435 lines
23 KiB
Protocol Buffer
435 lines
23 KiB
Protocol Buffer
import "steammessages_base.proto";
|
|
import "steammessages_unified_base.steamclient.proto";
|
|
import "enums.proto";
|
|
|
|
option cc_generic_services = true;
|
|
|
|
enum EAuthTokenPlatformType {
|
|
k_EAuthTokenPlatformType_Unknown = 0;
|
|
k_EAuthTokenPlatformType_SteamClient = 1;
|
|
k_EAuthTokenPlatformType_WebBrowser = 2;
|
|
k_EAuthTokenPlatformType_MobileApp = 3;
|
|
}
|
|
|
|
enum EAuthSessionGuardType {
|
|
k_EAuthSessionGuardType_Unknown = 0;
|
|
k_EAuthSessionGuardType_None = 1;
|
|
k_EAuthSessionGuardType_EmailCode = 2;
|
|
k_EAuthSessionGuardType_DeviceCode = 3;
|
|
k_EAuthSessionGuardType_DeviceConfirmation = 4;
|
|
k_EAuthSessionGuardType_EmailConfirmation = 5;
|
|
k_EAuthSessionGuardType_MachineToken = 6;
|
|
k_EAuthSessionGuardType_LegacyMachineAuth = 7;
|
|
}
|
|
|
|
enum EAuthSessionSecurityHistory {
|
|
k_EAuthSessionSecurityHistory_Invalid = 0;
|
|
k_EAuthSessionSecurityHistory_UsedPreviously = 1;
|
|
k_EAuthSessionSecurityHistory_NoPriorHistory = 2;
|
|
}
|
|
|
|
enum ETokenRenewalType {
|
|
k_ETokenRenewalType_None = 0;
|
|
k_ETokenRenewalType_Allow = 1;
|
|
}
|
|
|
|
enum EAuthTokenRevokeAction {
|
|
k_EAuthTokenRevokeLogout = 0;
|
|
k_EAuthTokenRevokePermanent = 1;
|
|
k_EAuthTokenRevokeReplaced = 2;
|
|
k_EAuthTokenRevokeSupport = 3;
|
|
k_EAuthTokenRevokeConsume = 4;
|
|
k_EAuthTokenRevokeNonRememberedLogout = 5;
|
|
k_EAuthTokenRevokeNonRememberedPermanent = 6;
|
|
k_EAuthTokenRevokeAutomatic = 7;
|
|
}
|
|
|
|
enum EAuthTokenState {
|
|
k_EAuthTokenState_Invalid = 0;
|
|
k_EAuthTokenState_New = 1;
|
|
k_EAuthTokenState_Confirmed = 2;
|
|
k_EAuthTokenState_Issued = 3;
|
|
k_EAuthTokenState_Denied = 4;
|
|
k_EAuthTokenState_LoggedOut = 5;
|
|
k_EAuthTokenState_Consumed = 6;
|
|
k_EAuthTokenState_Revoked = 99;
|
|
}
|
|
|
|
message CAuthentication_GetPasswordRSAPublicKey_Request {
|
|
optional string account_name = 1 [(description) = "user-provided account name to get an RSA key for"];
|
|
}
|
|
|
|
message CAuthentication_GetPasswordRSAPublicKey_Response {
|
|
optional string publickey_mod = 1 [(description) = "the public key modulus"];
|
|
optional string publickey_exp = 2 [(description) = "the public key exponent"];
|
|
optional uint64 timestamp = 3 [(description) = "the timestamp the key was generated"];
|
|
}
|
|
|
|
message CAuthentication_DeviceDetails {
|
|
optional string device_friendly_name = 1 [(description) = "User-supplied, or client-supplied, friendly name of device"];
|
|
optional .EAuthTokenPlatformType platform_type = 2 [default = k_EAuthTokenPlatformType_Unknown, (description) = "EAuthTokenPlatformType, claimed, of device"];
|
|
optional int32 os_type = 3 [(description) = "EOSType, claimed, of authorized device"];
|
|
optional uint32 gaming_device_type = 4 [(description) = "EGamingDeviceType, claimed, of authorized device for steam client-type devices"];
|
|
optional uint32 client_count = 5 [(description) = "For desktop clients, quantized number of users in history"];
|
|
optional bytes machine_id = 6 [(description) = "Additional device context"];
|
|
}
|
|
|
|
message CAuthentication_BeginAuthSessionViaQR_Request {
|
|
optional string device_friendly_name = 1;
|
|
optional .EAuthTokenPlatformType platform_type = 2 [default = k_EAuthTokenPlatformType_Unknown];
|
|
optional .CAuthentication_DeviceDetails device_details = 3 [(description) = "User-supplied details about the device attempting to sign in"];
|
|
optional string website_id = 4 [default = "Unknown", (description) = "(EMachineAuthWebDomain) identifier of client requesting auth"];
