authenticator_code", ""); int tries = 0; while (tries <= 30) { postData.Set("authenticator_code", tries == 0 ? "" : LinkedAccount.GenerateSteamGuardCode()); postData.Add("authenticator_time", TimeAligner.GetSteamTime().ToString()); if (smsCodeGood) { postData.Set("activation_code", ""); } string response = SteamWeb.MobileLoginRequest(APIEndpoints.STEAMAPI_BASE + "/ITwoFactorService/FinalizeAddAuthenticator/v0001", "POST", postData); if (response == null) { return(FinalizeResult.GeneralFailure); } var finalizeResponse = JsonConvert.DeserializeObject <FinalizeAuthenticatorResponse>(response); if (finalizeResponse == null || finalizeResponse.Response == null) { return(FinalizeResult.GeneralFailure); } if (finalizeResponse.Response.Status == 89) { return(FinalizeResult.BadSMSCode); } if (finalizeResponse.Response.Status == 88) { if (tries >= 30) { return(FinalizeResult.UnableToGenerateCorrectCodes); } } if (!finalizeResponse.Response.Success) { return(FinalizeResult.GeneralFailure); } if (finalizeResponse.Response.WantMore) { smsCodeGood = true; tries++; continue; } this.LinkedAccount.FullyEnrolled = true; return(FinalizeResult.Success); } return(FinalizeResult.GeneralFailure); }