All Activity

Could you also kindly share how do you parse this buffer into a readable json or text?

const { LZMA } = require('lzma-native'); function decompressValveLZMA(buffer) { if (buffer.length < 13) { throw new Error("Buffer too short to be Valve LZMA"); } const magic = buffer.readUInt32BE(0); // Big-Endian if (magic !== 0x4C5A4D41) { // 'LZMA' throw new Error("Not a Valve LZMA container (magic mismatch)"); } const uncompressedLength = buffer.readUInt32LE(4); const compressedLength = buffer.readUInt32LE(8); const expectedTotal = 12 + 5 + compressedLength; // header (12) + props(5) + data if (buffer.length < expectedTotal) { throw new Error(`Buffer too short: expected ${expectedTotal}, have ${buffer.length}`); } const props = buffer.slice(12, 12 + 5); const lzmaData = buffer.slice(12 + 5, 12 + 5 + compressedLength); return new Promise((resolve, reject) => { const lzma = new LZMA(); const lzmaHeader = Buffer.alloc(5 + 8); props.copy(lzmaHeader, 0); // копируем 5 байт props lzmaHeader.writeUInt32LE(uncompressedLength, 5); const fullLzmaStream = Buffer.concat([lzmaHeader, lzmaData]); lzma.decompress(fullLzmaStream, (result, error) => { if (error) { reject(error); } else { resolve(Buffer.from(result)); } }); }); }

https://github.com/ValveSoftware/source-sdk-2013/blob/0759e2e8e179d5352d81d0d4aaded72c1704b7a9/src/game/client/econ/store/store_panel.cpp#L610

Hey, Is there any way to sign out of all devices ? Similarly to Remove All Credentials button from this page: "https://store.steampowered.com/account/authorizeddevices" Thank you!

TradeOfferManager isn't ready until you call setCookies on it. You can get cookies from SteamUser's webSession event.

Ive notice on the odd ocassion, the newOffer event has triggered multiple times for the same trade offer. Maybe my sign-in logic is bad. I start listening to the events in another file> Please if anyone can explain why I get duplicate events sometimes. Thanks. async function startNewOffersListener() { if (newOffersListenerStarted) { console.log("⚠️ New offers listener is already running."); return; } newOffersListenerStarted = true; // Prevent duplicate starts console.log("✅ New offers listener started."); // Listen for new offers steamOffManagerInstance.manager.on('newOffer', offer => { //console.log('new trade offer', offer); let skinMarketName = null; let assetId = null; let actionsLink = null; let isCommodity = null; (async () => { try { offer.itemsToReceive.forEach((item, index) => { skinMarketName = item.market_hash_name; assetId = item.assetid; isCommodity = item.commodity; console.log(`newOffer`); console.log(`Item ${index + 1}:`); console.log(`Name: ${item.name}`); console.log(`Market Hash Name: ${item.market_hash_name}`); console.log(`AssetId: ${item.assetid}`); console.log(`Commodity: ${item.commodity}`); console.log(`PartnerId: ${offer.partner}`); console.log(`Actions:`); class SteamOfferManagerInstance { constructor(account) { this.account = account; this.hasWebLogOnBeenCalled = false; this.hasbeenUsed = false; this.init = false; this.firstTimeLog = false; this.access_token = ''; this.waitingForSteamGuard = false; // Track Steam Guard input state // Conditionally set proxy for client and community this.client = proxy ? new SteamUser({ debug: true, autoRelogin: true, httpProxy: proxy }) : new SteamUser(); this.community = proxy ? new SteamCommunity({ request: request.defaults({ proxy: proxy }) }) : new SteamCommunity(); this.manager = new steam_offer_manager({ "steam": this.client, "communinty": this.community, "domain": "localhost", "language": "en", "useAccessToken": true, }); //test commit for workflow this.logOnOptions = { "accountName": account.name, "password": account.password, "logonID": Date.now().toString().slice(-5), "twoFactorCode": SteamTotp.generateAuthCode(sharedSecret) }; // Handle other events this.client.on('loggedOn', () => { console.log('Successfully logged into Steam as', this.account.name); console.log('Logged in on IP', this.client.publicIP); }); this.client.on('webSession', async (sessionID, cookies) => { this.manager.setCookies(cookies, function(err) { if (err) { throw err; } }); this.community.setCookies(cookies); const [key, value] = cookies[0].split('='); this.access_token = value.split('%7C%7C')[1]; this.init = true; }); this.setRelogin(); } setRelogin() { if (!this.hasWebLogOnBeenCalled) { this.hasWebLogOnBeenCalled = true; this.isLogged = false; this.logOnOptions.logonID = Date.now().toString().slice(-5); try { if (this.firstTimeLog) { this.client.webLogOn(); } else { this.client.logOn(this.logOnOptions); this.firstTimeLog = true; } } catch (err) { if (err.message === "Already logged on, cannot log on again") { this.isLogged = true; } else { console.log('Login Error:', err.message); } } } if (this.hasWebLogOnBeenCalled) { setTimeout(() => { this.hasWebLogOnBeenCalled = false; }, 360000); } }