|
|
}
|
|
|
|
message CAuthentication_AllowedConfirmation {
|
|
optional .EAuthSessionGuardType confirmation_type = 1 [default = k_EAuthSessionGuardType_Unknown, (description) = "authentication can proceed with this confirmation type"];
|
|
optional string associated_message = 2 [(description) = "message to be interpreted depending on the confirmation type. for email confirmation, this might be the redacted email address to which email was sent."];
|
|
}
|
|
|
|
message CAuthentication_BeginAuthSessionViaQR_Response {
|
|
optional uint64 client_id = 1 [(description) = "unique identifier of requestor, also used for routing, portion of QR code"];
|
|
optional string challenge_url = 2 [(description) = "URL based on client ID, which will be rendered as QR code"];
|
|
optional bytes request_id = 3 [(description) = "unique request ID to be presented by requestor at poll time - must not be rendered in QR"];
|
|
optional float interval = 4 [(description) = "refresh interval with which requestor should call PollAuthSessionStatus"];
|
|
repeated .CAuthentication_AllowedConfirmation allowed_confirmations = 5 [(description) = "the confirmation types that will be able to confirm the request"];
|
|
optional int32 version = 6 [(description) = "version of the QR data"];
|
|
}
|
|
|
|
message CAuthentication_BeginAuthSessionViaCredentials_Request {
|
|
optional string device_friendly_name = 1;
|
|
optional string account_name = 2;
|
|
optional string encrypted_password = 3 [(description) = "password, RSA encrypted client side"];
|
|
optional uint64 encryption_timestamp = 4 [(description) = "timestamp to map to a key - STime"];
|
|
optional bool remember_login = 5 [(description) = "deprecated"];
|
|
optional .EAuthTokenPlatformType platform_type = 6 [default = k_EAuthTokenPlatformType_Unknown];
|
|
optional .ESessionPersistence persistence = 7 [default = k_ESessionPersistence_Persistent, (description) = "whether we are requesting a persistent or an ephemeral session"];
|
|
optional string website_id = 8 [default = "Unknown", (description) = "(EMachineAuthWebDomain) identifier of client requesting auth"];
|
|
optional .CAuthentication_DeviceDetails device_details = 9 [(description) = "User-supplied details about the device attempting to sign in"];
|
|
optional string guard_data = 10 [(description) = "steam guard data for client login"];
|
|
optional uint32 language = 11;
|
|
optional int32 qos_level = 12 [default = 2, (description) = "[ENetQOSLevel] client-specified priority for this auth attempt"];
|
|
}
|
|
|
|
message CAuthentication_BeginAuthSessionViaCredentials_Response {
|
|
optional uint64 client_id = 1 [(description) = "unique identifier of requestor, also used for routing"];
|
|
optional bytes request_id = 2 [(description) = "unique request ID to be presented by requestor at poll time - must not be transferred or displayed"];
|
|
optional float interval = 3 [(description) = "refresh interval with which requestor should call PollAuthSessionStatus"];
|
|
repeated .CAuthentication_AllowedConfirmation allowed_confirmations = 4 [(description) = "the confirmation types that will be able to confirm the request"];
|
|
optional uint64 steamid = 5 [(description) = "steamid of the account logging in - will only be included if the credentials were correct"];
|
|
optional string weak_token = 6 [(description) = "partial-authentication token - limited lifetime and scope, included only if credentials were valid"];
|
|
optional string agreement_session_url = 7 [(description) = "agreement the user needs to agree to"];
|
|
