Merge pull request #78 from dyc3/account-setup
Rough implementation for account setup
This commit is contained in:
commit
5fdc12bfb8
13 changed files with 887 additions and 105 deletions
21
Cargo.lock
generated
21
Cargo.lock
generated
|
@ -1625,6 +1625,7 @@ dependencies = [
|
|||
"serde",
|
||||
"serde_json",
|
||||
"standback",
|
||||
"thiserror",
|
||||
"uuid",
|
||||
]
|
||||
|
||||
|
@ -1781,6 +1782,26 @@ version = "0.1.1"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "8eaa81235c7058867fa8c0e7314f33dcce9c215f535d1913822a2b3f5e289f3c"
|
||||
|
||||
[[package]]
|
||||
name = "thiserror"
|
||||
version = "1.0.26"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "93119e4feac1cbe6c798c34d3a53ea0026b0b1de6a120deef895137c0529bfe2"
|
||||
dependencies = [
|
||||
"thiserror-impl",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "thiserror-impl"
|
||||
version = "1.0.26"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "060d69a0afe7796bf42e9e2ff91f5ee691fb15c53d38b4b62a9a53eb23164745"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
"syn",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "thread_local"
|
||||
version = "0.3.4"
|
||||
|
|
|
@ -1,87 +0,0 @@
|
|||
use log::*;
|
||||
use reqwest::{cookie::CookieStore, header::COOKIE, Url};
|
||||
use serde::Deserialize;
|
||||
use serde_json::Value;
|
||||
use std::collections::HashMap;
|
||||
use steamguard::{steamapi::Session, SteamGuardAccount};
|
||||
|
||||
#[derive(Debug, Clone)]
|
||||
pub struct AccountLinker {
|
||||
device_id: String,
|
||||
phone_number: String,
|
||||
pub account: SteamGuardAccount,
|
||||
client: reqwest::blocking::Client,
|
||||
}
|
||||
|
||||
impl AccountLinker {
|
||||
pub fn new() -> AccountLinker {
|
||||
return AccountLinker {
|
||||
device_id: generate_device_id(),
|
||||
phone_number: String::from(""),
|
||||
account: SteamGuardAccount::new(),
|
||||
client: reqwest::blocking::ClientBuilder::new()
|
||||
.cookie_store(true)
|
||||
.build()
|
||||
.unwrap(),
|
||||
};
|
||||
}
|
||||
|
||||
pub fn link(&self, session: &mut Session) {
|
||||
let mut params = HashMap::new();
|
||||
params.insert("access_token", session.token.clone());
|
||||
params.insert("steamid", session.steam_id.to_string());
|
||||
params.insert("device_identifier", self.device_id.clone());
|
||||
params.insert("authenticator_type", String::from("1"));
|
||||
params.insert("sms_phone_id", String::from("1"));
|
||||
}
|
||||
|
||||
fn has_phone(&self, session: &Session) -> bool {
|
||||
return self._phoneajax(session, "has_phone", "null");
|
||||
}
|
||||
|
||||
fn _phoneajax(&self, session: &Session, op: &str, arg: &str) -> bool {
|
||||
trace!("_phoneajax: op={}", op);
|
||||
let url = "https://steamcommunity.com".parse::<Url>().unwrap();
|
||||
let cookies = reqwest::cookie::Jar::default();
|
||||
cookies.add_cookie_str("mobileClientVersion=0 (2.1.3)", &url);
|
||||
cookies.add_cookie_str("mobileClient=android", &url);
|
||||
cookies.add_cookie_str("Steam_Language=english", &url);
|
||||
|
||||
let mut params = HashMap::new();
|
||||
params.insert("op", op);
|
||||
params.insert("arg", arg);
|
||||
params.insert("sessionid", session.session_id.as_str());
|
||||
if op == "check_sms_code" {
|
||||
params.insert("checkfortos", "0");
|
||||
params.insert("skipvoip", "1");
|
||||
}
|
||||
|
||||
let resp = self
|
||||
.client
|
||||
.post("https://steamcommunity.com/steamguard/phoneajax")
|
||||
.header(COOKIE, cookies.cookies(&url).unwrap())
|
||||
.send()
|
||||
.unwrap();
|
||||
|
||||
let result: Value = resp.json().unwrap();
|
||||
if result["has_phone"] != Value::Null {
|
||||
trace!("found has_phone field");
|
||||
return result["has_phone"].as_bool().unwrap();
|
||||
} else if result["success"] != Value::Null {
|
||||
trace!("found success field");
|
||||
return result["success"].as_bool().unwrap();
|
||||
} else {
|
||||
trace!("did not find any expected field");
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn generate_device_id() -> String {
|
||||
return format!("android:{}", uuid::Uuid::new_v4().to_string());
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
pub struct AddAuthenticatorResponse {
|
||||
pub response: SteamGuardAccount,
|
||||
}
|
147
src/main.rs
147
src/main.rs
|
@ -9,7 +9,8 @@ use std::{
|
|||
sync::{Arc, Mutex},
|
||||
};
|
||||
use steamguard::{
|
||||
steamapi, Confirmation, ConfirmationType, LoginError, SteamGuardAccount, UserLogin,
|
||||
steamapi, AccountLinkError, AccountLinker, Confirmation, ConfirmationType, FinalizeLinkError,
|
||||
LoginError, SteamGuardAccount, UserLogin,
|
||||
};
|
||||
use termion::{
|
||||
event::{Event, Key},
|
||||
|
@ -22,7 +23,6 @@ use termion::{
|
|||
extern crate lazy_static;
|
||||
#[macro_use]
|
||||
extern crate anyhow;
|
||||
mod accountlinker;
|
||||
mod accountmanager;
|
||||
|
||||
lazy_static! {
|
||||
|
@ -40,6 +40,7 @@ fn main() {
|
|||
Arg::with_name("username")
|
||||
.long("username")
|
||||
.short("u")
|
||||
.takes_value(true)
|
||||
.help("Select the account you want by steam username. By default, the first account in the manifest is selected.")
