steamguard-cli/src/steamapi.rs

use std::collections::HashMap;
use reqwest::{Url, cookie::CookieStore, header::COOKIE, header::USER_AGENT};
use rsa::{PublicKey, RSAPublicKey};
use std::time::{SystemTime, UNIX_EPOCH};
use serde::{Serialize, Deserialize};
use serde::de::{Visitor};
use rand::rngs::OsRng;
use std::fmt;

#[derive(Debug, Clone, Deserialize)]
struct LoginResponse {
	success: bool,
	#[serde(default)]
	login_complete: bool,
	#[serde(default)]
	oauth: String,
	#[serde(default)]
	captcha_needed: bool,
	#[serde(default)]
	captcha_gid: String,
	#[serde(default)]
	emailsteamid: u64,
	#[serde(default)]
	emailauth_needed: bool,
	#[serde(default)]
	requires_twofactor: bool,
	message: String,
}

#[derive(Debug, Clone, Deserialize)]
struct RsaResponse {
	success: bool,
	publickey_exp: String,
	publickey_mod: String,
	timestamp: String,
	token_gid: String,
}

#[derive(Debug)]
pub enum LoginResult {
	Ok{ session: Session },
	BadRSA,
	BadCredentials,
	NeedCaptcha{ captcha_gid: String },
	Need2FA,
	NeedEmail,
	TooManyAttempts,
	OtherFailure,
}

#[derive(Debug)]
pub struct UserLogin {
	pub username: String,
	pub password: String,
	pub captcha_required: bool,
	pub captcha_gid: String,
	pub captcha_text: String,
	pub twofactor_code: String,
	pub email_code: String,
	pub steam_id: u64,

	cookies: reqwest::cookie::Jar,
	// cookies: Arc<reqwest::cookie::Jar>,
	client: reqwest::blocking::Client,
}

impl UserLogin {
	pub fn new(username: String, password: String) -> UserLogin {
		return UserLogin {
			username,
			password,
			captcha_required: false,
			captcha_gid: String::from("-1"),
			captcha_text: String::from(""),
			twofactor_code: String::from(""),
			email_code: String::from(""),
			steam_id: 0,
			cookies: reqwest::cookie::Jar::default(),
			// cookies: Arc::<reqwest::cookie::Jar>::new(reqwest::cookie::Jar::default()),
			client: reqwest::blocking::ClientBuilder::new()
				.cookie_store(true)
				.build()
				.unwrap(),
		}
	}

	fn update_session(&self) {
		let url = "https://steamcommunity.com".parse::<Url>().unwrap();
		self.cookies.add_cookie_str("mobileClientVersion=0 (2.1.3)", &url);
		self.cookies.add_cookie_str("mobileClient=android", &url);
		self.cookies.add_cookie_str("Steam_Language=english", &url);

		let _ = self.client
			.get("https://steamcommunity.com/login?oauth_client_id=DE45CD61&oauth_scope=read_profile%20write_profile%20read_client%20write_client".parse::<Url>().unwrap())
			.header("X-Requested-With", "com.valvesoftware.android.steam.community")
			.header(USER_AGENT, "Mozilla/5.0 (Linux; U; Android 4.1.1; en-us; Google Nexus 4 - 4.1.1 - API 16 - 768x1280 Build/JRO03S) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30")
			// .header(COOKIE, "mobileClientVersion=0 (2.1.3)")
			// .header(COOKIE, "mobileClient=android")
			// .header(COOKIE, "Steam_Language=english")
			.header(COOKIE, self.cookies.cookies(&url).unwrap())
			.send();
	}

	pub fn login(&mut self) -> LoginResult {
		if self.captcha_required && self.captcha_text.len() == 0 {
			return LoginResult::NeedCaptcha{captcha_gid: self.captcha_gid.clone()};
		}

		let url = "https://steamcommunity.com".parse::<Url>().unwrap();
		if self.cookies.cookies(&url) == Option::None {
			self.update_session()
		}

		let mut params = HashMap::new();
		params.insert("donotcache", format!("{}", SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() * 1000));
		params.insert("username", self.username.clone());
		let resp = self.client
			.post("https://steamcommunity.com/login/getrsakey")
			.form(&params)
			.send()
			.unwrap();

