2021-08-01 14:43:18 +02:00
|
|
|
use log::*;
|
|
|
|
use reqwest::{
|
2021-08-08 00:47:39 +02:00
|
|
|
blocking::RequestBuilder,
|
2021-08-01 14:43:18 +02:00
|
|
|
cookie::CookieStore,
|
|
|
|
header::COOKIE,
|
2021-08-08 00:47:39 +02:00
|
|
|
header::{HeaderMap, HeaderName, HeaderValue, SET_COOKIE},
|
2021-08-01 14:43:18 +02:00
|
|
|
Url,
|
|
|
|
};
|
2021-08-08 17:16:06 +02:00
|
|
|
use serde::{Deserialize, Serialize, Deserializer};
|
2021-08-08 00:47:39 +02:00
|
|
|
use std::iter::FromIterator;
|
|
|
|
use std::str::FromStr;
|
2021-03-24 22:49:09 +01:00
|
|
|
use std::time::{SystemTime, UNIX_EPOCH};
|
|
|
|
|
2021-08-08 17:52:12 +02:00
|
|
|
lazy_static! {
|
|
|
|
static ref STEAM_COOKIE_URL: Url = "https://steamcommunity.com".parse::<Url>().unwrap();
|
|
|
|
}
|
|
|
|
|
2021-03-25 17:43:41 +01:00
|
|
|
#[derive(Debug, Clone, Deserialize)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub struct LoginResponse {
|
|
|
|
pub success: bool,
|
2021-08-01 14:43:18 +02:00
|
|
|
#[serde(default)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub login_complete: bool,
|
2021-08-01 14:43:18 +02:00
|
|
|
#[serde(default)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub captcha_needed: bool,
|
2021-08-01 14:43:18 +02:00
|
|
|
#[serde(default)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub captcha_gid: String,
|
2021-08-01 14:43:18 +02:00
|
|
|
#[serde(default)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub emailsteamid: u64,
|
2021-08-01 14:43:18 +02:00
|
|
|
#[serde(default)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub emailauth_needed: bool,
|
2021-08-01 14:43:18 +02:00
|
|
|
#[serde(default)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub requires_twofactor: bool,
|
2021-08-01 14:43:18 +02:00
|
|
|
#[serde(default)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub message: String,
|
2021-08-08 17:16:06 +02:00
|
|
|
// #[serde(rename = "oauth")]
|
|
|
|
// oauth_raw: String,
|
|
|
|
#[serde(default, deserialize_with = "oauth_data_from_string")]
|
2021-08-08 00:47:39 +02:00
|
|
|
oauth: Option<OAuthData>,
|
2021-08-01 14:43:18 +02:00
|
|
|
transfer_urls: Option<Vec<String>>,
|
|
|
|
transfer_parameters: Option<LoginTransferParameters>,
|
2021-03-30 21:51:26 +02:00
|
|
|
}
|
|
|
|
|
2021-08-08 17:16:06 +02:00
|
|
|
/// For some reason, the `oauth` field in the login response is a string of JSON, not a JSON object.
|
|
|
|
/// Deserializes to `Option` because the `oauth` field is not always there.
|
|
|
|
fn oauth_data_from_string<'de, D>(deserializer: D) -> Result<Option<OAuthData>, D::Error>
|
|
|
|
where
|
|
|
|
D: Deserializer<'de>,
|
|
|
|
{
|
|
|
|
// for some reason, deserializing to &str doesn't work but this does.