|
||||
)
|
||||
.arg(
|
||||
|
@ -98,6 +99,7 @@ fn main() {
|
|||
stderrlog::new()
|
||||
.verbosity(verbosity)
|
||||
.module(module_path!())
|
||||
.module("steamguard")
|
||||
.init()
|
||||
.unwrap();
|
||||
|
||||
|
@ -120,13 +122,93 @@ fn main() {
|
|||
}
|
||||
}
|
||||
|
||||
manifest.load_accounts();
|
||||
manifest
|
||||
.load_accounts()
|
||||
.expect("Failed to load accounts in manifest");
|
||||
|
||||
if matches.is_present("setup") {
|
||||
info!("setup");
|
||||
let mut linker = accountlinker::AccountLinker::new();
|
||||
// do_login(&mut linker.account);
|
||||
// linker.link(linker.account.session.expect("no login session"));
|
||||
println!("Log in to the account that you want to link to steamguard-cli");
|
||||
let session = do_login_raw().expect("Failed to log in. Account has not been linked.");
|
||||
|
||||
let mut linker = AccountLinker::new(session);
|
||||
let account: SteamGuardAccount;
|
||||
loop {
|
||||
match linker.link() {
|
||||
Ok(a) => {
|
||||
account = a;
|
||||
break;
|
||||
}
|
||||
Err(AccountLinkError::MustRemovePhoneNumber) => {
|
||||
println!("There is already a phone number on this account, please remove it and try again.");
|
||||
return;
|
||||
}
|
||||
Err(AccountLinkError::MustProvidePhoneNumber) => {
|
||||
println!("Enter your phone number in the following format: +1 123-456-7890");
|
||||
print!("Phone number: ");
|
||||
linker.phone_number = prompt().replace(&['(', ')', '-'][..], "");
|
||||
}
|
||||
Err(AccountLinkError::AuthenticatorPresent) => {
|
||||
println!("An authenticator is already present on this account.");
|
||||
return;
|
||||
}
|
||||
Err(AccountLinkError::MustConfirmEmail) => {
|
||||
println!("Check your email and click the link.");
|
||||
pause();
|
||||
}
|
||||
Err(err) => {
|
||||
error!(
|
||||
"Failed to link authenticator. Account has not been linked. {}",
|
||||
err
|
||||
);
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
manifest.add_account(account);
|
||||
match manifest.save() {
|
||||
Ok(_) => {}
|
||||
Err(err) => {
|
||||
error!("Aborting the account linking process because we failed to save the manifest. This is really bad. Here is the error: {}", err);
|
||||
println!(
|
||||
"Just in case, here is the account info. Save it somewhere just in case!\n{:?}",
|
||||
manifest.accounts.last().unwrap().lock().unwrap()
|
||||
);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
let mut account = manifest
|
||||
.accounts
|
||||
.last()
|
||||
.as_ref()
|
||||
.unwrap()
|
||||
.clone()
|
||||
.lock()
|
||||
.unwrap();
|
||||
|
||||
debug!("attempting link finalization");
|
||||
print!("Enter SMS code: ");
|
||||
let sms_code = prompt();
|
||||
let mut tries = 0;
|
||||
loop {
|
||||
match linker.finalize(&mut account, sms_code.clone()) {
|
||||
Ok(_) => break,
|
||||
Err(FinalizeLinkError::WantMore) => {
|
||||
debug!("steam wants more 2fa codes (tries: {})", tries);
|
||||
tries += 1;
|
||||
if tries >= 30 {
|
||||
error!("Failed to finalize: unable to generate valid 2fa codes");
|
||||
break;
|
||||
}
|
||||
continue;
|
||||
}
|
||||
Err(err) => {
|
||||
error!("Failed to finalize: {}", err);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -427,6 +509,57 @@ fn do_login(account: &mut SteamGuardAccount) {
|
|||
}
|
||||
}
|
||||
|
||||
fn do_login_raw() -> anyhow::Result<steamapi::Session> {
|
||||
print!("Username: ");
|
||||
let username = prompt();
|
||||
let _ = std::io::stdout().flush();
|
||||
let password = rpassword::prompt_password_stdout("Password: ").unwrap();
|
||||
if password.len() > 0 {
|
||||
debug!("password is present");
|
||||
} else {
|
||||
debug!("password is empty");
|
||||
}
|
||||
// TODO: reprompt if password is empty
|
||||
let mut login = UserLogin::new(username, password);
|
||||
let mut loops = 0;
|
||||
loop {
|
||||
match login.login() {
|
||||
Ok(s) => {
|
||||
return Ok(s);
|
||||
}
|
||||
Err(LoginError::Need2FA) => {
|
||||
print!("Enter 2fa code: ");
|
||||
login.twofactor_code = prompt();
|
||||
}
|
||||
Err(LoginError::NeedCaptcha { captcha_gid }) => {
|
||||
debug!("need captcha to log in");
|
||||
login.captcha_text = prompt_captcha_text(&captcha_gid);
|
||||
}
|
||||
Err(LoginError::NeedEmail) => {
|
||||
println!("You should have received an email with a code.");
|
||||
print!("Enter code: ");
|
||||
login.email_code = prompt();
|
||||
}
|
||||
Err(r) => {
|
||||
error!("Fatal login result: {:?}", r);
|
||||
bail!(r);
|
||||
}
|
||||
}
|
||||
loops += 1;
|
||||
if loops > 2 {
|
||||
error!("Too many loops. Aborting login process, to avoid getting rate limited.");
|
||||
bail!("Too many loops. Login process aborted to avoid getting rate limited.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn pause() {
|
||||
println!("Press any key to continue...");
|
||||
let mut stdout = stdout().into_raw_mode().unwrap();
|
||||
stdout.flush().unwrap();
|
||||
stdin().events().next();
|
||||
}
|
||||
|
||||
fn demo_confirmation_menu() {
|
||||
info!("showing demo menu");
|
||||
let (accept, deny) = prompt_confirmation_menu(vec![
|
||||
|
|
|
@ -23,3 +23,4 @@ uuid = { version = "0.8", features = ["v4"] }
|
|||
log = "0.4.14"
|
||||
scraper = "0.12.0"
|
||||
maplit = "1.0.2"
|
||||
thiserror = "1.0.26"
|
||||
|
|
144
steamguard/src/accountlinker.rs
Normal file
144
steamguard/src/accountlinker.rs
Normal file
|
@ -0,0 +1,144 @@
|
|||
use crate::{
|
||||
steamapi::{
|
||||
AddAuthenticatorResponse, FinalizeAddAuthenticatorResponse, Session, SteamApiClient,
|
||||
},
|
||||
SteamGuardAccount,
|
||||
};
|
||||
use log::*;
|
||||
use thiserror::Error;
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct AccountLinker {
|
||||
device_id: String,
|
||||
pub phone_number: String,
|
||||
pub account: Option<SteamGuardAccount>,
|
||||
pub finalized: bool,
|
||||
sent_confirmation_email: bool,
|
||||
session: Session,
|
||||
client: SteamApiClient,
|
||||
}
|
||||
|
||||
impl AccountLinker {
|
||||
pub fn new(session: Session) -> AccountLinker {
|
||||
return AccountLinker {
|
||||
device_id: generate_device_id(),
|
||||
phone_number: "".into(),
|
||||
account: None,
|
||||
finalized: false,
|
||||
sent_confirmation_email: false,
|
||||
session: session.clone(),
|
||||
client: SteamApiClient::new(Some(session)),
|
||||
};
|
||||
}
|
||||
|
||||
pub fn link(&mut self) -> anyhow::Result<SteamGuardAccount, AccountLinkError> {
|
||||
// let has_phone = self.client.has_phone()?;
|
||||
|
||||
// if has_phone && !self.phone_number.is_empty() {
|
||||
// return Err(AccountLinkError::MustRemovePhoneNumber);
|
||||
// }
|
||||
// if !has_phone && self.phone_number.is_empty() {
|
||||
// return Err(AccountLinkError::MustProvidePhoneNumber);
|
||||
// }
|
||||
|
||||
// if !has_phone {
|
||||
// if self.sent_confirmation_email {
|
||||
// if !self.client.check_email_confirmation()? {
|
||||
// return Err(anyhow!("Failed email confirmation check"))?;
|
||||
// }
|
||||
// } else if !self.client.add_phone_number(self.phone_number.clone())? {
|
||||
// return Err(anyhow!("Failed to add phone number"))?;
|
||||
// } else {
|
||||
// self.sent_confirmation_email = true;
|
||||
// return Err(AccountLinkError::MustConfirmEmail);
|
||||
// }
|
||||
// }
|
||||
|
||||
let resp: AddAuthenticatorResponse =
|
||||
self.client.add_authenticator(self.device_id.clone())?;
|
||||
|
||||
match resp.status {
|
||||
29 => {
|
||||
return Err(AccountLinkError::AuthenticatorPresent);
|
||||
}
|
||||
1 => {
|
||||
let mut account = resp.to_steam_guard_account();
|
||||
account.device_id = self.device_id.clone();
|
||||
account.session = self.client.session.clone();
|
||||
return Ok(account);
|
||||
}
|
||||
status => {
|
||||
return Err(anyhow!("Unknown add authenticator status code: {}", status))?;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// You may have to call this multiple times. If you have to call it a bunch of times, then you can assume that you are unable to generate correct 2fa codes.