		let encrypted_password: String;
		let rsa_timestamp: String;
		match resp.json::<RsaResponse>() {
			Ok(rsa_resp) => {
				// println!("rsa: {:?}", rsa_resp);
				let rsa_exponent = rsa::BigUint::parse_bytes(rsa_resp.publickey_exp.as_bytes(), 16).unwrap();
				let rsa_modulus = rsa::BigUint::parse_bytes(rsa_resp.publickey_mod.as_bytes(), 16).unwrap();
				let public_key = RSAPublicKey::new(rsa_modulus, rsa_exponent).unwrap();
				// println!("public key: {:?}", public_key);
				let mut rng = OsRng;
				let padding = rsa::PaddingScheme::new_pkcs1v15_encrypt();
				encrypted_password = base64::encode(public_key.encrypt(&mut rng, padding, self.password.as_bytes()).unwrap());
				println!("encrypted_password: {:?}", encrypted_password);
				rsa_timestamp = rsa_resp.timestamp;
			}
			Err(error) => {
				println!("rsa error: {:?}", error);
				return LoginResult::BadRSA
			}
		}

		let mut params = HashMap::new();
		params.insert("donotcache", format!("{}", SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() * 1000));
		params.insert("username", self.username.clone());
		params.insert("password", encrypted_password);
		params.insert("twofactorcode", self.twofactor_code.clone());
		params.insert("emailauth", self.email_code.clone());
		params.insert("captchagid", self.captcha_gid.clone());
		params.insert("captcha_text", self.captcha_text.clone());
		params.insert("rsatimestamp", rsa_timestamp);
		params.insert("remember_login", String::from("true"));
		params.insert("oauth_client_id", String::from("DE45CD61"));
		params.insert("oauth_scope", String::from("read_profile write_profile read_client write_client"));

		let login_resp: LoginResponse;
		match self.client
			.post("https://steamcommunity.com/login/dologin")
			.form(&params)
			.send() {
				Ok(resp) => {
					// println!("login resp: {:?}", &resp.text());
					match resp.json::<LoginResponse>() {
						Ok(lr) => {
							println!("login resp: {:?}", lr);
							login_resp = lr;
						}
						Err(error) => {
							println!("login parse error: {:?}", error);
							return LoginResult::OtherFailure;
						}
					}
				}
				Err(error) => {
					println!("login request error: {:?}", error);
					return LoginResult::OtherFailure;
				}
		}

		if login_resp.message.contains("too many login") {
			return LoginResult::TooManyAttempts;
		}

		if login_resp.message.contains("Incorrect login") {
			return LoginResult::BadCredentials;
		}

		if login_resp.captcha_needed {
			self.captcha_gid = login_resp.captcha_gid.clone();
			return LoginResult::NeedCaptcha{ captcha_gid: self.captcha_gid.clone() };
		}

		if login_resp.emailauth_needed {
			self.steam_id = login_resp.emailsteamid.clone();
			return LoginResult::NeedEmail;
		}

		if login_resp.requires_twofactor {
			return LoginResult::Need2FA;
		}

		if !login_resp.login_complete {
			return LoginResult::BadCredentials;
		}

		let oauth: OAuthData = serde_json::from_str(login_resp.oauth.as_str()).unwrap();
		let session = self.build_session(oauth);

		return LoginResult::Ok{session};
	}

	fn build_session(&self, data: OAuthData) -> Session {
		return Session{
			token: data.oauth_token,
			steam_id: data.steamid,
			steam_login: format!("{}%7C%7C{}", data.steamid, data.wgtoken),
			steam_login_secure: format!("{}%7C%7C{}", data.steamid, data.wgtoken_secure),
			session_id: todo!(),
			web_cookie: todo!(),
		};
	}
}

#[derive(Debug, Clone, Deserialize)]
struct OAuthData {
	oauth_token: String,
	steamid: u64,
	wgtoken: String,
	wgtoken_secure: String,
	webcookie: String,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct Session {
	#[serde(rename = "SessionID")]
	pub session_id: String,
	#[serde(rename = "SteamLogin")]
	pub steam_login: String,
	#[serde(rename = "SteamLoginSecure")]
	pub steam_login_secure: String,
	#[serde(rename = "WebCookie")]
	pub web_cookie: String,
	#[serde(rename = "OAuthToken")]
	pub token: String,
	#[serde(rename = "SteamID")]
	pub steam_id: u64,
}

pub fn get_server_time() -> i64 {
	let client = reqwest::blocking::Client::new();
	let resp = client
		.post("https://api.steampowered.com/ITwoFactorService/QueryTime/v0001")
		.body("steamid=0")
		.send();
	let value: serde_json::Value = resp.unwrap().json().unwrap();

