steamguard-cli/steamguard/src/accountlinker.rs

use crate::{
	api_responses::{AddAuthenticatorResponse, FinalizeAddAuthenticatorResponse},
	steamapi::{Session, SteamApiClient},
	SteamGuardAccount,
};
use log::*;
use thiserror::Error;

#[derive(Debug)]
pub struct AccountLinker {
	device_id: String,
	pub phone_number: String,
	pub account: Option<SteamGuardAccount>,
	pub finalized: bool,
	sent_confirmation_email: bool,
	session: Session,
	client: SteamApiClient,
}

impl AccountLinker {
	pub fn new(session: Session) -> AccountLinker {
		return AccountLinker {
			device_id: generate_device_id(),
			phone_number: "".into(),
			account: None,
			finalized: false,
			sent_confirmation_email: false,
			session: session.clone(),
			client: SteamApiClient::new(Some(secrecy::Secret::new(session))),
		};
	}

	pub fn link(&mut self) -> anyhow::Result<SteamGuardAccount, AccountLinkError> {
		// let has_phone = self.client.has_phone()?;

		// if has_phone && !self.phone_number.is_empty() {
		// 	return Err(AccountLinkError::MustRemovePhoneNumber);
		// }
		// if !has_phone && self.phone_number.is_empty() {
		// 	return Err(AccountLinkError::MustProvidePhoneNumber);
		// }

		// if !has_phone {
		// 	if self.sent_confirmation_email {
		// 		if !self.client.check_email_confirmation()? {
		// 			return Err(anyhow!("Failed email confirmation check"))?;
		// 		}
		// 	} else if !self.client.add_phone_number(self.phone_number.clone())? {
		// 		return Err(anyhow!("Failed to add phone number"))?;
		// 	} else {
		// 		self.sent_confirmation_email = true;
		// 		return Err(AccountLinkError::MustConfirmEmail);
		// 	}
		// }

		let resp: AddAuthenticatorResponse =
			self.client.add_authenticator(self.device_id.clone())?;

		match resp.status {
			29 => {
				return Err(AccountLinkError::AuthenticatorPresent);
			}
			2 => {
				// If the user has no phone number on their account, it will always return this status code.
				// However, this does not mean that this status just means "no phone number". It can also
				// be literally anything else, so that's why we return GenericFailure here.
				return Err(AccountLinkError::GenericFailure);
			}
			1 => {
				let mut account = resp.to_steam_guard_account();
				account.device_id = self.device_id.clone();
				account.session = self.client.session.clone();
				return Ok(account);
			}
			status => {
				return Err(anyhow!("Unknown add authenticator status code: {}", status))?;
			}
		}
	}

	/// You may have to call this multiple times. If you have to call it a bunch of times, then you can assume that you are unable to generate correct 2fa codes.
	pub fn finalize(
		&mut self,
		account: &mut SteamGuardAccount,
		sms_code: String,
	) -> anyhow::Result<(), FinalizeLinkError> {
		let time = crate::steamapi::get_server_time()?.server_time;
		let code = account.generate_code(time);
		let resp: FinalizeAddAuthenticatorResponse =
			self.client
				.finalize_authenticator(sms_code.clone(), code, time)?;
		info!("finalize response status: {}", resp.status);

		match resp.status {
			89 => {
				return Err(FinalizeLinkError::BadSmsCode);
			}
			_ => {}
		}

		if !resp.success {
			return Err(FinalizeLinkError::Failure {
				status: resp.status,
			})?;
		}

		if resp.want_more {
			return Err(FinalizeLinkError::WantMore);
		}

		self.finalized = true;
		account.fully_enrolled = true;
		return Ok(());
	}
}

fn generate_device_id() -> String {
	return format!("android:{}", uuid::Uuid::new_v4().to_string());
}

#[derive(Error, Debug)]
pub enum AccountLinkError {
	/// No phone number on the account
	#[error("A phone number is needed, but not already present on the account.")]
	MustProvidePhoneNumber,
	/// A phone number is already on the account
	#[error("A phone number was provided, but one is already present on the account.")]
	MustRemovePhoneNumber,
	/// User need to click link from confirmation email
	#[error("An email has been sent to the user's email, click the link in that email.")]
	MustConfirmEmail,
	#[error("Authenticator is already present.")]
	AuthenticatorPresent,
	#[error("Steam was unable to link the authenticator to the account. No additional information about this error is available. This is a Steam error, not a steamguard-cli error. Try adding a phone number to your Steam account (which you can do here: https://store.steampowered.com/phone/add), or try again later.")]
	GenericFailure,
	#[error(transparent)]
	Unknown(#[from] anyhow::Error),
}