|
||||
pub fn finalize(
|
||||
&mut self,
|
||||
account: &mut SteamGuardAccount,
|
||||
sms_code: String,
|
||||
) -> anyhow::Result<(), FinalizeLinkError> {
|
||||
let time = crate::steamapi::get_server_time();
|
||||
let code = account.generate_code(time);
|
||||
let resp: FinalizeAddAuthenticatorResponse =
|
||||
self.client
|
||||
.finalize_authenticator(sms_code.clone(), code, time)?;
|
||||
info!("finalize response status: {}", resp.status);
|
||||
|
||||
match resp.status {
|
||||
89 => {
|
||||
return Err(FinalizeLinkError::BadSmsCode);
|
||||
}
|
||||
_ => {}
|
||||
}
|
||||
|
||||
if !resp.success {
|
||||
return Err(FinalizeLinkError::Failure {
|
||||
status: resp.status,
|
||||
})?;
|
||||
}
|
||||
|
||||
if resp.want_more {
|
||||
return Err(FinalizeLinkError::WantMore);
|
||||
}
|
||||
|
||||
self.finalized = true;
|
||||
account.fully_enrolled = true;
|
||||
return Ok(());
|
||||
}
|
||||
}
|
||||
|
||||
fn generate_device_id() -> String {
|
||||
return format!("android:{}", uuid::Uuid::new_v4().to_string());
|
||||
}
|
||||
|
||||
#[derive(Error, Debug)]
|
||||
pub enum AccountLinkError {
|
||||
/// No phone number on the account
|
||||
#[error("A phone number is needed, but not already present on the account.")]
|
||||
MustProvidePhoneNumber,
|
||||
/// A phone number is already on the account
|
||||
#[error("A phone number was provided, but one is already present on the account.")]
|
||||
MustRemovePhoneNumber,
|
||||
/// User need to click link from confirmation email
|
||||
#[error("An email has been sent to the user's email, click the link in that email.")]
|
||||
MustConfirmEmail,
|
||||
#[error("Authenticator is already present.")]
|
||||
AuthenticatorPresent,
|
||||
#[error(transparent)]
|
||||
Unknown(#[from] anyhow::Error),
|
||||
}
|
||||
|
||||
#[derive(Error, Debug)]
|
||||
pub enum FinalizeLinkError {
|
||||
#[error("Provided SMS code was incorrect.")]
|
||||
BadSmsCode,
|
||||
/// Steam wants more 2fa codes to verify that we can generate valid codes. Call finalize again.
|
||||
#[error("Steam wants more 2fa codes for verification.")]
|
||||
WantMore,
|
||||
#[error("Finalization was not successful. Status code {status:?}")]
|
||||
Failure { status: i32 },
|
||||
#[error(transparent)]
|
||||
Unknown(#[from] anyhow::Error),
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
{"response":{"shared_secret":"wGwZx=sX5MmTxi6QgA3Gi","serial_number":"72016503753671","revocation_code":"R123456","uri":"otpauth://totp/Steam:hydrastar2?secret=JRX7DZIF4JNA3QE3UMS4BDACDISZTRWA&issuer=Steam","server_time":"1628559846","account_name":"hydrastar2","token_gid":"fe12390348285d7f4","identity_secret":"soo58ouTUV+5=KhRKDVK","secret_1":"Me7ngFQsY9R=x3EQyOU","status":1}}
|
|
@ -0,0 +1 @@
|
|||
{"response":{"status":29}}
|
|
@ -0,0 +1 @@
|
|||
{"success":true,"requires_twofactor":false,"redirect_uri":"steammobile:\/\/mobileloginsucceeded","login_complete":true,"oauth":"{\"steamid\":\"92591609556178617\",\"account_name\":\"hydrastar2\",\"oauth_token\":\"1cc83205dab2979e558534dab29f6f3aa\",\"wgtoken\":\"3EDA9DEF07D7B39361D95203525D8AFE82A\",\"wgtoken_secure\":\"F31641B9AFC2F8B0EE7B6F44D7E73EA3FA48\"}"}
|
|
@ -120,7 +120,7 @@ if ( typeof JSON != 'object' || !JSON.stringify || !JSON.parse ) { document.writ
|
|||
<div class="responsive_page_content">
|
||||
|
||||
<script type="text/javascript">
|
||||
g_sessionID = "68f328319201a5ecb430cd1df";
|
||||
g_sessionID = "1234";
|
||||
g_steamID = "76561198054667933";
|
||||
g_strLanguage = "english";
|
||||
g_SNR = '2_mobileconf_conf_';
|
||||
|
|
209
steamguard/src/fixtures/confirmations/phone-number-change.html
Normal file
209
steamguard/src/fixtures/confirmations/phone-number-change.html
Normal file
|
@ -0,0 +1,209 @@
|
|||
<!DOCTYPE html>
|
||||
<html class=" responsive touch legacy_mobile" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<meta name="viewport" content="width=device-width,initial-scale=1,user-scalable=no">
|
||||
<meta name="theme-color" content="#171a21">
|
||||
<title>Steam Community :: Confirmations</title>
|
||||
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
|
||||
|
||||
|
||||
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=uR_4hRD_HUln&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Add2STkxYHuV&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=1gdnPXjQX6UG&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/css/mobile/styles_mobileconf.css?v=7eOknd5U_Oiy&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/css/skin_1/html5.css?v=.MtSlvoLZL0Tb&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/css/skin_1/economy.css?v=wliPEsKn4dhI&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/css/skin_1/trade.css?v=lAf9Nl_Ur8XN&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/css/skin_1/profile_tradeoffers.css?v=EUgAAbLAW1fW&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=bhB6Pv-oiDhL&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<link href="https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=kSY7-qhkPHds&l=english&_cdn=cloudflare" rel="stylesheet" type="text/css" >
|
||||
<script>
|
||||
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
|
||||
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
|
||||
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
|
||||
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
|
||||
|
||||
ga('create', 'UA-33779068-1', 'auto', {
|
||||
'sampleRate': 0.4 });
|
||||
ga('set', 'dimension1', true );
|
||||
ga('set', 'dimension2', 'Steam Mobile App' );
|
||||
ga('set', 'dimension3', 'mobileconf' );
|
||||
ga('set', 'dimension4', "mobileconf\/conf" );
|
||||