optional string extended_error_message = 8 [(description) = "error string to display if supported by the client"];
|
|
}
|
|
|
|
message CAuthentication_PollAuthSessionStatus_Request {
|
|
optional uint64 client_id = 1;
|
|
optional bytes request_id = 2;
|
|
optional fixed64 token_to_revoke = 3 [(description) = "If this is set to a token owned by this user, that token will be retired"];
|
|
}
|
|
|
|
message CAuthentication_PollAuthSessionStatus_Response {
|
|
optional uint64 new_client_id = 1 [(description) = "if challenge is old, this is the new client id"];
|
|
optional string new_challenge_url = 2 [(description) = "if challenge is old, this is the new challenge ID to re-render for mobile confirmation"];
|
|
optional string refresh_token = 3 [(description) = "if login has been confirmed, this is the requestor's new refresh token"];
|
|
optional string access_token = 4 [(description) = "if login has been confirmed, this is a new token subordinate to refresh_token"];
|
|
optional bool had_remote_interaction = 5 [(description) = "whether or not the auth session appears to have had remote interaction from a potential confirmer"];
|
|
optional string account_name = 6 [(description) = "account name of authenticating account, for use by UI layer"];
|
|
optional string new_guard_data = 7 [(description) = "if login has been confirmed, may contain remembered machine ID for future login"];
|
|
optional string agreement_session_url = 8 [(description) = "agreement the user needs to agree to"];
|
|
}
|
|
|
|
message CAuthentication_GetAuthSessionInfo_Request {
|
|
optional uint64 client_id = 1 [(description) = "client ID from scanned QR Code, used for routing"];
|
|
}
|
|
|
|
message CAuthentication_GetAuthSessionInfo_Response {
|
|
optional string ip = 1 [(description) = "IP address of requestor"];
|
|
optional string geoloc = 2 [(description) = "geoloc info of requestor"];
|
|
optional string city = 3 [(description) = "city of requestor"];
|
|
optional string state = 4 [(description) = "state of requestor"];
|
|
optional string country = 5 [(description) = "country of requestor"];
|
|
optional .EAuthTokenPlatformType platform_type = 6 [default = k_EAuthTokenPlatformType_Unknown, (description) = "platform type of requestor"];
|
|
optional string device_friendly_name = 7 [(description) = "name of requestor device"];
|
|
optional int32 version = 8 [(description) = "version field"];
|
|
optional .EAuthSessionSecurityHistory login_history = 9 [default = k_EAuthSessionSecurityHistory_Invalid, (description) = "whether the ip has previuously been used on the account successfully"];
|
|
optional bool requestor_location_mismatch = 10 [(description) = "whether the requestor location matches this requests location"];
|
|
optional bool high_usage_login = 11 [(description) = "whether this login has seen high usage recently"];
|
|
optional .ESessionPersistence requested_persistence = 12 [default = k_ESessionPersistence_Invalid, (description) = "session persistence requestor has indicated they want"];
|
|
}
|
|
|
|
message CAuthentication_UpdateAuthSessionWithMobileConfirmation_Request {
|
|
optional int32 version = 1 [(description) = "version field"];
|
|
optional uint64 client_id = 2 [(description) = "pending client ID, from scanned QR Code"];
|
|
optional fixed64 steamid = 3 [(description) = "user who wants to login"];
|
|
optional bytes signature = 4 [(description) = "HMAC digest over {version,client_id,steamid} via user's private key"];
|
|
optional bool confirm = 5 [default = false, (description) = "Whether to confirm the login (true) or deny the login (false)"];
