/** * Constructor. * * @param string $username * @param Client $client * * @throws SteamLoginException In case of errors */ public function __construct($username, Client $client) { $responseBody = Utils::jsonBody($client->post(SteamLogin::STEAMCOMM_WEBSITE . '/login/getrsakey/', array('form_params' => ['donotcache' => Utils::microtime_ms(true), 'username' => $username]))); $this->publickey_mod = new BigInteger($responseBody->publickey_mod, 16); $this->publickey_exp = new BigInteger($responseBody->publickey_exp, 16); $this->timestamp = $responseBody->timestamp; $this->rsa_key = new RSA(); $this->rsa_key->setEncryptionMode(RSA::ENCRYPTION_PKCS1); $this->rsa_key->loadKey(array('e' => $this->publickey_exp, 'n' => $this->publickey_mod)); }
/** * @param string $username * @param string $password * @param string $otp The token from e.G. the app * @param string|null $useragent A custom User-Agent * @param Client|null $client The Guzzle client used for the operation * * @return string * * @throws SteamLoginException In case of errors */ public static function getSteamLoginSecure($username, $password, $otp, $useragent = null, Client &$client = null) { $clientConf = ['cookies' => true]; if ($useragent) { $clientConf['headers'] = ['User-Agent' => $useragent]; } $client = new Client($clientConf); $steamRSA = new SteamRSAKey($username, $client); $encryptedPass = $steamRSA->encrypt($password); if (strlen($encryptedPass) < 32) { throw new SteamLoginException('Error encrypting password (encrypted string too short)'); } // The real login, now that we have the password encrypted with the publickey from Steam /** @var \GuzzleHttp\Psr7\Response $response */ $response = $client->post(self::STEAMCOMM_WEBSITE . '/login/dologin/', array('form_params' => ['captcha_text' => '', 'captchagid' => -1, 'donotcache' => Utils::microtime_ms(true), 'emailauth' => '', 'emailsteamid' => '', 'loginfriendlyname' => '', 'password' => $encryptedPass, 'remember_login' => 'true', 'rsatimestamp' => $steamRSA->getSteamTimestamp(), 'twofactorcode' => $otp, 'username' => $username])); Utils::jsonBody($response); // Only for the validation of success return Utils::getCookie($client, 'steamLoginSecure'); }