ga('send', 'pageview' );
|
||||
|
||||
</script>
|
||||
<script type="text/javascript">
|
||||
var __PrototypePreserve=[];
|
||||
__PrototypePreserve[0] = Array.from;
|
||||
__PrototypePreserve[1] = Function.prototype.bind;
|
||||
</script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript">
|
||||
Array.from = __PrototypePreserve[0] || Array.from;
|
||||
Function.prototype.bind = __PrototypePreserve[1] || Function.prototype.bind;
|
||||
</script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdrop" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=kaDmsiBYUxf_&l=english&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.9Z1XDV02xrml&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=RVua47VPZG4D&l=english&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript">Object.seal && [ Object, Array, String, Number ].map( function( builtin ) { Object.seal( builtin.prototype ); } );</script><script type="text/javascript">$J = jQuery.noConflict();
|
||||
if ( typeof JSON != 'object' || !JSON.stringify || !JSON.parse ) { document.write( "<scr" + "ipt type=\"text\/javascript\" src=\"https:\/\/community.cloudflare.steamstatic.com\/public\/javascript\/json2.js?v=pmScf4470EZP&l=english&_cdn=cloudflare\" ><\/script>\n" ); };
|
||||
</script><script type="text/javascript">VALVE_PUBLIC_PATH = "https:\/\/community.cloudflare.steamstatic.com\/public\/";</script>
|
||||
<script type="text/javascript">
|
||||
document.addEventListener('DOMContentLoaded', function(event) {
|
||||
SetupTooltips( { tooltipCSSClass: 'community_tooltip'} );
|
||||
});
|
||||
</script><script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/javascript/jquery-ui-1.9.2.min.js?v=.ILEZTVPIP_6a&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/shared/javascript/mobileappapi.js?v=KX5d7WjziQ7F&l=english&_cdn=cloudflare&mobileClientType=android" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/javascript/mobile/mobileconf.js?v=mzd_2xm8sUkb&l=english&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/javascript/economy_common.js?v=tsXdRVB0yEaR&l=english&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/javascript/economy.js?v=n3ZFab2IK68b&l=english&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/javascript/modalContent.js?v=SPSdiqm70dR8&l=english&_cdn=cloudflare" ></script>
|
||||
<script type="text/javascript" src="https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=gcLGc1YQkPQi&l=english&_cdn=cloudflare" ></script>
|
||||
|
||||
<meta name="twitter:card" content="summary_large_image">
|
||||
|
||||
<meta name="twitter:site" content="@steam" />
|
||||
|
||||
<meta property="og:title" content="Steam Community :: Confirmations">
|
||||
<meta property="twitter:title" content="Steam Community :: Confirmations">
|
||||
<meta property="og:type" content="website">
|
||||
<meta property="fb:app_id" content="105386699540688">
|
||||
|
||||
|
||||
<link rel="image_src" href="https://community.cloudflare.steamstatic.com/public/shared/images/responsive/share_steam_logo.png">
|
||||
<meta property="og:image" content="https://community.cloudflare.steamstatic.com/public/shared/images/responsive/share_steam_logo.png">
|
||||
<meta name="twitter:image" content="https://community.cloudflare.steamstatic.com/public/shared/images/responsive/share_steam_logo.png" />
|
||||
<meta property="og:image:secure" content="https://community.cloudflare.steamstatic.com/public/shared/images/responsive/share_steam_logo.png">
|
||||
|
||||
|
||||
|
||||
|
||||
<script type="text/javascript">
|
||||
$J(function() {
|
||||
window.location="steammobile:\/\/settitle?title=Confirmations"; });
|
||||
</script>
|
||||
</head>
|
||||
<body class=" responsive_page">
|
||||
|
||||
<div class="responsive_page_frame no_header">
|
||||
|
||||
<div class="responsive_local_menu_tab">
|
||||
|
||||
</div>
|
||||
|
||||
<div class="responsive_page_menu_ctn localmenu">
|
||||
<div class="responsive_page_menu" id="responsive_page_local_menu">
|
||||
<div class="localmenu_content">
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
|
||||
<div class="responsive_page_content_overlay">
|
||||
|
||||
</div>
|
||||
|
||||
<div class="responsive_fixonscroll_ctn nonresponsive_hidden no_menu">
|
||||
</div>
|
||||
|
||||
<div class="responsive_page_content">
|
||||
|
||||
<script type="text/javascript">
|
||||
g_sessionID = "1234";
|
||||
g_steamID = "76561199155706892";
|
||||
g_strLanguage = "english";
|
||||
g_SNR = '2_mobileconf_conf_';
|
||||
g_bAllowAppImpressions = true
|
||||
g_CommunityPreferences = {"hide_adult_content_violence":1,"hide_adult_content_sex":1,"parenthesize_nicknames":0,"text_filter_setting":1,"text_filter_ignore_friends":1,"text_filter_words_revision":0,"timestamp_updated":0};
|
||||
|
||||
|
||||
|
||||
// We always want to have the timezone cookie set for PHP to use
|
||||
setTimezoneCookies();
|
||||
|
||||
$J( function() {
|
||||
|
||||
InitMiniprofileHovers();
|
||||
InitEmoticonHovers();
|
||||
ApplyAdultContentPreferences();
|
||||
});
|
||||
|
||||
$J( function() { InitEconomyHovers( "https:\/\/community.cloudflare.steamstatic.com\/public\/css\/skin_1\/economy.css?v=wliPEsKn4dhI&l=english&_cdn=cloudflare", "https:\/\/community.cloudflare.steamstatic.com\/public\/javascript\/economy_common.js?v=tsXdRVB0yEaR&l=english&_cdn=cloudflare", "https:\/\/community.cloudflare.steamstatic.com\/public\/javascript\/economy.js?v=n3ZFab2IK68b&l=english&_cdn=cloudflare" );});</script>
|
||||
|
||||
<div class="responsive_page_template_content" data-panel="{"autoFocus":true}" >
|
||||
|
||||
<div id="mobileconf_list">
|
||||