|
|
optional .ESessionPersistence persistence = 6 [default = k_ESessionPersistence_Persistent, (description) = "whether we are requesting a persistent or an ephemeral session"];
|
|
}
|
|
|
|
message CAuthentication_UpdateAuthSessionWithMobileConfirmation_Response {
|
|
}
|
|
|
|
message CAuthentication_UpdateAuthSessionWithSteamGuardCode_Request {
|
|
optional uint64 client_id = 1 [(description) = "pending client ID, from initialized session"];
|
|
optional fixed64 steamid = 2 [(description) = "user who wants to login"];
|
|
optional string code = 3 [(description) = "confirmation code"];
|
|
optional .EAuthSessionGuardType code_type = 4 [default = k_EAuthSessionGuardType_Unknown, (description) = "type of confirmation code"];
|
|
}
|
|
|
|
message CAuthentication_UpdateAuthSessionWithSteamGuardCode_Response {
|
|
optional string agreement_session_url = 7 [(description) = "agreement the user needs to agree to"];
|
|
}
|
|
|
|
message CAuthentication_AccessToken_GenerateForApp_Request {
|
|
optional string refresh_token = 1;
|
|
optional fixed64 steamid = 2;
|
|
optional .ETokenRenewalType renewal_type = 3 [default = k_ETokenRenewalType_None];
|
|
}
|
|
|
|
message CAuthentication_AccessToken_GenerateForApp_Response {
|
|
optional string access_token = 1;
|
|
optional string refresh_token = 2;
|
|
}
|
|
|
|
message CAuthentication_RefreshToken_Enumerate_Request {
|
|
}
|
|
|
|
message CAuthentication_RefreshToken_Enumerate_Response {
|
|
message TokenUsageEvent {
|
|
optional uint32 time = 1 [(description) = "Approximate time of history event (may be deliberately fuzzed or omitted)"];
|
|
optional .CMsgIPAddress ip = 2 [(description) = "IP at which event was observed"];
|
|
optional string locale = 3;
|
|
optional string country = 4 [(description) = "Location (country code) of event, as inferred from IP"];
|
|
optional string state = 5 [(description) = "Location (state code) of event, as inferred from IP"];
|
|
optional string city = 6 [(description) = "Location (city) of event, as inferred from IP"];
|
|
}
|
|
|
|
message RefreshTokenDescription {
|
|
optional fixed64 token_id = 1 [(description) = "Persistent token/device identifier"];
|
|
optional string token_description = 2 [(description) = "client-supplied friendly name for the device"];
|
|
optional uint32 time_updated = 3;
|
|
optional .EAuthTokenPlatformType platform_type = 4 [default = k_EAuthTokenPlatformType_Unknown, (description) = "gross platform type (mobile/client/browser)"];
|
|
optional bool logged_in = 5 [(description) = "If true, this token is currently valid. False indicates it is a machine token - ok for steamguard if you know the credential"];
|
|
optional uint32 os_platform = 6 [(description) = "EPlatformType - rough classification of device OS, if known"];
|
|
optional uint32 auth_type = 7 [(description) = "EAuthTokenGuardType - device authorization mechanism, if known"];
|
|
optional uint32 gaming_device_type = 8 [(description) = "EGamingDeviceType - classify console/PC/SteamDeck, if known; applies only for Steam Client devices"];
|
|
optional .CAuthentication_RefreshToken_Enumerate_Response.TokenUsageEvent first_seen = 9 [(description) = "Information about original authorization event"];
|
|
optional .CAuthentication_RefreshToken_Enumerate_Response.TokenUsageEvent last_seen = 10 [(description) = "Information about most-recently seen, if known for this device"];
|
|
optional int32 os_type = 11 [(description) = "EOSType - specific device OS, if known"];
|
|
}
|
|
|
|
repeated .CAuthentication_RefreshToken_Enumerate_Response.RefreshTokenDescription refresh_tokens = 1;