	// println!("{}", value["response"]);

	return String::from(value["response"]["server_time"].as_str().unwrap()).parse().unwrap();
}
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`use std::collections::HashMap;`
			`use reqwest::{Url, cookie::CookieStore, header::COOKIE, header::USER_AGENT};`
			`use rsa::{PublicKey, RSAPublicKey};`
			`use std::time::{SystemTime, UNIX_EPOCH};`
			`use serde::{Serialize, Deserialize};`
add login request 2021-03-25 17:43:41 +01:00			`use serde::de::{Visitor};`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`use rand::rngs::OsRng;`
add login request 2021-03-25 17:43:41 +01:00			`use std::fmt;`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00
add login request 2021-03-25 17:43:41 +01:00			`#[derive(Debug, Clone, Deserialize)]`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`struct LoginResponse {`
			`success: bool,`
add login request 2021-03-25 17:43:41 +01:00			`#[serde(default)]`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`login_complete: bool,`
add login request 2021-03-25 17:43:41 +01:00			`#[serde(default)]`
			`oauth: String,`
			`#[serde(default)]`
			`captcha_needed: bool,`
			`#[serde(default)]`
			`captcha_gid: String,`
			`#[serde(default)]`
			`emailsteamid: u64,`
			`#[serde(default)]`
			`emailauth_needed: bool,`
			`#[serde(default)]`
			`requires_twofactor: bool,`
			`message: String,`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`}`

add login request 2021-03-25 17:43:41 +01:00			`#[derive(Debug, Clone, Deserialize)]`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`struct RsaResponse {`
			`success: bool,`
			`publickey_exp: String,`
			`publickey_mod: String,`
			`timestamp: String,`
			`token_gid: String,`
			`}`

			`#[derive(Debug)]`
			`pub enum LoginResult {`
add data to login results 2021-03-25 20:26:45 +01:00			`Ok{ session: Session },`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`BadRSA,`
			`BadCredentials,`
add data to login results 2021-03-25 20:26:45 +01:00			`NeedCaptcha{ captcha_gid: String },`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`Need2FA,`
			`NeedEmail,`
add login request 2021-03-25 17:43:41 +01:00			`TooManyAttempts,`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`OtherFailure,`
			`}`

			`#[derive(Debug)]`
			`pub struct UserLogin {`
			`pub username: String,`
			`pub password: String,`
add login request 2021-03-25 17:43:41 +01:00			`pub captcha_required: bool,`
			`pub captcha_gid: String,`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`pub captcha_text: String,`
			`pub twofactor_code: String,`
			`pub email_code: String,`
add login request 2021-03-25 17:43:41 +01:00			`pub steam_id: u64,`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00
			`cookies: reqwest::cookie::Jar,`
			`// cookies: Arc<reqwest::cookie::Jar>,`
			`client: reqwest::blocking::Client,`
			`}`

			`impl UserLogin {`
			`pub fn new(username: String, password: String) -> UserLogin {`
			`return UserLogin {`
			`username,`
			`password,`
add login request 2021-03-25 17:43:41 +01:00			`captcha_required: false,`
			`captcha_gid: String::from("-1"),`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`captcha_text: String::from(""),`
			`twofactor_code: String::from(""),`
			`email_code: String::from(""),`
add login request 2021-03-25 17:43:41 +01:00			`steam_id: 0,`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`cookies: reqwest::cookie::Jar::default(),`
			`// cookies: Arc::<reqwest::cookie::Jar>::new(reqwest::cookie::Jar::default()),`
			`client: reqwest::blocking::ClientBuilder::new()`
			`.cookie_store(true)`
			`.build()`
			`.unwrap(),`
			`}`
			`}`

			`fn update_session(&self) {`
			`let url = "https://steamcommunity.com".parse::<Url>().unwrap();`
			`self.cookies.add_cookie_str("mobileClientVersion=0 (2.1.3)", &url);`
			`self.cookies.add_cookie_str("mobileClient=android", &url);`
			`self.cookies.add_cookie_str("Steam_Language=english", &url);`