<div class="mobileconf_list_entry" id="conf9931444017" data-confid="9931444017" data-key="9746021299562127894" data-type="6" data-creator="2861625242839108895" data-cancel="Cancel" data-accept="Confirm" >
|
||||
<div class="mobileconf_list_entry_content">
|
||||
<div class="mobileconf_list_entry_icon">
|
||||
<img src="https://community.cloudflare.steamstatic.com/public/shared/images/login/key.png" style="width: 32px; height: 32px; margin-top: 6px"> </div> <div class="mobileconf_list_entry_description">
|
||||
<div>Account recovery</div>
|
||||
<div></div>
|
||||
<div>Just now</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="mobileconf_list_entry_sep"></div>
|
||||
</div>
|
||||
</div>
|
||||
<div id="mobileconf_done" class="mobileconf_done mobileconf_header" style="display: none">
|
||||
<div>All done</div>
|
||||
<div>You're all done, there's nothing left to confirm.</div>
|
||||
</div>
|
||||
|
||||
<div id="mobileconf_details" style="display: none">
|
||||
</div>
|
||||
|
||||
<div id="mobileconf_buttons" style="display: none">
|
||||
<div>
|
||||
<div class="mobileconf_button mobileconf_button_cancel">
|
||||
</div><div class="mobileconf_button mobileconf_button_accept">
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="mobileconf_throbber" style="display: none">
|
||||
<div style="text-align:center; margin: auto;">
|
||||
<img src="https://community.cloudflare.steamstatic.com/public/images/login/throbber.gif" alt="Loading">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div> <!-- responsive_page_legacy_content -->
|
||||
|
||||
<div id="footer_spacer" class=""></div>
|
||||
<div id="footer_responsive_optin_spacer"></div>
|
||||
<div id="footer">
|
||||
<div class="footer_content">
|
||||
<span id="footerLogo"><img src="https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1" width="96" height="26" border="0" alt="Valve Logo" /></span>
|
||||
<span id="footerText">
|
||||
© Valve Corporation. All rights reserved. All trademarks are property of their respective owners in the US and other countries.<br/>Some geospatial data on this website is provided by <a href="https://steamcommunity.com/linkfilter/?url=http://www.geonames.org" target="_blank" rel="noreferrer">geonames.org</a>. <br>
|
||||
<span class="valve_links">
|
||||
<a href="http://store.steampowered.com/privacy_agreement/" target="_blank">Privacy Policy</a>
|
||||
| <a href="https://store.steampowered.com/legal/" target="_blank">Legal</a>
|
||||
| <a href="http://store.steampowered.com/subscriber_agreement/" target="_blank">Steam Subscriber Agreement</a>
|
||||
| <a href="http://store.steampowered.com/account/cookiepreferences/" target="_blank">Cookies</a>
|
||||
</span>
|
||||
</span>
|
||||
</div>
|
||||
<div class="responsive_optin_link">
|
||||
<div class="btn_medium btnv6_grey_black" onclick="Responsive_RequestMobileView()">
|
||||
<span>View mobile website</span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div> <!-- responsive_page_content -->
|
||||
|
||||
</div> <!-- responsive_page_frame -->
|
||||
</body>
|
||||
</html>
|
|
@ -1,3 +1,4 @@
|
|||
pub use accountlinker::{AccountLinkError, AccountLinker, FinalizeLinkError};
|
||||
use anyhow::Result;
|
||||
pub use confirmation::{Confirmation, ConfirmationType};
|
||||
use hmacsha1::hmac_sha1;
|
||||
|
@ -9,7 +10,7 @@ use reqwest::{
|
|||
};
|
||||
use scraper::{Html, Selector};
|
||||
use serde::{Deserialize, Serialize};
|
||||
use std::{collections::HashMap, convert::TryInto, thread, time};
|
||||
use std::{collections::HashMap, convert::TryInto};
|
||||
pub use userlogin::{LoginError, UserLogin};
|
||||
#[macro_use]
|
||||
extern crate lazy_static;
|
||||
|
@ -18,6 +19,7 @@ extern crate anyhow;
|
|||
#[macro_use]
|
||||
extern crate maplit;
|
||||
|
||||
mod accountlinker;
|
||||
mod confirmation;
|
||||
pub mod steamapi;
|
||||
mod userlogin;
|
||||
|
@ -45,6 +47,7 @@ pub struct SteamGuardAccount {
|
|||
pub uri: String,
|
||||
pub fully_enrolled: bool,
|
||||
pub device_id: String,
|
||||
pub secret_1: String,
|
||||
#[serde(rename = "Session")]
|
||||
pub session: Option<steamapi::Session>,
|
||||
}
|
||||
|
@ -82,6 +85,7 @@ impl SteamGuardAccount {
|
|||
uri: String::from(""),
|
||||
fully_enrolled: false,
|
||||
device_id: String::from(""),
|
||||
secret_1: "".into(),
|
||||
session: Option::None,
|
||||
};
|
||||
}
|
||||
|
|
|
@ -7,12 +7,16 @@ use reqwest::{
|
|||
Url,
|
||||
};
|
||||
use serde::{Deserialize, Deserializer, Serialize};
|
||||
use serde_json::Value;
|
||||
use std::iter::FromIterator;
|
||||
use std::str::FromStr;
|
||||
use std::time::{SystemTime, UNIX_EPOCH};
|
||||
|
||||
use crate::SteamGuardAccount;
|
||||
|
||||
lazy_static! {
|
||||
static ref STEAM_COOKIE_URL: Url = "https://steamcommunity.com".parse::<Url>().unwrap();
|
||||
static ref STEAM_API_BASE: String = "https://api.steampowered.com".into();
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
|
@ -82,6 +86,7 @@ pub struct OAuthData {
|
|||
steamid: String,
|
||||
wgtoken: String,
|
||||
wgtoken_secure: String,
|
||||
#[serde(default)]
|
||||
webcookie: String,
|
||||
}
|
||||
|
||||
|
@ -93,7 +98,7 @@ pub struct Session {
|
|||
pub steam_login: String,
|
||||
#[serde(rename = "SteamLoginSecure")]
|
||||
pub steam_login_secure: String,
|
||||
#[serde(rename = "WebCookie")]
|
||||
#[serde(default, rename = "WebCookie")]
|
||||
pub web_cookie: String,
|
||||
#[serde(rename = "OAuthToken")]
|
||||
pub token: String,
|
||||
|
@ -114,7 +119,7 @@ pub fn get_server_time() -> i64 {
|
|||
.unwrap();
|
||||
}
|
||||
|
||||
/// Provides raw access to the Steam API. Handles cookies, some deserialization, etc. to make it easier.