|
|
optional fixed64 requesting_token = 2;
|
|
}
|
|
|
|
message CAuthentication_GetAuthSessionsForAccount_Request {
|
|
}
|
|
|
|
message CAuthentication_GetAuthSessionsForAccount_Response {
|
|
repeated uint64 client_ids = 1 [(description) = "unique identifier of requestor, also used for routing"];
|
|
}
|
|
|
|
message CAuthentication_MigrateMobileSession_Request {
|
|
optional fixed64 steamid = 1 [(description) = "Steam ID of the user to migrate"];
|
|
optional string token = 2 [(description) = "WG Token to migrate"];
|
|
optional string signature = 3 [(description) = "Signature over the wg token using the user's 2FA token"];
|
|
}
|
|
|
|
message CAuthentication_MigrateMobileSession_Response {
|
|
optional string refresh_token = 1;
|
|
optional string access_token = 2;
|
|
}
|
|
|
|
message CAuthentication_Token_Revoke_Request {
|
|
optional string token = 1;
|
|
optional .EAuthTokenRevokeAction revoke_action = 2 [default = k_EAuthTokenRevokePermanent, (description) = "Select between logout and logout-and-forget-machine"];
|
|
}
|
|
|
|
message CAuthentication_Token_Revoke_Response {
|
|
}
|
|
|
|
message CAuthentication_RefreshToken_Revoke_Request {
|
|
optional fixed64 token_id = 1;
|
|
optional fixed64 steamid = 2 [(description) = "Token holder if an admin action on behalf of another user"];
|
|
optional .EAuthTokenRevokeAction revoke_action = 3 [default = k_EAuthTokenRevokePermanent, (description) = "Select between logout and logout-and-forget-machine"];
|
|
optional bytes signature = 4 [(description) = "required signature over token_id"];
|
|
}
|
|
|
|
message CAuthentication_RefreshToken_Revoke_Response {
|
|
}
|
|
|
|
message CAuthenticationSupport_QueryRefreshTokensByAccount_Request {
|
|
optional fixed64 steamid = 1 [(description) = "SteamID of the account to query (required)"];
|
|
optional bool include_revoked_tokens = 2 [(description) = "Includes tokens that are revoked or expired in the query"];
|
|
}
|
|
|
|
message CSupportRefreshTokenDescription {
|
|
message TokenUsageEvent {
|
|
optional uint32 time = 1 [(description) = "Approximate time of history event (may be deliberately fuzzed or omitted)"];
|
|
optional .CMsgIPAddress ip = 2 [(description) = "IP at which event was observed"];
|
|
optional string country = 3 [(description) = "Location (country code) of event, as inferred from IP"];
|
|
optional string state = 4 [(description) = "Location (state code) of event, as inferred from IP"];
|
|
optional string city = 5 [(description) = "Location (city) of event, as inferred from IP"];
|
|
}
|
|
|
|
optional fixed64 token_id = 1;
|
|
optional string token_description = 2;
|
|
optional uint32 time_updated = 3;
|
|
optional .EAuthTokenPlatformType platform_type = 4 [default = k_EAuthTokenPlatformType_Unknown];
|
|
optional .EAuthTokenState token_state = 5 [default = k_EAuthTokenState_Invalid];
|
|
optional fixed64 owner_steamid = 6;
|
|
optional uint32 os_platform = 7 [(description) = "EPlatformType - rough classification of device OS, if known"];
|
|
optional int32 os_type = 8 [(description) = "EOSType - specific device OS, if known"];
|
|
optional uint32 auth_type = 9 [(description) = "EAuthTokenGuardType - device authorization mechanism, if known"];
|
|
optional uint32 gaming_device_type = 10 [(description) = "EGamingDeviceType - classify console/PC/SteamDeck, if known; applies only for Steam Client devices"];
|
|
optional .CSupportRefreshTokenDescription.TokenUsageEvent first_seen = 11 [(description) = "Information about original authorization event"];
|
|
