func (w *Web) apiLogOn() error { sessionKey := make([]byte, 32) rand.Read(sessionKey) cryptedSessionKey := cryptoutil.RSAEncrypt(GetPublicKey(EUniverse_Public), sessionKey) ciph, _ := aes.NewCipher(sessionKey) cryptedLoginKey := cryptoutil.SymmetricEncrypt(ciph, []byte(w.webLoginKey)) data := make(url.Values) data.Add("format", "json") data.Add("steamid", strconv.FormatUint(w.client.SteamId().ToUint64(), 10)) data.Add("sessionkey", string(cryptedSessionKey)) data.Add("encrypted_loginkey", string(cryptedLoginKey)) resp, err := http.PostForm("https://api.steampowered.com/ISteamUserAuth/AuthenticateUser/v0001", data) if err != nil { return err } defer resp.Body.Close() if resp.StatusCode == 401 { // our web login key has expired, request a new one atomic.StoreUint32(&w.relogOnNonce, 1) w.client.Write(NewClientMsgProtobuf(EMsg_ClientRequestWebAPIAuthenticateUserNonce, new(CMsgClientRequestWebAPIAuthenticateUserNonce))) return nil } else if resp.StatusCode != 200 { return errors.New("steam.Web.apiLogOn: request failed with status " + resp.Status) } result := new(struct { Authenticateuser struct { Token string TokenSecure string } }) err = json.NewDecoder(resp.Body).Decode(result) if err != nil { return err } w.SteamLogin = result.Authenticateuser.Token w.SteamLoginSecure = result.Authenticateuser.TokenSecure w.client.Emit(new(WebLoggedOnEvent)) return nil }
// Writes a message. This may only be used by one goroutine at a time. func (c *tcpConnection) Write(message []byte) error { c.cipherMutex.RLock() if c.ciph != nil { message = cryptoutil.SymmetricEncrypt(c.ciph, message) } c.cipherMutex.RUnlock() err := binary.Write(c.conn, binary.LittleEndian, uint32(len(message))) if err != nil { return err } err = binary.Write(c.conn, binary.LittleEndian, tcpConnectionMagic) if err != nil { return err } _, err = c.conn.Write(message) return err }