#[derive(Error, Debug)]
pub enum FinalizeLinkError {
	#[error("Provided SMS code was incorrect.")]
	BadSmsCode,
	/// Steam wants more 2fa codes to verify that we can generate valid codes. Call finalize again.
	#[error("Steam wants more 2fa codes for verification.")]
	WantMore,
	#[error("Finalization was not successful. Status code {status:?}")]
	Failure { status: i32 },
	#[error(transparent)]
	Unknown(#[from] anyhow::Error),
}
add add_authenticator to steamapi module 2021-08-08 21:25:27 +02:00			`use crate::{`
reorganize steam api responses 2022-12-06 16:02:07 +01:00			`api_responses::{AddAuthenticatorResponse, FinalizeAddAuthenticatorResponse},`
			`steamapi::{Session, SteamApiClient},`
add add_authenticator to steamapi module 2021-08-08 21:25:27 +02:00			`SteamGuardAccount,`
			`};`
add account link finalization 2021-08-09 06:09:34 +02:00			`use log::*;`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`use thiserror::Error;`
add incomplete account linker 2021-07-27 22:24:56 +02:00
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`#[derive(Debug)]`
add incomplete account linker 2021-07-27 22:24:56 +02:00			`pub struct AccountLinker {`
add rustfmt.toml and run cargo fmt 2021-08-08 18:54:46 +02:00			`device_id: String,`
actually handle account link errors 2021-08-10 01:09:48 +02:00			`pub phone_number: String,`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`pub account: Option<SteamGuardAccount>,`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00			`pub finalized: bool,`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`sent_confirmation_email: bool,`
			`session: Session,`
			`client: SteamApiClient,`
add incomplete account linker 2021-07-27 22:24:56 +02:00			`}`

			`impl AccountLinker {`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`pub fn new(session: Session) -> AccountLinker {`
add rustfmt.toml and run cargo fmt 2021-08-08 18:54:46 +02:00			`return AccountLinker {`
			`device_id: generate_device_id(),`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`phone_number: "".into(),`
			`account: None,`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00			`finalized: false,`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`sent_confirmation_email: false,`
fixed session not being transfered to AccountLinker 2021-08-10 02:05:23 +02:00			`session: session.clone(),`
protect `Session` memory, values are zeroized when dropped 2022-06-19 20:42:07 +02:00			`client: SteamApiClient::new(Some(secrecy::Secret::new(session))),`
add rustfmt.toml and run cargo fmt 2021-08-08 18:54:46 +02:00			`};`
			`}`
add incomplete account linker 2021-07-27 22:24:56 +02:00
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`pub fn link(&mut self) -> anyhow::Result<SteamGuardAccount, AccountLinkError> {`
adding phone numbers does not work 2021-08-10 03:41:20 +02:00			`// let has_phone = self.client.has_phone()?;`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00
adding phone numbers does not work 2021-08-10 03:41:20 +02:00			`// if has_phone && !self.phone_number.is_empty() {`
			`// return Err(AccountLinkError::MustRemovePhoneNumber);`
			`// }`
			`// if !has_phone && self.phone_number.is_empty() {`
			`// return Err(AccountLinkError::MustProvidePhoneNumber);`
			`// }`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00
adding phone numbers does not work 2021-08-10 03:41:20 +02:00			`// if !has_phone {`
			`// if self.sent_confirmation_email {`
			`// if !self.client.check_email_confirmation()? {`
			`// return Err(anyhow!("Failed email confirmation check"))?;`
			`// }`
			`// } else if !self.client.add_phone_number(self.phone_number.clone())? {`
			`// return Err(anyhow!("Failed to add phone number"))?;`
			`// } else {`
			`// self.sent_confirmation_email = true;`
			`// return Err(AccountLinkError::MustConfirmEmail);`
			`// }`
			`// }`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`let resp: AddAuthenticatorResponse =`
			`self.client.add_authenticator(self.device_id.clone())?;`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00
refactor to use SteamApiResponse 2021-08-09 01:09:15 +02:00			`match resp.status {`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`29 => {`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`return Err(AccountLinkError::AuthenticatorPresent);`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`}`
add a better failure message for account link status 2 2022-01-02 15:46:01 +01:00			`2 => {`
update some comments and some printed messages 2022-12-05 16:36:38 +01:00			`// If the user has no phone number on their account, it will always return this status code.`
			`// However, this does not mean that this status just means "no phone number". It can also`
			`// be literally anything else, so that's why we return GenericFailure here.`
add a better failure message for account link status 2 2022-01-02 15:46:01 +01:00			`return Err(AccountLinkError::GenericFailure);`
			`}`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`1 => {`
			`let mut account = resp.to_steam_guard_account();`
			`account.device_id = self.device_id.clone();`
			`account.session = self.client.session.clone();`
			`return Ok(account);`
			`}`
			`status => {`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`return Err(anyhow!("Unknown add authenticator status code: {}", status))?;`
implement the first step for account linking process 2021-08-09 00:32:50 +02:00			`}`
			`}`
add rustfmt.toml and run cargo fmt 2021-08-08 18:54:46 +02:00			`}`
add incomplete account linker 2021-07-27 22:24:56 +02:00
add account link finalization 2021-08-09 06:09:34 +02:00			`/// You may have to call this multiple times. If you have to call it a bunch of times, then you can assume that you are unable to generate correct 2fa codes.`
			`pub fn finalize(`
			`&mut self,`
			`account: &mut SteamGuardAccount,`
			`sms_code: String,`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`) -> anyhow::Result<(), FinalizeLinkError> {`
get_server_time now returns Result, fixes #152 2022-06-21 02:05:00 +02:00			`let time = crate::steamapi::get_server_time()?.server_time;`
add account link finalization 2021-08-09 06:09:34 +02:00			`let code = account.generate_code(time);`
actually handle account link errors 2021-08-10 01:09:48 +02:00			`let resp: FinalizeAddAuthenticatorResponse =`
			`self.client`
			`.finalize_authenticator(sms_code.clone(), code, time)?;`
add account link finalization 2021-08-09 06:09:34 +02:00			`info!("finalize response status: {}", resp.status);`