optional .CSupportRefreshTokenDescription.TokenUsageEvent last_seen = 12 [(description) = "Information about most-recently seen, if known for this device"];
|
|
}
|
|
|
|
message CAuthenticationSupport_QueryRefreshTokensByAccount_Response {
|
|
repeated .CSupportRefreshTokenDescription refresh_tokens = 1;
|
|
optional int32 last_token_reset = 2;
|
|
}
|
|
|
|
message CAuthenticationSupport_QueryRefreshTokenByID_Request {
|
|
optional fixed64 token_id = 1 [(description) = "Token ID of the token to look up (required)"];
|
|
}
|
|
|
|
message CAuthenticationSupport_QueryRefreshTokenByID_Response {
|
|
repeated .CSupportRefreshTokenDescription refresh_tokens = 1;
|
|
}
|
|
|
|
message CAuthenticationSupport_RevokeToken_Request {
|
|
optional fixed64 token_id = 1 [(description) = "Token ID of the token to revoke (required)"];
|
|
optional fixed64 steamid = 2 [(description) = "Steam ID of the owner of that token (required)"];
|
|
}
|
|
|
|
message CAuthenticationSupport_RevokeToken_Response {
|
|
}
|
|
|
|
message CAuthenticationSupport_GetTokenHistory_Request {
|
|
optional fixed64 token_id = 1 [(description) = "Token ID of the token to get history for (required)"];
|
|
}
|
|
|
|
message CSupportRefreshTokenAudit {
|
|
optional int32 action = 1;
|
|
optional uint32 time = 2;
|
|
optional .CMsgIPAddress ip = 3;
|
|
optional fixed64 actor = 4;
|
|
}
|
|
|
|
message CAuthenticationSupport_GetTokenHistory_Response {
|
|
repeated .CSupportRefreshTokenAudit history = 1;
|
|
}
|
|
|
|
message CCloudGaming_CreateNonce_Request {
|
|
optional string platform = 1;
|
|
optional uint32 appid = 2;
|
|
}
|
|
|
|
message CCloudGaming_CreateNonce_Response {
|
|
optional string nonce = 1;
|
|
optional uint32 expiry = 2;
|
|
}
|
|
|
|
message CCloudGaming_GetTimeRemaining_Request {
|
|
optional string platform = 1;
|
|
repeated uint32 appid_list = 2;
|
|
}
|
|
|
|
message CCloudGaming_TimeRemaining {
|
|
optional uint32 appid = 1;
|
|
optional uint32 minutes_remaining = 2;
|
|
}
|
|
|
|
message CCloudGaming_GetTimeRemaining_Response {
|
|
repeated .CCloudGaming_TimeRemaining entries = 2;
|
|
}
|
|
|
|
service Authentication {
|
|
option (service_description) = "Authentication Service";
|
|
|
|
rpc GetPasswordRSAPublicKey (.CAuthentication_GetPasswordRSAPublicKey_Request) returns (.CAuthentication_GetPasswordRSAPublicKey_Response) {
|
|
option (method_description) = "Fetches RSA public key to use to encrypt passwords for a given account name";
|
|
}
|
|
|
|
rpc BeginAuthSessionViaQR (.CAuthentication_BeginAuthSessionViaQR_Request) returns (.CAuthentication_BeginAuthSessionViaQR_Response) {
|
|
option (method_description) = "start authentication process";
|
|
}
|
|
|
|
rpc BeginAuthSessionViaCredentials (.CAuthentication_BeginAuthSessionViaCredentials_Request) returns (.CAuthentication_BeginAuthSessionViaCredentials_Response) {
|
|
option (method_description) = "start authentication process";
|
|
}
|
|
|
|
rpc PollAuthSessionStatus (.CAuthentication_PollAuthSessionStatus_Request) returns (.CAuthentication_PollAuthSessionStatus_Response) {
|
|
option (method_description) = "poll during authentication process";
|
|
}
|
|
|
|
rpc GetAuthSessionInfo (.CAuthentication_GetAuthSessionInfo_Request) returns (.CAuthentication_GetAuthSessionInfo_Response) {
|
|
option (method_description) = "get metadata of specific auth session, this will also implicitly bind the calling account";
|
|
}
|
|
|
|
rpc UpdateAuthSessionWithMobileConfirmation (.CAuthentication_UpdateAuthSessionWithMobileConfirmation_Request) returns (.CAuthentication_UpdateAuthSessionWithMobileConfirmation_Response) {
|
|
