Dr. McKay

steam-tradeoffer-manager already uses the most stable endpoint, and has for years.

None of my libraries are what you're looking for. You just need an OpenID validator. This seems like it might work for you: https://github.com/LeeviHalme/node-steam-openid (I just found this on google, this isn't an endorsement) It's worth mentioning and emphasizing that OpenID and OAuth are not the same thing. You cannot get a bearer token or any other sort of "user token" from Steam. The only thing OpenID allows you to do is get a user's SteamID, and be sure that the SteamID actually belongs to the user. From there, you need to use Steam's public WebAPIs to retrieve data for that SteamID. It won't work if their profile is private, and there's no way around this. There's no mechanism to prompt a user to share private data with you.

You're going to rapidly get Valve mad at you if you continually make 58 requests per second. You need to check the version that's being installed in package.json.

Why are you making an API request every 17 milliseconds? I don't see why you'd be getting an error that editProfile isn't a function unless you're using a really ancient version of steamcommunity, like 3.1.1 or earlier.

Show your full code please.

407 means that your proxy credentials are wrong. https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/407

If your IP was login rate limited, you'd get an error event with the EResult RateLimitExceeded. Is the error event being emitted?

If you're only finding tradable items, I don't think there should be any case where you'd need to look for other string other than "( Not Usable in Crafting )"

Steam.php L31: You don't need to use an API key for this route. Also, requesting a count of items other than 75 or 2000 will run you into strict IP rate limits. L73: You need to match instanceid in addition to classid. Same on L95. L116: You need to check the item's description (the descriptions array) to see if the item is craftable. If it's not, it should contain a description with content matching something like "( Not Usable in Crafting )". Example item Otherwise, seems like it looks fine.

Show your code.

I haven't tested what happens if you try to use getWebCookies on a SteamClient login session. If you're authenticating with steam-user, you should use the cookies from the webSession event instead.

Where are you getting cookies from?

You need to use EAuthTokenPlatformType.SteamClient.

steam-session should be able to handle all your auth needs for you. It's mostly complete at this point.

As far as I'm aware, if a trade is rolled back after it's successfully committed, the trade offer stays in the "accepted" state. Really the only way to know a rollback happened is to either check your trade history or check your inventory and notice that items are gone/replaced.

No, the API method called by getExchangeDetails is the only place to get the trade status.

Every time you login with your password to an account that has mobile 2FA enabled, you'll need to supply a code. It doesn't matter how long you wait.

https://github.com/DoctorMcKay/node-steam-tradeoffer-manager/wiki/TradeOfferManager#pollinterval

Figure it out, I'm not going to do your job for you. If you're using node-steamcommunity, the requests it's sending are well-formed. If you aren't, then I can't really help you.

It probably has something to do with the reputation of your IP, dunno.

loadUserInventory has been deprecated for years. You should be using getUserInventoryContents.

Yes.

It's definitely stricter, but it seems to be more than 500/day for me.

Yes, Steam's rate limiting is more strict now. You need to make fewer requests or use more IPs.

The new endpoint has last_assetid, which you should pass as start_assetid for the next request.