			`match resp.status {`
			`89 => {`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`return Err(FinalizeLinkError::BadSmsCode);`
add account link finalization 2021-08-09 06:09:34 +02:00			`}`
			`_ => {}`
			`}`

			`if !resp.success {`
actually handle account link errors 2021-08-10 01:09:48 +02:00			`return Err(FinalizeLinkError::Failure {`
			`status: resp.status,`
			`})?;`
add account link finalization 2021-08-09 06:09:34 +02:00			`}`

			`if resp.want_more {`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`return Err(FinalizeLinkError::WantMore);`
add account link finalization 2021-08-09 06:09:34 +02:00			`}`

			`self.finalized = true;`
			`account.fully_enrolled = true;`
			`return Ok(());`
			`}`
add incomplete account linker 2021-07-27 22:24:56 +02:00			`}`

			`fn generate_device_id() -> String {`
add rustfmt.toml and run cargo fmt 2021-08-08 18:54:46 +02:00			`return format!("android:{}", uuid::Uuid::new_v4().to_string());`
add incomplete account linker 2021-07-27 22:24:56 +02:00			`}`

improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[derive(Error, Debug)]`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00			`pub enum AccountLinkError {`
			`/// No phone number on the account`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[error("A phone number is needed, but not already present on the account.")]`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00			`MustProvidePhoneNumber,`
			`/// A phone number is already on the account`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[error("A phone number was provided, but one is already present on the account.")]`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00			`MustRemovePhoneNumber,`
			`/// User need to click link from confirmation email`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[error("An email has been sent to the user's email, click the link in that email.")]`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00			`MustConfirmEmail,`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[error("Authenticator is already present.")]`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00			`AuthenticatorPresent,`
update some comments and some printed messages 2022-12-05 16:36:38 +01:00			`#[error("Steam was unable to link the authenticator to the account. No additional information about this error is available. This is a Steam error, not a steamguard-cli error. Try adding a phone number to your Steam account (which you can do here: https://store.steampowered.com/phone/add), or try again later.")]`
add a better failure message for account link status 2 2022-01-02 15:46:01 +01:00			`GenericFailure,`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[error(transparent)]`
			`Unknown(#[from] anyhow::Error),`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00			`}`

improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[derive(Error, Debug)]`
add account link finalization 2021-08-09 06:09:34 +02:00			`pub enum FinalizeLinkError {`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[error("Provided SMS code was incorrect.")]`
add account link finalization 2021-08-09 06:09:34 +02:00			`BadSmsCode,`
			`/// Steam wants more 2fa codes to verify that we can generate valid codes. Call finalize again.`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[error("Steam wants more 2fa codes for verification.")]`
add account link finalization 2021-08-09 06:09:34 +02:00			`WantMore,`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[error("Finalization was not successful. Status code {status:?}")]`
actually handle account link errors 2021-08-10 01:09:48 +02:00			`Failure { status: i32 },`
improve error handling in accountlinker 2021-08-10 00:44:42 +02:00			`#[error(transparent)]`
			`Unknown(#[from] anyhow::Error),`
add NetworkFailure to AccountLinkError 2021-08-05 03:26:14 +02:00			`}`