Jump to content
McKay Development

Butter Jesus

Member
  • Posts

    1
  • Joined

  • Last visited

Everything posted by Butter Jesus

  1. First let me say that this library is amazing! I'm really excited to work with it and build something fun. I'm a data scientist but have a background building backend APIs with Python and recently got into React. I'm interested in building a web client that logs a user in (front-end initiated via HTML/js), then imports a list of game assets they own and have played recently (backend / nodejs). The basic case I'm trying to find a beginning with is a basic oAuth login from a web client such as: <form action="https://steamcommunity.com/openid/login" method="post"> <input type="hidden" name="openid.identity" value="http://specs.openid.net/auth/2.0/identifier_select" /> <input type="hidden" name="openid.claimed_id" value="http://specs.openid.net/auth/2.0/identifier_select" /> <input type="hidden" name="openid.ns" value="http://specs.openid.net/auth/2.0" /> <input type="hidden" name="openid.mode" value="checkid_setup" /> <input type="hidden" name="openid.realm" value="http://localhost" /> <input type="hidden" name="openid.return_to" value="http://localhost:3030/auth/steam/callback" /> <Button type="submit"><img src="https://community.cloudflare.steamstatic.com/public/images/signinthroughsteam/sits_02.png"></Button> </form> Then, I just wanted to handle the request in the backend and get a list of assets. From here I believe I should get some kind of token then I pass off the request parameters to a method. The response I get from the redirect is: { 'openid.ns': 'http://specs.openid.net/auth/2.0', 'openid.mode': 'id_res', 'openid.op_endpoint': 'https://steamcommunity.com/openid/login', 'openid.claimed_id': 'https://steamcommunity.com/openid/id/[an ID]', 'openid.identity': 'https://steamcommunity.com/openid/id/[an ID]', 'openid.return_to': 'http://localhost:3030/auth/steam/callback', 'openid.response_nonce': '2022-12-22T01:02:40[a bunch of letter and numbers]', 'openid.assoc_handle': '1234567890', 'openid.signed': 'signed,op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle', 'openid.sig': 'b0R2aeaaL+6mwfLiahde19gsc+Q=' } I'm not completely sure if one of these things is a token or if I need to make another request OR update my form post to have different parameters to get a token. I see a nonce which I assume is either part of the transaction for obtaining a token to use for future requests, or perhaps it's just randomly generated once as a formality. Looking at openid's docs I can assume: openid.response_nonce Value: A string 255 characters or less in length, that MUST be unique to this particular successful authentication response. The nonce MUST start with the current time on the server, and MAY contain additional ASCII characters in the range 33-126 inclusive (printable non-whitespace characters), as necessary to make each response unique. The date and time MUST be formatted as specified in section 5.6 of [RFC3339], with the following restrictions: All times must be in the UTC timezone, indicated with a "Z". No fractional seconds are allowed For example: 2005-05-15T17:11:51ZUNIQUE Perhaps it's the wrong class, but the SteamCommunity class seems like the right next step somehow but looking at what's expected as arguments to most of the login methods, I'm positive there's a huge gap in my knowledge as to what my first step should be for working with this. Or maybe node-steam-user (logOn, webLogOn, ???) is the class/method for managing web authentication in my use case? Thanks in advance for helping with my noob question!
×
×
  • Create New...