			`let _ = self.client`
			`.get("https://steamcommunity.com/login?oauth_client_id=DE45CD61&oauth_scope=read_profile%20write_profile%20read_client%20write_client".parse::<Url>().unwrap())`
			`.header("X-Requested-With", "com.valvesoftware.android.steam.community")`
			`.header(USER_AGENT, "Mozilla/5.0 (Linux; U; Android 4.1.1; en-us; Google Nexus 4 - 4.1.1 - API 16 - 768x1280 Build/JRO03S) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30")`
			`// .header(COOKIE, "mobileClientVersion=0 (2.1.3)")`
			`// .header(COOKIE, "mobileClient=android")`
			`// .header(COOKIE, "Steam_Language=english")`
			`.header(COOKIE, self.cookies.cookies(&url).unwrap())`
			`.send();`
			`}`

add working manifest loading 2021-03-26 00:47:44 +01:00			`pub fn login(&mut self) -> LoginResult {`
add login request 2021-03-25 17:43:41 +01:00			`if self.captcha_required && self.captcha_text.len() == 0 {`
add working manifest loading 2021-03-26 00:47:44 +01:00			`return LoginResult::NeedCaptcha{captcha_gid: self.captcha_gid.clone()};`
add login request 2021-03-25 17:43:41 +01:00			`}`

add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`let url = "https://steamcommunity.com".parse::<Url>().unwrap();`
			`if self.cookies.cookies(&url) == Option::None {`
			`self.update_session()`
			`}`

			`let mut params = HashMap::new();`
			`params.insert("donotcache", format!("{}", SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() * 1000));`
			`params.insert("username", self.username.clone());`
			`let resp = self.client`
			`.post("https://steamcommunity.com/login/getrsakey")`
			`.form(&params)`
			`.send()`
			`.unwrap();`

			`let encrypted_password: String;`
add login request 2021-03-25 17:43:41 +01:00			`let rsa_timestamp: String;`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`match resp.json::<RsaResponse>() {`
			`Ok(rsa_resp) => {`
			`// println!("rsa: {:?}", rsa_resp);`
			`let rsa_exponent = rsa::BigUint::parse_bytes(rsa_resp.publickey_exp.as_bytes(), 16).unwrap();`
			`let rsa_modulus = rsa::BigUint::parse_bytes(rsa_resp.publickey_mod.as_bytes(), 16).unwrap();`
			`let public_key = RSAPublicKey::new(rsa_modulus, rsa_exponent).unwrap();`
			`// println!("public key: {:?}", public_key);`
			`let mut rng = OsRng;`
			`let padding = rsa::PaddingScheme::new_pkcs1v15_encrypt();`
			`encrypted_password = base64::encode(public_key.encrypt(&mut rng, padding, self.password.as_bytes()).unwrap());`
			`println!("encrypted_password: {:?}", encrypted_password);`
add login request 2021-03-25 17:43:41 +01:00			`rsa_timestamp = rsa_resp.timestamp;`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`}`
			`Err(error) => {`
			`println!("rsa error: {:?}", error);`
			`return LoginResult::BadRSA`
			`}`
			`}`

			`let mut params = HashMap::new();`
			`params.insert("donotcache", format!("{}", SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() * 1000));`
			`params.insert("username", self.username.clone());`
add login request 2021-03-25 17:43:41 +01:00			`params.insert("password", encrypted_password);`
			`params.insert("twofactorcode", self.twofactor_code.clone());`
			`params.insert("emailauth", self.email_code.clone());`
			`params.insert("captchagid", self.captcha_gid.clone());`
			`params.insert("captcha_text", self.captcha_text.clone());`
			`params.insert("rsatimestamp", rsa_timestamp);`
			`params.insert("remember_login", String::from("true"));`
			`params.insert("oauth_client_id", String::from("DE45CD61"));`
			`params.insert("oauth_scope", String::from("read_profile write_profile read_client write_client"));`

			`let login_resp: LoginResponse;`
			`match self.client`
			`.post("https://steamcommunity.com/login/dologin")`
			`.form(&params)`
			`.send() {`
			`Ok(resp) => {`
			`// println!("login resp: {:?}", &resp.text());`
			`match resp.json::<LoginResponse>() {`
			`Ok(lr) => {`
			`println!("login resp: {:?}", lr);`
			`login_resp = lr;`
			`}`
			`Err(error) => {`
			`println!("login parse error: {:?}", error);`
			`return LoginResult::OtherFailure;`
			`}`
			`}`
			`}`
			`Err(error) => {`
			`println!("login request error: {:?}", error);`
			`return LoginResult::OtherFailure;`
			`}`
			`}`

