func (w *Web) apiLogOn() error {
sessionKey := make([]byte, 32)
rand.Read(sessionKey)
cryptedSessionKey := cryptoutil.RSAEncrypt(GetPublicKey(EUniverse_Public), sessionKey)
ciph, _ := aes.NewCipher(sessionKey)
cryptedLoginKey := cryptoutil.SymmetricEncrypt(ciph, []byte(w.WebSessionId))
data := make(url.Values)
data.Add("format", "json")
data.Add("steamid", strconv.FormatUint(uint64(w.client.SteamId()), 10))
data.Add("sessionkey", string(cryptedSessionKey))
data.Add("encrypted_loginkey", string(cryptedLoginKey))
resp, err := http.PostForm("http://api.steampowered.com/ISteamUserAuth/AuthenticateUser/v0001", data)
if err != nil {
return err
}
if resp.StatusCode != 200 {
// our web session id has expired, request a new one
w.client.Write(NewClientMsgProtobuf(EMsg_ClientRequestWebAPIAuthenticateUserNonce, new(CMsgClientRequestWebAPIAuthenticateUserNonce)))
atomic.StoreUint32(&w.relogOnNonce, 1)
return nil
}
result := new(struct {
Authenticateuser struct {
Token string
}
})
b, err := ioutil.ReadAll(resp.Body)
resp.Body.Close()
if err != nil {
return err
}
err = json.Unmarshal(b, result)
if err != nil {
return err
}
w.SteamLogin = result.Authenticateuser.Token
w.client.Emit(new(WebLoggedOnEvent))
return nil
}
// Writes a message. This may only be used by one goroutine at a time.
func (c *tcpConnection) Write(message []byte) error {
c.cipherMutex.RLock()
if c.ciph != nil {
message = cryptoutil.SymmetricEncrypt(c.ciph, message)
}
c.cipherMutex.RUnlock()
err := binary.Write(c.conn, binary.LittleEndian, uint32(len(message)))
if err != nil {
return err
}
err = binary.Write(c.conn, binary.LittleEndian, tcpConnectionMagic)
if err != nil {
return err
}
_, err = c.conn.Write(message)
return err
}