option (method_description) = "approve an authentication session via mobile 2fa";
|
|
}
|
|
|
|
rpc UpdateAuthSessionWithSteamGuardCode (.CAuthentication_UpdateAuthSessionWithSteamGuardCode_Request) returns (.CAuthentication_UpdateAuthSessionWithSteamGuardCode_Response) {
|
|
option (method_description) = "approve an authentication session via steam guard code";
|
|
}
|
|
|
|
rpc GenerateAccessTokenForApp (.CAuthentication_AccessToken_GenerateForApp_Request) returns (.CAuthentication_AccessToken_GenerateForApp_Response) {
|
|
option (method_description) = "Given a refresh token for a client app audience (e.g. desktop client / mobile client), generate an access token";
|
|
}
|
|
|
|
rpc EnumerateTokens (.CAuthentication_RefreshToken_Enumerate_Request) returns (.CAuthentication_RefreshToken_Enumerate_Response) {
|
|
option (method_description) = "Enumerate durable (refresh) tokens for the given subject account";
|
|
}
|
|
|
|
rpc GetAuthSessionsForAccount (.CAuthentication_GetAuthSessionsForAccount_Request) returns (.CAuthentication_GetAuthSessionsForAccount_Response) {
|
|
option (method_description) = "Gets all active auth sessions for an account for reference by the mobile app";
|
|
}
|
|
|
|
rpc MigrateMobileSession (.CAuthentication_MigrateMobileSession_Request) returns (.CAuthentication_MigrateMobileSession_Response) {
|
|
option (method_description) = "Migrates a WG token to an access and refresh token using a signature generated with the user's 2FA secret";
|
|
}
|
|
|
|
rpc RevokeToken (.CAuthentication_Token_Revoke_Request) returns (.CAuthentication_Token_Revoke_Response) {
|
|
option (method_description) = "Revoke a single token immediately, making it unable to renew or generate new access tokens";
|
|
}
|
|
|
|
rpc RevokeRefreshToken (.CAuthentication_RefreshToken_Revoke_Request) returns (.CAuthentication_RefreshToken_Revoke_Response) {
|
|
option (method_description) = "Mark the given refresh token as revoked";
|
|
}
|
|
}
|
|
|
|
service AuthenticationSupport {
|
|
option (service_description) = "Authentication Support Service";
|
|
|
|
rpc QueryRefreshTokensByAccount (.CAuthenticationSupport_QueryRefreshTokensByAccount_Request) returns (.CAuthenticationSupport_QueryRefreshTokensByAccount_Response) {
|
|
option (method_description) = "Asks the server for a list of refresh tokens associated with an account";
|
|
}
|
|
|
|
rpc QueryRefreshTokenByID (.CAuthenticationSupport_QueryRefreshTokenByID_Request) returns (.CAuthenticationSupport_QueryRefreshTokenByID_Response) {
|
|
option (method_description) = "Asks the server for a list of refresh tokens associated with an account";
|
|
}
|
|
|
|
rpc RevokeToken (.CAuthenticationSupport_RevokeToken_Request) returns (.CAuthenticationSupport_RevokeToken_Response) {
|
|
option (method_description) = "Revokes a user's auth token";
|
|
}
|
|
|
|
rpc GetTokenHistory (.CAuthenticationSupport_GetTokenHistory_Request) returns (.CAuthenticationSupport_GetTokenHistory_Response) {
|
|
option (method_description) = "Gets the audit history for a user's auth token";
|
|
}
|
|
}
|
|
|
|
service CloudGaming {
|
|
option (service_description) = "Methods for Steam cloud gaming operations";
|
|
|
|
rpc CreateNonce (.CCloudGaming_CreateNonce_Request) returns (.CCloudGaming_CreateNonce_Response) {
|
|
option (method_description) = "Create a nonce for a cloud gaming service session";
|
|
}
|
|
|
|
rpc GetTimeRemaining (.CCloudGaming_GetTimeRemaining_Request) returns (.CCloudGaming_GetTimeRemaining_Response) {
|
|
option (method_description) = "Get the amount of streaming time remaining for a set of apps";
|
|
}
|
|
}
|