const SteamUser = require('steam-user'); const SteamTradeOfferManager = require('steam-tradeoffer-manager'); const SteamTotp = require('steam-totp'); // Your Steam account credentials const username = 'username'; const password = 'password'; const sharedSecret = 'secret'; // Your Steam shared secret // Initialize SteamUser bot instance const bot = new SteamUser(); // Initialize TradeOfferManager let manager; // Handle successful login bot.on('loggedOn', () => { console.log('Logged into Steam!'); // Initialize the TradeOfferManager manager = new SteamTradeOfferManager({ steam: bot, domain: 'localhost', language: 'en', }); console.log('TradeOfferManager initialized!'); // Fetch bot's inventory (use appid 440 as an example for Team Fortress 2 items) const appId = 440; // Use the appid for the game you want the inventory for (e.g., 440 for TF2) const contextId = '2'; // Default context for TF2 (can be different for other games) manager.getInventoryContents(appId, contextId, true, (err, inventory) => { if (err) { console.log('Error fetching inventory:', err); } else { console.log('Bot inventory fetched successfully!'); console.log(inventory); // Log the inventory to the console } // After fetching the inventory, log out the bot bot.logOff(); }); }); // This event is triggered when Steam requires the Steam Guard code (2FA) bot.on('loginKey', (loginKey) => { console.log('Received loginKey, generating 2FA code...'); // Generate the 2FA code using the shared secret const twoFactorCode = SteamTotp.generateAuthCode(sharedSecret); console.log('Generated Steam Guard App Code (2FA Code):', twoFactorCode); // Logs the generated 2FA code to the console // Log in again with the 2FA code bot.login({ accountName: username, password: password, twoFactorCode: twoFactorCode, // Pass the generated 2FA code }); }); // Handle login errors bot.on('error', (err) => { console.log('Error during login:', err); }); // Handle login attempts bot.on('steamGuard', (domain, callback) => { console.log('Steam Guard is required!'); // Check if Steam Guard is enabled const twoFactorCode = SteamTotp.generateAuthCode(sharedSecret); console.log('Sending 2FA code:', twoFactorCode); // Send the 2FA code to Steam Guard for login callback(twoFactorCode); }); // Start the login process bot.logOn({ accountName: username, password: password, }); Console log: Steam Guard is required! Sending 2FA code: MYXV5 Logged into Steam! TradeOfferManager initialized! Error fetching inventory: Error: Not Logged In I replaced all the credentials, steam guard passes, it logs in, and then when I try to fetch inventory it says I am not logged in to the account.

Fixed error that arises if no cookies are set in the response to /jwt/finalizelogin, which should be very rare Full Changelog: v1.9.1...v1.9.2 View on GitHub

What proxies do you use to interact with Steam? Do you know anything about not using certain proxies to avoid being banned from the platform by steam? I can of course use residential proxies, but I thought that datacenter proxies are much cheaper and should work the same way as long as steam doesn't ban them.

hmm theres not much to give its just that some times the offer completes and the event does not come idk if anyone else is expereincing this atm

Recently, it no longer seems possible to call up your created and deleted market listings in the market history. However, this also means that you no longer receive the new assetids after you have removed a listing. That can't be intentional, can it? Are there any other ways to get the new assetid? Is it the same for you Guys?

