func (w *Web) apiLogOn() error {
sessionKey := make([]byte, 32)
rand.Read(sessionKey)
cryptedSessionKey := cryptoutil.RSAEncrypt(GetPublicKey(EUniverse_Public), sessionKey)
ciph, _ := aes.NewCipher(sessionKey)
cryptedLoginKey := cryptoutil.SymmetricEncrypt(ciph, []byte(w.webLoginKey))
data := make(url.Values)
data.Add("format", "json")
data.Add("steamid", strconv.FormatUint(w.client.SteamId().ToUint64(), 10))
data.Add("sessionkey", string(cryptedSessionKey))
data.Add("encrypted_loginkey", string(cryptedLoginKey))
resp, err := http.PostForm("https://api.steampowered.com/ISteamUserAuth/AuthenticateUser/v0001", data)
if err != nil {
return err
}
defer resp.Body.Close()
if resp.StatusCode == 401 {
// our web login key has expired, request a new one
atomic.StoreUint32(&w.relogOnNonce, 1)
w.client.Write(NewClientMsgProtobuf(EMsg_ClientRequestWebAPIAuthenticateUserNonce, new(CMsgClientRequestWebAPIAuthenticateUserNonce)))
return nil
} else if resp.StatusCode != 200 {
return errors.New("steam.Web.apiLogOn: request failed with status " + resp.Status)
}
result := new(struct {
Authenticateuser struct {
Token string
TokenSecure string
}
})
err = json.NewDecoder(resp.Body).Decode(result)
if err != nil {
return err
}
w.SteamLogin = result.Authenticateuser.Token
w.SteamLoginSecure = result.Authenticateuser.TokenSecure
w.client.Emit(new(WebLoggedOnEvent))
return nil
}
func (c *Client) handleChannelEncryptRequest(packet *Packet) {
body := NewMsgChannelEncryptRequest()
packet.ReadMsg(body)
if body.Universe != EUniverse_Public {
c.Fatalf("Invalid univserse %v!", body.Universe)
}
c.tempSessionKey = make([]byte, 32)
rand.Read(c.tempSessionKey)
encryptedKey := cryptoutil.RSAEncrypt(GetPublicKey(EUniverse_Public), c.tempSessionKey)
payload := new(bytes.Buffer)
payload.Write(encryptedKey)
binary.Write(payload, binary.LittleEndian, crc32.ChecksumIEEE(encryptedKey))
payload.WriteByte(0)
payload.WriteByte(0)
payload.WriteByte(0)
payload.WriteByte(0)
c.Write(NewMsg(NewMsgChannelEncryptResponse(), payload.Bytes()))
}
