How i can authentication on steam site?

可紊 提交于 2019-12-11 01:28:17

问题


I try to login on steam using the following code.

steamcommunity.com/login/getrsakey first request is successful.

Request a steamcommunity.com/login/dologin/ all the time gives an error incorrect login.

Perhaps dealing with encryption password or need to add ssl.

I use to encrypt library on http://phpseclib.sourceforge.net/

function geturl($url, $ref, $cookie, $postdata, $header, &$info, &$output)
    {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
        curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
        curl_setopt ($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.154 Safari/537.36');
        if ($ref)
        {
            curl_setopt($ch, CURLOPT_REFERER, $ref);
        }
        if ($cookie)
        {
            curl_setopt($ch, CURLOPT_COOKIE, $cookie);
        }

        if ($postdata)
        {
            curl_setopt($ch, CURLOPT_POST, true);
            $postStr = "";
            foreach ($postdata as $key => $value)
            {
                if ($postStr)
                    $postStr .= "&";
                $postStr .= $key . "=" . $value;
            }
            curl_setopt($ch, CURLOPT_POSTFIELDS, $postStr);
        }

        curl_setopt($ch, CURLOPT_HEADER, $header);
        $info = curl_getinfo($ch);
        $output = curl_exec($ch);
        curl_close($ch);
    }
geturl("https://steamcommunity.com/login/getrsakey", null, null, array('username' => $login), 0, $info, $output);
$data = json_decode($output, true);

if ($data['success'] === true)
{
    $publickey_exp = $data['publickey_exp'];
    $publickey_mod = $data['publickey_mod'];
    $RSA = new Crypt_RSA();
    $RSA->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
    $n = new Math_BigInteger($publickey_mod, 16);
    $e = new Math_BigInteger($publickey_exp, 16);

    $key = array("modulus"=>$n, "publicExponent"=>$e);
    $RSA->loadKey($key, CRYPT_RSA_PUBLIC_FORMAT_RAW);
    $encryptedPassword = base64_encode($RSA->encrypt($password, false));
    $captchaGid = -1;
    $captchaText;
    $emailAuth;
    $emailSteamId;

        $params = array(
            'username' => $login,
            'password' => $encryptedPassword,
            'rsatimestamp' => $data['timestamp'],
            'captcha_gid' => $captchaGid,
            'captcha_text' => $captchaText,
            'emailauth' => $emailAuth,
            'emailsteamid' => $emailSteamId
        );
        geturl("https://steamcommunity.com/login/dologin/", null, null, $params, 0, $info, $output);
        $data = json_decode($output, true);
        var_dump($data);
        if ($data['captcha_needed'])
        {
            $captchaGid = $data['captcha_gid'];
            echo '<img src="https://steamcommunity.com/public/captcha.php?gid=' . $captchaGid . '">';
        }
}

回答1:


I think it would be better to use third-part libraries to auth. Check this one: https://github.com/SmItH197/SteamAuthentication

It creates login button like "Sign in via Facebook".

EDIT: Steam has alsow his own API https://steamcommunity.com/dev




回答2:


I can't be sure, but it looks like you are attempting to log a user into your site using Steam as the login method. Is this what you are attempting to do? If so, I recommend using the LightOpenID library.

<?php
require 'includes/lightopenid/openid.php';
$_STEAMAPI = "YOURSTEAMAPIKEY";
try 
{
    $openid = new LightOpenID('http://URL.TO.REDIRECT.TO.AFTER.LOGIN/');
    if(!$openid->mode) 
    {
        if(isset($_GET['login'])) 
        {
            $openid->identity = 'http://steamcommunity.com/openid/?l=english';    // This is forcing english because it has a weird habit of selecting a random language otherwise
            header('Location: ' . $openid->authUrl());
        }
?>
<form action="?login" method="post">
    <input type="image" src="http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_small.png">
</form>
<?php
    } 
    elseif($openid->mode == 'cancel') 
    {
        echo 'User has canceled authentication!';
    } 
    else 
    {
        if($openid->validate()) 
        {
                $id = $openid->identity;
                // identity is something like: http://steamcommunity.com/openid/id/76561197960435530
                // we only care about the unique account ID at the end of the URL.
                $ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
                preg_match($ptn, $id, $matches);
                echo "User is logged in (steamID: $matches[1])\n";
// $matches[1] is the profile ID you will want to use for additional API calls

        } 
        else 
        {
                echo "User is not logged in.\n";
        }
    }
} 
catch(ErrorException $e) 
{
    echo $e->getMessage();
}
?>

At the end of this login, you will have the user's profile ID (ie. 76561197960435530) which you can use against many of the API's that Steam provides to gather further information on the player.




回答3:


Use "urlencode()" function

$encryptedPassword = urlencode(base64_encode($RSA->encrypt($password, false)));


来源:https://stackoverflow.com/questions/22749711/how-i-can-authentication-on-steam-site

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!