|
||||
/// Provides raw access to the Steam API. Handles cookies, some deserialization, etc. to make it easier. It covers `ITwoFactorService` from the Steam web API, and some mobile app specific api endpoints.
|
||||
#[derive(Debug)]
|
||||
pub struct SteamApiClient {
|
||||
cookies: reqwest::cookie::Jar,
|
||||
|
@ -123,7 +128,7 @@ pub struct SteamApiClient {
|
|||
}
|
||||
|
||||
impl SteamApiClient {
|
||||
pub fn new() -> SteamApiClient {
|
||||
pub fn new(session: Option<Session>) -> SteamApiClient {
|
||||
SteamApiClient {
|
||||
cookies: reqwest::cookie::Jar::default(),
|
||||
client: reqwest::blocking::ClientBuilder::new()
|
||||
|
@ -134,17 +139,20 @@ impl SteamApiClient {
|
|||
}.into_iter()))
|
||||
.build()
|
||||
.unwrap(),
|
||||
session: None,
|
||||
session: session,
|
||||
}
|
||||
}
|
||||
|
||||
fn build_session(&self, data: &OAuthData) -> Session {
|
||||
trace!("SteamApiClient::build_session");
|
||||
return Session {
|
||||
token: data.oauth_token.clone(),
|
||||
steam_id: data.steamid.parse().unwrap(),
|
||||
steam_login: format!("{}%7C%7C{}", data.steamid, data.wgtoken),
|
||||
steam_login_secure: format!("{}%7C%7C{}", data.steamid, data.wgtoken_secure),
|
||||
session_id: self.extract_session_id().unwrap(),
|
||||
session_id: self
|
||||
.extract_session_id()
|
||||
.expect("failed to extract session id from cookies"),
|
||||
web_cookie: data.webcookie.clone(),
|
||||
};
|
||||
}
|
||||
|
@ -173,24 +181,35 @@ impl SteamApiClient {
|
|||
}
|
||||
}
|
||||
|
||||
pub fn request<U: reqwest::IntoUrl>(&self, method: reqwest::Method, url: U) -> RequestBuilder {
|
||||
pub fn request<U: reqwest::IntoUrl + std::fmt::Display>(
|
||||
&self,
|
||||
method: reqwest::Method,
|
||||
url: U,
|
||||
) -> RequestBuilder {
|
||||
trace!("making request: {} {}", method, url);
|
||||
self.cookies
|
||||
.add_cookie_str("mobileClientVersion=0 (2.1.3)", &STEAM_COOKIE_URL);
|
||||
self.cookies
|
||||
.add_cookie_str("mobileClient=android", &STEAM_COOKIE_URL);
|
||||
self.cookies
|
||||
.add_cookie_str("Steam_Language=english", &STEAM_COOKIE_URL);
|
||||
if let Some(session) = &self.session {
|
||||
self.cookies.add_cookie_str(
|
||||
format!("sessionid={}", session.session_id).as_str(),
|
||||
&STEAM_COOKIE_URL,
|
||||
);
|
||||
}
|
||||
|
||||
self.client
|
||||
.request(method, url)
|
||||
.header(COOKIE, self.cookies.cookies(&STEAM_COOKIE_URL).unwrap())
|
||||
}
|
||||
|
||||
pub fn get<U: reqwest::IntoUrl>(&self, url: U) -> RequestBuilder {
|
||||
pub fn get<U: reqwest::IntoUrl + std::fmt::Display>(&self, url: U) -> RequestBuilder {
|
||||
self.request(reqwest::Method::GET, url)
|
||||
}
|
||||
|
||||
pub fn post<U: reqwest::IntoUrl>(&self, url: U) -> RequestBuilder {
|
||||
pub fn post<U: reqwest::IntoUrl + std::fmt::Display>(&self, url: U) -> RequestBuilder {
|
||||
self.request(reqwest::Method::POST, url)
|
||||
}
|
||||
|
||||
|
@ -244,6 +263,7 @@ impl SteamApiClient {
|
|||
.post("https://steamcommunity.com/login/dologin")
|
||||
.form(¶ms)
|
||||
.send()?;
|
||||
self.save_cookies_from_response(&resp);
|
||||
let text = resp.text()?;
|
||||
trace!("raw login response: {}", text);
|
||||
|
||||
|
@ -289,6 +309,205 @@ impl SteamApiClient {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// One of the endpoints that handles phone number things. Can check to see if phone is present on account, and maybe do some other stuff. It's not really super clear.
|
||||
///
|
||||
/// Host: steamcommunity.com
|
||||
/// Endpoint: POST /steamguard/phoneajax
|
||||
/// Requires `sessionid` cookie to be set.
|
||||
fn phoneajax(&self, op: &str, arg: &str) -> anyhow::Result<bool> {
|
||||
let mut params = hashmap! {
|
||||
"op" => op,
|
||||
"arg" => arg,
|
||||
"sessionid" => self.session.as_ref().unwrap().session_id.as_str(),
|
||||
};
|
||||
if op == "check_sms_code" {
|
||||
params.insert("checkfortos", "0");
|
||||
params.insert("skipvoip", "1");
|
||||
}
|
||||
|
||||
let resp = self
|
||||
.post("https://steamcommunity.com/steamguard/phoneajax")
|
||||
.form(¶ms)
|
||||
.send()?;
|
||||
|
||||
trace!("phoneajax: status={}", resp.status());
|
||||
let result: Value = resp.json()?;
|
||||
trace!("phoneajax: {:?}", result);
|
||||
if result["has_phone"] != Value::Null {
|
||||
trace!("op: {} - found has_phone field", op);
|
||||
return result["has_phone"]
|
||||
.as_bool()
|
||||
.ok_or(anyhow!("failed to parse has_phone field into boolean"));
|
||||
} else if result["success"] != Value::Null {
|
||||
trace!("op: {} - found success field", op);
|
||||
return result["success"]
|
||||
.as_bool()
|
||||
.ok_or(anyhow!("failed to parse success field into boolean"));
|
||||
} else {
|
||||
trace!("op: {} - did not find any expected field", op);
|
||||
return Ok(false);
|
||||
}
|
||||
}
|
||||
|
||||
/// Works similar to phoneajax. Used in the process to add a phone number to a steam account.