			`if login_resp.message.contains("too many login") {`
			`return LoginResult::TooManyAttempts;`
			`}`

add other login results 2021-03-25 18:22:42 +01:00			`if login_resp.message.contains("Incorrect login") {`
			`return LoginResult::BadCredentials;`
			`}`

			`if login_resp.captcha_needed {`
add working manifest loading 2021-03-26 00:47:44 +01:00			`self.captcha_gid = login_resp.captcha_gid.clone();`
			`return LoginResult::NeedCaptcha{ captcha_gid: self.captcha_gid.clone() };`
add other login results 2021-03-25 18:22:42 +01:00			`}`

			`if login_resp.emailauth_needed {`
add working manifest loading 2021-03-26 00:47:44 +01:00			`self.steam_id = login_resp.emailsteamid.clone();`
add other login results 2021-03-25 18:22:42 +01:00			`return LoginResult::NeedEmail;`
			`}`

			`if login_resp.requires_twofactor {`
			`return LoginResult::Need2FA;`
			`}`

			`if !login_resp.login_complete {`
			`return LoginResult::BadCredentials;`
			`}`

add working manifest loading 2021-03-26 00:47:44 +01:00			`let oauth: OAuthData = serde_json::from_str(login_resp.oauth.as_str()).unwrap();`
add oauth data parsing 2021-03-25 18:52:55 +01:00			`let session = self.build_session(oauth);`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00
add data to login results 2021-03-25 20:26:45 +01:00			`return LoginResult::Ok{session};`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`}`
add oauth data parsing 2021-03-25 18:52:55 +01:00
			`fn build_session(&self, data: OAuthData) -> Session {`
			`return Session{`
			`token: data.oauth_token,`
			`steam_id: data.steamid,`
			`steam_login: format!("{}%7C%7C{}", data.steamid, data.wgtoken),`
			`steam_login_secure: format!("{}%7C%7C{}", data.steamid, data.wgtoken_secure),`
			`session_id: todo!(),`
			`web_cookie: todo!(),`
			`};`
			`}`
			`}`

add working manifest loading 2021-03-26 00:47:44 +01:00			`#[derive(Debug, Clone, Deserialize)]`
add oauth data parsing 2021-03-25 18:52:55 +01:00			`struct OAuthData {`
			`oauth_token: String,`
			`steamid: u64,`
			`wgtoken: String,`
			`wgtoken_secure: String,`
			`webcookie: String,`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00			`}`

add session serialization 2021-03-27 13:17:56 +01:00			`#[derive(Debug, Clone, Serialize, Deserialize)]`
add oauth data parsing 2021-03-25 18:52:55 +01:00			`pub struct Session {`
add session serialization 2021-03-27 13:17:56 +01:00			`#[serde(rename = "SessionID")]`
add oauth data parsing 2021-03-25 18:52:55 +01:00			`pub session_id: String,`
add session serialization 2021-03-27 13:17:56 +01:00			`#[serde(rename = "SteamLogin")]`
add oauth data parsing 2021-03-25 18:52:55 +01:00			`pub steam_login: String,`
add session serialization 2021-03-27 13:17:56 +01:00			`#[serde(rename = "SteamLoginSecure")]`
add oauth data parsing 2021-03-25 18:52:55 +01:00			`pub steam_login_secure: String,`
add session serialization 2021-03-27 13:17:56 +01:00			`#[serde(rename = "WebCookie")]`
add oauth data parsing 2021-03-25 18:52:55 +01:00			`pub web_cookie: String,`
add session serialization 2021-03-27 13:17:56 +01:00			`#[serde(rename = "OAuthToken")]`
add oauth data parsing 2021-03-25 18:52:55 +01:00			`pub token: String,`
add session serialization 2021-03-27 13:17:56 +01:00			`#[serde(rename = "SteamID")]`
add oauth data parsing 2021-03-25 18:52:55 +01:00			`pub steam_id: u64,`
			`}`
add working RSA encryption for password during login 2021-03-24 22:49:09 +01:00
			`pub fn get_server_time() -> i64 {`
			`let client = reqwest::blocking::Client::new();`
			`let resp = client`
			`.post("https://api.steampowered.com/ITwoFactorService/QueryTime/v0001")`
			`.body("steamid=0")`
			`.send();`
			`let value: serde_json::Value = resp.unwrap().json().unwrap();`

			`// println!("{}", value["response"]);`

			`return String::from(value["response"]["server_time"].as_str().unwrap()).parse().unwrap();`
			`}`