Jump to content
McKay Development

Recommended Posts

Posted

I think I have a similar issue. I'm using a slightly modified version of steam-card-farmer and am experiencing problems since a few hours. I added some extra logging and I always get stuck at this point:

2017-02-22 12:38:41 - Reading Steam credentials from command line
2017-02-22 12:38:43 - Logged into Steam!
2017-02-22 12:38:43 - Waiting for license info...
2017-02-22 12:38:44 - Got app ownership info
2017-02-22 12:38:44 - Checking app playtime...
2017-02-22 12:38:44 - MinPlaytime: Web logon executed
2017-02-22 12:38:46 - MinPlaytime: Site requested
2017-02-22 12:38:47 - Skipping app 566020 "The Steam Awards", not owned
2017-02-22 12:38:47 - Checking card drops...
2017-02-22 12:38:47 - CardApps: Web logon executed

So basically webLogOn works but the webSession event never fires. Code for that (unchanged):

	client.once('webSession', function(sessionID, cookies) {
		cookies.forEach(function(cookie) {
			g_Jar.setCookie(cookie, 'https://steamcommunity.com');
		});

I'm only using it for two days now so I'm not sure if it's just a temporary issue with Steam or if I messed sth up.

Posted

I've been investigating this for the past hour and a half or so, and it appears that Valve did indeed break something with client-based web logons last night. The API is giving quite a lot of 403s with the same error message that you get if you use a bad nonce. Therefore, my suspicion is that there's some kind of miscommunication between the CM (the server which most likely generates the nonce and issues it to you), and whichever server consumes those nonces to turn them into cookies. I've tried adding some delays just in case the communication between those servers is slow, but that doesn't appear to have helped anything.

 

Re-logging your client seems to solve the problem, at least temporarily. You may want to try doing that if you don't get a web session within a reasonable amount of time after requesting one.

 

I've alerted Valve, but there's no telling if or when they'll take action.

Posted

It's starting to appear webLogOn will fail if you already have a valid web session. I'm unsure as to whether this is a time-based limit or not, but I can reliably get 403s if I call webLogOn 1 second after webSession gets emitted. Relogging the CM session will work more often than not (all the time? unsure).

Posted (edited)

How would I go about checking if the webSession is still valid if you don't mind me asking? I commented out the second webLogOn and subsequent wait for webSession in checkCardApps() and it works as long as a valid webSession fired in checkMinPlaytime() but that's obviously a pretty unreliable approach.

Edited by alohacara
Posted

How would I go about checking if the webSession is still valid if you don't mind me asking? I commented out the second webLogOn and subsequent wait for webSession in checkCardApps() and it works as long as a valid webSession fired in checkMinPlaytime() but that's obviously a pretty unreliable approach.

 

I'm not sure I would bother. It's starting to look to me as if webLogOn just won't work at all.

Posted

Yeah going to have to agree with McKay here after my own observations. I would avoid using it in code at all. It's now unreliable. I'm moving my clients over to full relogs. Hoping this isn't part of a larger crypto bug or something with steam.

Posted

i managed to make it work this way, maybe helps anyone:

var steamUser = new SteamU(steamClient);
var steamClient = new SteamC.CMClient();
var SteamWebLogOn = require('steam-weblogon');
var steamWebLogOn = new SteamWebLogOn(steamClient, steamUser);
steamWebLogOn.webLogOn(function(sessionID, newCookie){
getSteamAPIKey({
sessionID: sessionID,
webCookie: newCookie
}, function(err, APIKey) {
offers.setup({
sessionID: sessionID,
webCookie: newCookie,
APIKey: APIKey
});
steamuserinfo.setup(APIKey);

});
});

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...