|
||||
/// Valid ops:
|
||||
/// - get_phone_number => `input` is treated as a phone number to add to the account. Yes, this is somewhat counter intuitive.
|
||||
/// - resend_sms
|
||||
/// - get_sms_code => `input` is treated as a the SMS code that was texted to the phone number. Again, this is somewhat counter intuitive. After this succeeds, the phone number is added to the account.
|
||||
/// - email_verification => If the account is protected with steam guard email, a verification link is sent. After the link in the email is clicked, send this op. After, an SMS code is sent to the phone number.
|
||||
/// - retry_email_verification
|
||||
///
|
||||
/// Host: store.steampowered.com
|
||||
/// Endpoint: /phone/add_ajaxop
|
||||
fn phone_add_ajaxop(&self, op: &str, input: &str) -> anyhow::Result<()> {
|
||||
trace!("phone_add_ajaxop: op={} input={}", op, input);
|
||||
let params = hashmap! {
|
||||
"op" => op,
|
||||
"input" => input,
|
||||
"sessionid" => self.session.as_ref().unwrap().session_id.as_str(),
|
||||
};
|
||||
|
||||
let resp = self
|
||||
.post("https://store.steampowered.com/phone/add_ajaxop")
|
||||
.form(¶ms)
|
||||
.send()?;
|
||||
trace!("phone_add_ajaxop: http status={}", resp.status());
|
||||
let text = resp.text()?;
|
||||
trace!("phone_add_ajaxop response: {}", text);
|
||||
|
||||
todo!();
|
||||
}
|
||||
|
||||
pub fn has_phone(&self) -> anyhow::Result<bool> {
|
||||
return self.phoneajax("has_phone", "null");
|
||||
}
|
||||
|
||||
pub fn check_sms_code(&self, sms_code: String) -> anyhow::Result<bool> {
|
||||
return self.phoneajax("check_sms_code", sms_code.as_str());
|
||||
}
|
||||
|
||||
pub fn check_email_confirmation(&self) -> anyhow::Result<bool> {
|
||||
return self.phoneajax("email_confirmation", "");
|
||||
}
|
||||
|
||||
pub fn add_phone_number(&self, phone_number: String) -> anyhow::Result<bool> {
|
||||
// return self.phoneajax("add_phone_number", phone_number.as_str());
|
||||
todo!();
|
||||
}
|
||||
|
||||
/// Provides lots of juicy information, like if the number is a VOIP number.
|
||||
/// Host: store.steampowered.com
|
||||
/// Endpoint: POST /phone/validate
|
||||
/// Found on page: https://store.steampowered.com/phone/add
|
||||
pub fn phone_validate(&self, phone_number: String) -> anyhow::Result<bool> {
|
||||
let params = hashmap! {
|
||||
"sessionID" => "",
|
||||
"phoneNumber" => "",
|
||||
};
|
||||
|
||||
todo!();
|
||||
}
|
||||
|
||||
/// Starts the authenticator linking process.
|
||||
/// This doesn't check any prereqisites to ensure the request will pass validation on Steam's side (eg. sms/email confirmations).
|
||||
/// A valid `Session` is required for this request. Cookies are not needed for this request, but they are set anyway.
|
||||
///
|
||||
/// Host: api.steampowered.com
|
||||
/// Endpoint: POST /ITwoFactorService/AddAuthenticator/v0001
|
||||
pub fn add_authenticator(
|
||||
&mut self,
|
||||
device_id: String,
|
||||
) -> anyhow::Result<AddAuthenticatorResponse> {
|
||||
ensure!(matches!(self.session, Some(_)));
|
||||
let params = hashmap! {
|
||||
"access_token" => self.session.as_ref().unwrap().token.clone(),
|
||||
"steamid" => self.session.as_ref().unwrap().steam_id.to_string(),
|
||||
"authenticator_type" => "1".into(),
|
||||
"device_identifier" => device_id,
|
||||
"sms_phone_id" => "1".into(),
|
||||
};
|
||||
|
||||
let resp = self
|
||||
.post(format!(
|
||||
"{}/ITwoFactorService/AddAuthenticator/v0001",
|
||||
STEAM_API_BASE.to_string()
|
||||
))
|
||||
.form(¶ms)
|
||||
.send()?;
|
||||
self.save_cookies_from_response(&resp);
|
||||
let text = resp.text()?;
|
||||
trace!("raw add authenticator response: {}", text);
|
||||
|
||||
let resp: SteamApiResponse<AddAuthenticatorResponse> = serde_json::from_str(text.as_str())?;
|
||||
|
||||
Ok(resp.response)
|
||||
}
|
||||
|
||||
///
|
||||
/// Host: api.steampowered.com
|
||||
/// Endpoint: POST /ITwoFactorService/FinalizeAddAuthenticator/v0001
|
||||
pub fn finalize_authenticator(
|
||||
&self,
|
||||
sms_code: String,
|
||||
code_2fa: String,
|
||||
time_2fa: i64,
|
||||
) -> anyhow::Result<FinalizeAddAuthenticatorResponse> {
|
||||
ensure!(matches!(self.session, Some(_)));
|
||||
let params = hashmap! {
|
||||
"steamid" => self.session.as_ref().unwrap().steam_id.to_string(),
|
||||
"access_token" => self.session.as_ref().unwrap().token.clone(),
|
||||
"activation_code" => sms_code,
|
||||
"authenticator_code" => code_2fa,
|
||||
"authenticator_time" => time_2fa.to_string(),
|
||||
};
|
||||
|
||||
let resp = self
|
||||
.post(format!(
|
||||
"{}/ITwoFactorService/FinalizeAddAuthenticator/v0001",
|
||||
STEAM_API_BASE.to_string()
|
||||
))
|
||||
.form(¶ms)
|
||||
.send()?;
|
||||
|
||||
let text = resp.text()?;
|
||||
trace!("raw finalize authenticator response: {}", text);
|
||||
|
||||
let resp: SteamApiResponse<FinalizeAddAuthenticatorResponse> =
|
||||
serde_json::from_str(text.as_str())?;
|
||||
|
||||
return Ok(resp.response);
|
||||
}
|
||||
|
||||
/// Host: api.steampowered.com
|
||||
/// Endpoint: POST /ITwoFactorService/RemoveAuthenticator/v0001
|
||||
pub fn remove_authenticator(
|
||||
&self,
|
||||
revocation_code: String,
|
||||
) -> anyhow::Result<RemoveAuthenticatorResponse> {
|
||||
let params = hashmap! {
|
||||
"steamid" => self.session.as_ref().unwrap().steam_id.to_string(),
|
||||
"steamguard_scheme" => "2".into(),
|
||||
"revocation_code" => revocation_code,