Added Origin header to all non-GET requests, which fixes some 403 errors Fixed malformed sessionid returned in login() callback Full Changelog: v3.48.4...v3.48.6 View on GitHub

Update to 1.9.1

Fixed Malformed login response error when calling getWebCookies() for EAuthTokenPlatformType.WebBrowser Full Changelog: v1.9.0...v1.9.1 View on GitHub

I login with this simple code: await session.startWithCredentials({ accountName: acc.accountName, password: acc.password, steamGuardCode: SteamTotp.getAuthCode(auths[acc.accountName]) }); But it throws an error saying: Malformed login response It used to work perfectly for many weeks, but today I found out that it throws an error.

Can you give any details?

Hi, it's still happening. The inventory is public.

Apparently the globaloffensive node isnt reporting back any ranking information from the GC as of recently according to: I've tried it again today and rankings still returns an empty array. The only other way I know of to see your CS2 rank now without launching the game client is through gcpd data on a browser: https://steamcommunity.com/id/"Profile Name"/gcpd/730?tab=matchmaking From here you can see ranking information as: Matchmaking Mode Map Wins Ties Losses Skill Group Last Match Region Ranked Competitive Anubis 5 3 7 1 2025-02-10 21:53:05 GMT 1 Is there a node script that can access and retrieve this information automatically? Perhaps within steam-user or steam-community?

It seems like the sentofferchanged especially and the received offerchanged are missing some events how to fix this?

Every Steam WebAPI endpoint that accepts and outputs protobuf also accepts input_json, and will output json. Here is the protobuf definition for BatchedQueryRewardItems/v1, and repeated .CLoyaltyRewards_QueryRewardItems_Request requests means that it expects a json object with key "requests", which is an array of CLoyaltyRewards_QueryRewardItems_Request objects, which is defined here. So we could make a URL like this: https://api.steampowered.com/ILoyaltyRewardsService/BatchedQueryRewardItems/v1?input_json=%7B%22requests%22%3A%5B%7B%22appids%22%3A%5B%5D%2C%22community_item_classes%22%3A%5B3%5D%2C%22reward_types%22%3A%5B1%5D%2C%22excluded_community_item_classes%22%3A%5B%5D%2C%22definitionids%22%3A%5B%5D%2C%22filters%22%3A%5B4%5D%2C%22filter_match_all_category_tags%22%3A%5B%5D%2C%22filter_match_any_category_tags%22%3A%5B%5D%2C%22contains_definitionids%22%3A%5B%5D%2C%22excluded_content_descriptors%22%3A%5B%5D%2C%22excluded_appids%22%3A%5B%5D%2C%22excluded_store_tagids%22%3A%5B%5D%2C%22store_tagids%22%3A%5B%5D%2C%22time_available%22%3Anull%2C%22language%22%3A%22english%22%2C%22count%22%3A10%2C%22cursor%22%3Anull%2C%22sort%22%3A2%2C%22sort_descending%22%3Afalse%2C%22include_direct_purchase_disabled%22%3Anull%2C%22search_term%22%3Anull%7D%2C%7B%22appids%22%3A%5B%5D%2C%22community_item_classes%22%3A%5B17%5D%2C%22reward_types%22%3A%5B1%5D%2C%22excluded_community_item_classes%22%3A%5B%5D%2C%22definitionids%22%3A%5B%5D%2C%22filters%22%3A%5B%5D%2C%22filter_match_all_category_tags%22%3A%5B%5D%2C%22filter_match_any_category_tags%22%3A%5B%5D%2C%22contains_definitionids%22%3A%5B%5D%2C%22excluded_content_descriptors%22%3A%5B%5D%2C%22excluded_appids%22%3A%5B%5D%2C%22excluded_store_tagids%22%3A%5B%5D%2C%22store_tagids%22%3A%5B%5D%2C%22time_available%22%3Anull%2C%22language%22%3A%22english%22%2C%22count%22%3A10%2C%22cursor%22%3Anull%2C%22sort%22%3A2%2C%22sort_descending%22%3Afalse%2C%22include_direct_purchase_disabled%22%3Anull%2C%22search_term%22%3Anull%7D%5D%7D With a large enough request, you might run into URL length limitations, in which case you'd want to encode your request using those protobufs. I believe you could still pass &format=json to get a json response even if you send a protobuf request. Exactly what the community item classes, reward types, etc mean, I don't know.

Does anyone know how to implement it using Java code? this link is not the same to steam inventory inspect link format the site format is: team://rungame/730/76561202255233023/+csgo_econ_action_preview%2000180720A1062806380040017B117C72 but the steam inventory inspect link format is: steam://rungame/730/76561202255233023/+csgo_econ_action_preview%20S_A_D_(SAD format)

The callback to getOffers has three argument, not two. It's (err, sent, received) Your code as written is only looking at sent offers, so it's expected you wouldn't see your received offers in there. I also see some other issues in your code. Firstly, you're creating a new 30-second interval on checkTrades every time webSession is emitted, so after two webSession events you're calling checkTrades twice every 30 seconds, thrice after 3 emits, and so on. This is in addition to TradeOfferManager's internal 30 second polling that you've enabled via pollInterval: 30000. I'd recommend that you eliminate your checkTrades function entirely and instead use the offerList event, which is designed for exactly what you're using checkTrades for now. It'll be emitted every time TradeOfferManager performs a poll, which is every 30 seconds as configured here.

Hi again. 15 days have passed and I can confirm trades using the trade manager. Thank you! However, I noticed a bug, or maybe I'm doing something wrong. If I get a new offer when the script is working, I can immediately see it on the newer event, and I can immediately accept it. I can't accept the trade afterward if I don't act on this event. I've tried to use a setInterval and check manager.getOffers, but the detected offer is not on the list. Even if I directly call manager.getOffer(offerId), I get undefined. Even if I restart the script, I can't find the offer, which I can see on Steam's trade offer web page. // just some sample code to reproduce the issue let client = new SteamUser(); let manager = new TradeOfferManager({ steam: client, // Polling every 30 seconds is fine since we get notifications from Steam language: "en", // We want English item descriptions pollInterval: 30000, useAccessToken: true, }); let community = new SteamCommunity(); async function main() { let logOnOptions = { accountName, password, twoFactorCode: SteamTotp.getAuthCode(sharedSecret), // shared secret }; if (FS.existsSync("polldata.json")) { manager.pollData = JSON.parse( FS.readFileSync("polldata.json").toString("utf8") ); } client.logOn(logOnOptions); } manager.on("pollData", function (pollData) { FS.writeFileSync("polldata.json", JSON.stringify(pollData)); }); client.on("webSession", function (sessionID, cookies) { manager.setCookies(cookies, function (err) { if (err) { console.log(err); process.exit(1); } console.log("Cookies set"); }); community.setCookies(cookies); setInterval(checkTrades, 1 * 30 * 1000); }); manager.on("newOffer", function (offer) { console.log( "New offer #" + offer.id + " from " + offer.partner.getSteam3RenderedID() ); // i can accept the offer here if I wish }); function checkTrades() { console.log("Checking for trade offers..."); manager.getOffers( TradeOfferManager.EOfferFilter.All, null, (err, offers) => { if (err) { console.error("Error fetching trade offers:", err); return; } // offers doesn't include the offer id i saw in the newOffer event // filtering getOffers with ActiveOnly results in an empty array // manager.getOffer(offerId) is undefined offers.forEach((offer) => { //... }) } ); }

Hi Doc, Hi guys Stickers: [ { "slot": 0, "sticker_id": 4693, "wear": null, "scale": null, "rotation": null, "tint_id": null, "offset_x": null, "offset_y": null, "offset_z": null, "pattern": null }, Can you guys tell me if anyone know how to assign sticker_id to sticker name

Hi all, I want to get all items from PointsShop such as avatars/frames/backgrounds. As I understand steam uses ILoyaltyRewardsService/BatchedQueryRewardItems/v1 to load the data. But the data is protobuff encoded, maybe someone knows a scheme or another way how I can parse items from PointsShop?