|
|
|
|
let s: String = Deserialize::deserialize(deserializer)?;
|
|
|
|
let data: OAuthData = serde_json::from_str(s.as_str()).map_err(serde::de::Error::custom)?;
|
|
|
|
Ok(Some(data))
|
|
|
|
}
|
|
|
|
|
2021-08-08 17:52:12 +02:00
|
|
|
impl LoginResponse {
|
|
|
|
pub fn needs_transfer_login(&self) -> bool {
|
|
|
|
self.transfer_urls.is_some() || self.transfer_parameters.is_some()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-03-30 21:51:26 +02:00
|
|
|
#[derive(Debug, Clone, Serialize, Deserialize)]
|
|
|
|
struct LoginTransferParameters {
|
2021-08-01 14:43:18 +02:00
|
|
|
steamid: String,
|
|
|
|
token_secure: String,
|
|
|
|
auth: String,
|
|
|
|
remember_login: bool,
|
|
|
|
webcookie: String,
|
2021-03-24 22:49:09 +01:00
|
|
|
}
|
|
|
|
|
2021-03-25 17:43:41 +01:00
|
|
|
#[derive(Debug, Clone, Deserialize)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub struct RsaResponse {
|
|
|
|
pub success: bool,
|
|
|
|
pub publickey_exp: String,
|
|
|
|
pub publickey_mod: String,
|
|
|
|
pub timestamp: String,
|
|
|
|
pub token_gid: String,
|
2021-03-25 18:52:55 +01:00
|
|
|
}
|
|
|
|
|
2021-03-26 00:47:44 +01:00
|
|
|
#[derive(Debug, Clone, Deserialize)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub struct OAuthData {
|
2021-08-01 14:43:18 +02:00
|
|
|
oauth_token: String,
|
2021-08-08 00:47:39 +02:00
|
|
|
steamid: String,
|
2021-08-01 14:43:18 +02:00
|
|
|
wgtoken: String,
|
|
|
|
wgtoken_secure: String,
|
|
|
|
webcookie: String,
|
2021-03-24 22:49:09 +01:00
|
|
|
}
|
|
|
|
|
2021-03-27 13:17:56 +01:00
|
|
|
#[derive(Debug, Clone, Serialize, Deserialize)]
|
2021-03-25 18:52:55 +01:00
|
|
|
pub struct Session {
|
2021-08-01 14:43:18 +02:00
|
|
|
#[serde(rename = "SessionID")]
|
|
|
|
pub session_id: String,
|
|
|
|
#[serde(rename = "SteamLogin")]
|
|
|
|
pub steam_login: String,
|
|
|
|
#[serde(rename = "SteamLoginSecure")]
|
|
|
|
pub steam_login_secure: String,
|
|
|
|
#[serde(rename = "WebCookie")]
|
|
|
|
pub web_cookie: String,
|
|
|
|
#[serde(rename = "OAuthToken")]
|
|
|
|
pub token: String,
|
|
|
|
#[serde(rename = "SteamID")]
|
|
|
|
pub steam_id: u64,
|
2021-03-25 18:52:55 +01:00
|
|
|
}
|
2021-03-24 22:49:09 +01:00
|
|
|
|
|
|
|
pub fn get_server_time() -> i64 {
|
2021-08-01 14:43:18 +02:00
|
|
|
let client = reqwest::blocking::Client::new();
|
|
|
|
let resp = client
|
|
|
|
.post("https://api.steampowered.com/ITwoFactorService/QueryTime/v0001")
|
|
|
|
.body("steamid=0")
|
|
|
|
.send();
|
|
|
|
let value: serde_json::Value = resp.unwrap().json().unwrap();
|
|
|
|
|
|
|
|
return String::from(value["response"]["server_time"].as_str().unwrap())
|
|
|
|
.parse()
|
|
|
|
.unwrap();
|
2021-03-24 22:49:09 +01:00
|
|
|
}
|
2021-04-04 15:38:34 +02:00
|
|
|
|
2021-08-08 00:47:39 +02:00
|
|
|
/// Provides raw access to the Steam API. Handles cookies, some deserialization, etc. to make it easier.
|
|
|
|
#[derive(Debug)]
|
2021-08-08 17:52:12 +02:00
|
|
|
pub struct SteamApiClient {
|
2021-08-08 00:47:39 +02:00
|
|
|
cookies: reqwest::cookie::Jar,
|
|
|
|
client: reqwest::blocking::Client,
|
|
|
|
pub session: Option<Session>,
|
|
|
|
}
|
|
|
|
|
|
|
|
impl SteamApiClient {
|
|
|
|
pub fn new() -> SteamApiClient {
|
|
|
|
SteamApiClient {
|
|
|
|
cookies: reqwest::cookie::Jar::default(),
|
|
|
|
client: reqwest::blocking::ClientBuilder::new()
|
|
|
|
.cookie_store(true)
|
|
|
|
.user_agent("Mozilla/5.0 (Linux; U; Android 4.1.1; en-us; Google Nexus 4 - 4.1.1 - API 16 - 768x1280 Build/JRO03S) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30")
|
|
|
|
.default_headers(HeaderMap::from_iter(hashmap! {
|
|
|
|
HeaderName::from_str("X-Requested-With").expect("could not build default request headers") => HeaderValue::from_str("com.valvesoftware.android.steam.community").expect("could not build default request headers")
|
|
|
|
}.into_iter()))
|
|
|
|
.build()
|
|
|
|
.unwrap(),
|
|
|
|
session: None,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
fn build_session(&self, data: &OAuthData) -> Session {
|
|
|
|
return Session {
|
|
|
|
token: data.oauth_token.clone(),
|
|
|
|
steam_id: data.steamid.parse().unwrap(),
|
|
|
|
steam_login: format!("{}%7C%7C{}", data.steamid, data.wgtoken),
|
|
|
|
steam_login_secure: format!("{}%7C%7C{}", data.steamid, data.wgtoken_secure),
|
|
|
|
session_id: self.extract_session_id().unwrap(),
|
|
|
|
web_cookie: data.webcookie.clone(),
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
fn extract_session_id(&self) -> Option<String> {
|
|
|
|
let cookies = self.cookies.cookies(&STEAM_COOKIE_URL).unwrap();
|
|
|
|
let all_cookies = cookies.to_str().unwrap();
|
|
|
|
for cookie in all_cookies
|
|
|
|
.split(";")
|
|
|
|
.map(|s| cookie::Cookie::parse(s).unwrap())
|
|
|
|
{
|
|
|
|
if cookie.name() == "sessionid" {
|
|
|
|
return Some(cookie.value().into());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return None;
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn save_cookies_from_response(&mut self, response: &reqwest::blocking::Response) {
|
|
|
|
let set_cookie_iter = response.headers().get_all(SET_COOKIE);
|
|
|
|
|
|
|
|
for c in set_cookie_iter {
|
|
|
|
c.to_str()
|
|
|
|
.into_iter()
|
|
|
|
.for_each(|cookie_str| self.cookies.add_cookie_str(cookie_str, &STEAM_COOKIE_URL));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn request<U: reqwest::IntoUrl>(&self, method: reqwest::Method, url: U) -> RequestBuilder {
|
|
|
|
self.cookies
|
|
|
|
.add_cookie_str("mobileClientVersion=0 (2.1.3)", &STEAM_COOKIE_URL);
|
|
|
|
self.cookies
|
|
|
|
.add_cookie_str("mobileClient=android", &STEAM_COOKIE_URL);
|
|
|
|
self.cookies
|
|
|
|
.add_cookie_str("Steam_Language=english", &STEAM_COOKIE_URL);
|
|
|
|
|
|
|
|
self.client
|
|
|
|
.request(method, url)
|
|
|
|
.header(COOKIE, self.cookies.cookies(&STEAM_COOKIE_URL).unwrap())
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn get<U: reqwest::IntoUrl>(&self, url: U) -> RequestBuilder {
|
|
|
|
self.request(reqwest::Method::GET, url)
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn post<U: reqwest::IntoUrl>(&self, url: U) -> RequestBuilder {
|
|
|
|
self.request(reqwest::Method::POST, url)
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Updates the cookie jar with the session cookies by pinging steam servers.
|
2021-08-08 17:52:12 +02:00
|
|
|
pub fn update_session(&mut self) -> anyhow::Result<()> {
|
2021-08-08 00:47:39 +02:00
|
|
|
trace!("SteamApiClient::update_session");
|
|
|
|
|
|
|
|
let resp = self
|
|
|
|
.get("https://steamcommunity.com/login?oauth_client_id=DE45CD61&oauth_scope=read_profile%20write_profile%20read_client%20write_client".parse::<Url>().unwrap())
|
|
|
|
.send()?;
|
|
|
|
self.save_cookies_from_response(&resp);
|
|
|
|
trace!("{:?}", resp);
|
|
|
|
|
|
|
|
trace!("cookies: {:?}", self.cookies);
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Endpoint: POST /login/dologin
|
|
|
|
pub fn login(
|
|
|
|
&mut self,
|
|
|
|
username: String,
|
|
|
|
encrypted_password: String,
|
|
|
|
twofactor_code: String,
|
|
|
|
email_code: String,
|
|
|
|
captcha_gid: String,
|
|
|
|
captcha_text: String,
|
|
|
|
rsa_timestamp: String,
|
|
|
|
) -> anyhow::Result<LoginResponse> {
|
|
|
|
let params = hashmap! {
|
|
|
|
"donotcache" => format!(
|
|
|
|
"{}",
|
|
|
|
SystemTime::now()
|
|
|
|
.duration_since(UNIX_EPOCH)
|
|
|
|
.unwrap()
|
|
|
|
.as_secs()
|
|
|
|
* 1000
|
|
|
|
),
|
|
|
|
"username" => username,
|
|
|
|
"password" => encrypted_password,
|
|
|
|
"twofactorcode" => twofactor_code,
|
|
|
|
"emailauth" => email_code,
|
|
|
|
"captchagid" => captcha_gid,
|
|
|
|
"captcha_text" => captcha_text,
|
|
|
|
"rsatimestamp" => rsa_timestamp,
|
|
|
|
"remember_login" => "true".into(),
|
|
|
|
"oauth_client_id" => "DE45CD61".into(),
|
|
|
|
"oauth_scope" => "read_profile write_profile read_client write_client".into(),
|
|
|
|
};
|
|
|
|
|
|
|
|
let resp = self
|
|
|
|
.post("https://steamcommunity.com/login/dologin")
|
|
|
|
.form(¶ms)
|
|
|
|
.send()?;
|
|
|
|
let text = resp.text()?;
|
|
|
|
trace!("raw login response: {}", text);
|
|
|
|
|
|
|
|
let login_resp: LoginResponse = serde_json::from_str(text.as_str())?;
|
|
|
|
|
|
|
|
if let Some(oauth) = &login_resp.oauth {
|
|
|
|
self.session = Some(self.build_session(&oauth));
|
|
|
|
}
|
|
|
|
|
|
|
|
return Ok(login_resp);
|
|
|
|
}
|
|
|
|
|
|
|
|
/// A secondary step in the login flow. Does not seem to always be needed?
|
|
|
|
/// Endpoints: provided by `login()`
|
2021-08-08 17:52:12 +02:00
|
|
|
pub fn transfer_login(&mut self, login_resp: LoginResponse) -> anyhow::Result<OAuthData> {
|
2021-08-08 00:47:39 +02:00
|
|
|
match (login_resp.transfer_urls, login_resp.transfer_parameters) {
|
|
|
|
(Some(urls), Some(params)) => {
|
|
|
|
debug!("received transfer parameters, relaying data...");
|
|
|
|
for url in urls {
|
|
|
|
trace!("posting transfer to {}", url);
|
|
|
|
let resp = self.client.post(url).json(¶ms).send()?;
|
|
|
|
self.save_cookies_from_response(&resp);
|
|
|
|
}
|
|
|
|
|
|
|
|
let oauth = OAuthData {
|
|
|
|
oauth_token: params.auth,
|
|
|
|
steamid: params.steamid.parse().unwrap(),
|
|
|
|
wgtoken: params.token_secure.clone(), // guessing
|
|
|
|
wgtoken_secure: params.token_secure,
|
|
|
|
webcookie: params.webcookie,
|
|
|
|
};
|
|
|
|
self.session = Some(self.build_session(&oauth));
|
|
|
|
return Ok(oauth);
|
|
|
|
}
|
|
|
|
(None, None) => {
|
|
|
|
bail!("did not receive transfer_urls and transfer_parameters");
|
|
|
|
}
|
|
|
|
(_, None) => {
|
|
|
|
bail!("did not receive transfer_parameters");
|
|
|
|
}
|
|
|
|
(None, _) => {
|
|
|
|
bail!("did not receive transfer_urls");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn test_oauth_data_parse() {
|
|
|
|
// This example is from a login response that did not contain any transfer URLs.
|
|
|
|
let oauth: OAuthData = serde_json::from_str("{\"steamid\":\"78562647129469312\",\"account_name\":\"feuarus\",\"oauth_token\":\"fd2fdb3d0717bcd2220d98c7ec61c7bd\",\"wgtoken\":\"72E7013D598A4F68C7E268F6FA3767D89D763732\",\"wgtoken_secure\":\"21061EA13C36D7C29812CAED900A215171AD13A2\",\"webcookie\":\"6298070A226E5DAD49938D78BCF36F7A7118FDD5\"}").unwrap();
|
|
|
|
|
|
|
|
assert_eq!(oauth.steamid, "78562647129469312");
|
|
|
|
assert_eq!(oauth.oauth_token, "fd2fdb3d0717bcd2220d98c7ec61c7bd");
|
|
|
|
assert_eq!(oauth.wgtoken, "72E7013D598A4F68C7E268F6FA3767D89D763732");
|
|
|
|
assert_eq!(oauth.wgtoken_secure, "21061EA13C36D7C29812CAED900A215171AD13A2");
|
|
|
|
assert_eq!(oauth.webcookie, "6298070A226E5DAD49938D78BCF36F7A7118FDD5");
|
|
|
|
}
|
2021-08-08 17:16:06 +02:00
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn test_login_response_parse() {
|
|
|
|
let result = serde_json::from_str::<LoginResponse>(include_str!("fixtures/api-responses/login-response1.json"));
|
|
|
|
|
|
|
|
assert!(matches!(result, Ok(_)), "got error: {}", result.unwrap_err());
|
|
|
|
let resp = result.unwrap();
|
|
|
|
|
|
|
|
let oauth = resp.oauth.unwrap();
|
|
|
|
assert_eq!(oauth.steamid, "78562647129469312");
|
|
|
|
assert_eq!(oauth.oauth_token, "fd2fdb3d0717bad2220d98c7ec61c7bd");
|
|
|
|
assert_eq!(oauth.wgtoken, "72E7013D598A4F68C7E268F6FA3767D89D763732");
|
|
|
|
assert_eq!(oauth.wgtoken_secure, "21061EA13C36D7C29812CAED900A215171AD13A2");
|
|
|
|
assert_eq!(oauth.webcookie, "6298070A226E5DAD49938D78BCF36F7A7118FDD5");
|
|
|
|
}
|