|
||||
"access_token" => self.session.as_ref().unwrap().token.to_string(),
|
||||
};
|
||||
|
||||
let resp = self
|
||||
.post(format!(
|
||||
"{}/ITwoFactorService/RemoveAuthenticator/v0001",
|
||||
STEAM_API_BASE.to_string()
|
||||
))
|
||||
.form(¶ms)
|
||||
.send()?;
|
||||
|
||||
let text = resp.text()?;
|
||||
trace!("raw remove authenticator response: {}", text);
|
||||
|
||||
let resp: SteamApiResponse<RemoveAuthenticatorResponse> =
|
||||
serde_json::from_str(text.as_str())?;
|
||||
|
||||
return Ok(resp.response);
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
@ -329,3 +548,138 @@ fn test_login_response_parse() {
|
|||
);
|
||||
assert_eq!(oauth.webcookie, "6298070A226E5DAD49938D78BCF36F7A7118FDD5");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_login_response_parse_missing_webcookie() {
|
||||
let result = serde_json::from_str::<LoginResponse>(include_str!(
|
||||
"fixtures/api-responses/login-response-missing-webcookie.json"
|
||||
));
|
||||
|
||||
assert!(
|
||||
matches!(result, Ok(_)),
|
||||
"got error: {}",
|
||||
result.unwrap_err()
|
||||
);
|
||||
let resp = result.unwrap();
|
||||
|
||||
let oauth = resp.oauth.unwrap();
|
||||
assert_eq!(oauth.steamid, "92591609556178617");
|
||||
assert_eq!(oauth.oauth_token, "1cc83205dab2979e558534dab29f6f3aa");
|
||||
assert_eq!(oauth.wgtoken, "3EDA9DEF07D7B39361D95203525D8AFE82A");
|
||||
assert_eq!(oauth.wgtoken_secure, "F31641B9AFC2F8B0EE7B6F44D7E73EA3FA48");
|
||||
assert_eq!(oauth.webcookie, "");
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
pub struct SteamApiResponse<T> {
|
||||
pub response: T,
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
pub struct AddAuthenticatorResponse {
|
||||
/// Shared secret between server and authenticator
|
||||
#[serde(default)]
|
||||
pub shared_secret: String,
|
||||
/// Authenticator serial number (unique per token)
|
||||
#[serde(default)]
|
||||
pub serial_number: String,
|
||||
/// code used to revoke authenticator
|
||||
#[serde(default)]
|
||||
pub revocation_code: String,
|
||||
/// URI for QR code generation
|
||||
#[serde(default)]
|
||||
pub uri: String,
|
||||
/// Current server time
|
||||
#[serde(default, deserialize_with = "parse_json_string_as_number")]
|
||||
pub server_time: u64,
|
||||
/// Account name to display on token client
|
||||
#[serde(default)]
|
||||
pub account_name: String,
|
||||
/// Token GID assigned by server
|
||||
#[serde(default)]
|
||||
pub token_gid: String,
|
||||
/// Secret used for identity attestation (e.g., for eventing)
|
||||
#[serde(default)]
|
||||
pub identity_secret: String,
|
||||
/// Spare shared secret
|
||||
#[serde(default)]
|
||||
pub secret_1: String,
|
||||
/// Result code
|
||||
pub status: i32,
|
||||
}
|
||||
|
||||
impl AddAuthenticatorResponse {
|
||||
pub fn to_steam_guard_account(&self) -> SteamGuardAccount {
|
||||
SteamGuardAccount {
|
||||
shared_secret: self.shared_secret.clone(),
|
||||
serial_number: self.serial_number.clone(),
|
||||
revocation_code: self.revocation_code.clone(),
|
||||
uri: self.uri.clone(),
|
||||
server_time: self.server_time,
|
||||
account_name: self.account_name.clone(),
|
||||
token_gid: self.token_gid.clone(),
|
||||
identity_secret: self.identity_secret.clone(),
|
||||
secret_1: self.secret_1.clone(),
|
||||
fully_enrolled: false,
|
||||
device_id: "".into(),
|
||||
session: None,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
pub struct FinalizeAddAuthenticatorResponse {
|
||||
pub status: i32,
|
||||
#[serde(deserialize_with = "parse_json_string_as_number")]
|
||||
pub server_time: u64,
|
||||
pub want_more: bool,
|
||||
pub success: bool,
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
pub struct RemoveAuthenticatorResponse {
|
||||
pub success: bool,
|
||||
}
|
||||
|
||||
fn parse_json_string_as_number<'de, D>(deserializer: D) -> Result<u64, D::Error>
|
||||
where
|
||||
D: Deserializer<'de>,
|
||||
{
|
||||
// for some reason, deserializing to &str doesn't work but this does.
|
||||
let s: String = Deserialize::deserialize(deserializer)?;
|
||||
Ok(s.parse().unwrap())
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_parse_add_auth_response() {
|
||||
let result = serde_json::from_str::<SteamApiResponse<AddAuthenticatorResponse>>(include_str!(
|
||||
"fixtures/api-responses/add-authenticator-1.json"
|
||||
));
|
||||
|
||||
assert!(
|
||||
matches!(result, Ok(_)),
|
||||
"got error: {}",
|
||||
result.unwrap_err()
|
||||
);
|
||||
let resp = result.unwrap().response;
|
||||
|
||||
assert_eq!(resp.server_time, 1628559846);
|
||||
assert_eq!(resp.shared_secret, "wGwZx=sX5MmTxi6QgA3Gi");
|
||||
assert_eq!(resp.revocation_code, "R123456");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_parse_add_auth_response2() {
|
||||
let result = serde_json::from_str::<SteamApiResponse<AddAuthenticatorResponse>>(include_str!(
|
||||
"fixtures/api-responses/add-authenticator-2.json"
|
||||
));
|
||||
|
||||
assert!(
|
||||
matches!(result, Ok(_)),
|
||||
"got error: {}",
|
||||
result.unwrap_err()
|
||||
);
|
||||
let resp = result.unwrap().response;
|
||||
|
||||
assert_eq!(resp.status, 29);
|
||||
}
|
||||
|
|
|
@ -61,7 +61,7 @@ impl UserLogin {
|
|||
twofactor_code: String::from(""),
|
||||
email_code: String::from(""),
|
||||
steam_id: 0,
|
||||
client: SteamApiClient::new(),
|
||||
client: SteamApiClient::new(None),
|
||||
};
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue