steamcommunity 3.46.1 → 3.47.1

package/components/webapi.js

@@ -1,118 +1,118 @@
-var SteamCommunity = require('../index.js');
-
-const Helpers = require('./helpers.js');
-
-SteamCommunity.prototype.getWebApiKey = function(domain, callback) {
-	var self = this;
-	this.httpRequest({
-		"uri": "https://steamcommunity.com/dev/apikey?l=english",
-		"followRedirect": false
-	}, function(err, response, body) {
-		if (err) {
-			callback(err);
-			return;
-		}
-
-		if(body.match(/<h2>Access Denied<\/h2>/)) {
-			return callback(new Error("Access Denied"));
-		}
-
-		if(body.match(/You must have a validated email address to create a Steam Web API key./)) {
-			return callback(new Error("You must have a validated email address to create a Steam Web API key."));
-		}
-
-		var match = body.match(/<p>Key: ([0-9A-F]+)<\/p>/);
-		if(match) {
-			// We already have an API key registered
-			callback(null, match[1]);
-		} else {
-			// We need to register a new API key
-			self.httpRequestPost('https://steamcommunity.com/dev/registerkey?l=english', {
-				"form": {
-					"domain": domain,
-					"agreeToTerms": "agreed",
-					"sessionid": self.getSessionID(),
-					"Submit": "Register"
-				}
-			}, function(err, response, body) {
-				if (err) {
-					callback(err);
-					return;
-				}
-
-				self.getWebApiKey(domain, callback);
-			}, "steamcommunity");
-		}
-	}, "steamcommunity");
-};
-
-/**
- * @deprecated No longer works. Will be removed in a future release.
- * @param {function} callback
- */
-SteamCommunity.prototype.getWebApiOauthToken = function(callback) {
-	if (this.oAuthToken) {
-		return callback(null, this.oAuthToken);
-	}
-
-	callback(new Error('This operation requires an OAuth token, which is no longer issued by Steam.'));
-};
-
-/**
- * Sets an access_token generated by steam-session using EAuthTokenPlatformType.MobileApp.
- * Required for some operations such as 2FA enabling and disabling.
- * This will throw an Error if the provided token is not valid, was not generated for the MobileApp platform, is expired,
- * or does not belong to the logged-in user account.
- *
- * @param {string} token
- */
-SteamCommunity.prototype.setMobileAppAccessToken = function(token) {
-	if (!this.steamID) {
-		throw new Error('Log on to steamcommunity before setting a mobile app access token');
-	}
-
-	let decodedToken = Helpers.decodeJwt(token);
-
-	if (!decodedToken.iss || !decodedToken.sub || !decodedToken.aud || !decodedToken.exp) {
-		throw new Error('Provided value is not a valid Steam access token');
-	}
-
-	if (decodedToken.iss == 'steam') {
-		throw new Error('Provided token is a refresh token, not an access token');
-	}
-
-	if (decodedToken.sub != this.steamID.getSteamID64()) {
-		throw new Error(`Provided token belongs to account ${decodedToken.sub}, but we are logged into ${this.steamID.getSteamID64()}`);
-	}
-
-	if (decodedToken.exp < Math.floor(Date.now() / 1000)) {
-		throw new Error('Provided token is expired');
-	}
-
-	if ((decodedToken.aud || []).indexOf('mobile') == -1) {
-		throw new Error('Provided token is not valid for MobileApp platform type');
-	}
-
-	this.mobileAccessToken = token;
-};
-
-/**
- * Verifies that the mobile access token we already have set is still valid for current login.
- *
- * @private
- */
-SteamCommunity.prototype._verifyMobileAccessToken = function() {
-	if (!this.mobileAccessToken) {
-		// No access token, so nothing to do here.
-		return;
-	}
-
-	let decodedToken = Helpers.decodeJwt(this.mobileAccessToken);
-
-	let isTokenInvalid = decodedToken.sub != this.steamID.getSteamID64()    // SteamID doesn't match
-		|| decodedToken.exp < Math.floor(Date.now() / 1000);                      // Token is expired
-
-	if (isTokenInvalid) {
-		delete this.mobileAccessToken;
-	}
-};
+var SteamCommunity = require('../index.js');
+
+const Helpers = require('./helpers.js');
+
+SteamCommunity.prototype.getWebApiKey = function(domain, callback) {
+	var self = this;
+	this.httpRequest({
+		"uri": "https://steamcommunity.com/dev/apikey?l=english",
+		"followRedirect": false
+	}, function(err, response, body) {
+		if (err) {
+			callback(err);
+			return;
+		}
+
+		if(body.match(/<h2>Access Denied<\/h2>/)) {
+			return callback(new Error("Access Denied"));
+		}
+
+		if(body.match(/You must have a validated email address to create a Steam Web API key./)) {
+			return callback(new Error("You must have a validated email address to create a Steam Web API key."));
+		}
+
+		var match = body.match(/<p>Key: ([0-9A-F]+)<\/p>/);
+		if(match) {
+			// We already have an API key registered
+			callback(null, match[1]);
+		} else {
+			// We need to register a new API key
+			self.httpRequestPost('https://steamcommunity.com/dev/registerkey?l=english', {
+				"form": {
+					"domain": domain,
+					"agreeToTerms": "agreed",
+					"sessionid": self.getSessionID(),
+					"Submit": "Register"
+				}
+			}, function(err, response, body) {
+				if (err) {
+					callback(err);
+					return;
+				}
+
+				self.getWebApiKey(domain, callback);
+			}, "steamcommunity");
+		}
+	}, "steamcommunity");
+};
+
+/**
+ * @deprecated No longer works. Will be removed in a future release.
+ * @param {function} callback
+ */
+SteamCommunity.prototype.getWebApiOauthToken = function(callback) {
+	if (this.oAuthToken) {
+		return callback(null, this.oAuthToken);
+	}
+
+	callback(new Error('This operation requires an OAuth token, which is no longer issued by Steam.'));
+};
+
+/**
+ * Sets an access_token generated by steam-session using EAuthTokenPlatformType.MobileApp.
+ * Required for some operations such as 2FA enabling and disabling.
+ * This will throw an Error if the provided token is not valid, was not generated for the MobileApp platform, is expired,
+ * or does not belong to the logged-in user account.
+ *
+ * @param {string} token
+ */
+SteamCommunity.prototype.setMobileAppAccessToken = function(token) {
+	if (!this.steamID) {
+		throw new Error('Log on to steamcommunity before setting a mobile app access token');
+	}
+
+	let decodedToken = Helpers.decodeJwt(token);
+
+	if (!decodedToken.iss || !decodedToken.sub || !decodedToken.aud || !decodedToken.exp) {
+		throw new Error('Provided value is not a valid Steam access token');
+	}
+
+	if (decodedToken.iss == 'steam') {
+		throw new Error('Provided token is a refresh token, not an access token');
+	}
+
+	if (decodedToken.sub != this.steamID.getSteamID64()) {
+		throw new Error(`Provided token belongs to account ${decodedToken.sub}, but we are logged into ${this.steamID.getSteamID64()}`);
+	}
+
+	if (decodedToken.exp < Math.floor(Date.now() / 1000)) {
+		throw new Error('Provided token is expired');
+	}
+
+	if ((decodedToken.aud || []).indexOf('mobile') == -1) {
+		throw new Error('Provided token is not valid for MobileApp platform type');
+	}
+
+	this.mobileAccessToken = token;
+};
+
+/**
+ * Verifies that the mobile access token we already have set is still valid for current login.
+ *
+ * @private
+ */
+SteamCommunity.prototype._verifyMobileAccessToken = function() {
+	if (!this.mobileAccessToken) {
+		// No access token, so nothing to do here.
+		return;
+	}
+
+	let decodedToken = Helpers.decodeJwt(this.mobileAccessToken);
+
+	let isTokenInvalid = decodedToken.sub != this.steamID.getSteamID64()    // SteamID doesn't match
+		|| decodedToken.exp < Math.floor(Date.now() / 1000);                      // Token is expired
+
+	if (isTokenInvalid) {
+		delete this.mobileAccessToken;
+	}
+};

package/examples/README.md

@@ -1,35 +1,35 @@
-# node-steamcommunity examples
-
-The files in this directory are example scripts that you can use as a getting-started point for using node-steamcommunity.
-
-## Enable or Disable Two-Factor Authentication
-
-If you need to enable or disable 2FA on your bot account, you can use enable_twofactor.js and disable_twofactor.js to do so.
-The way that you're intended to use these scripts is by cloning the repository locally, and then running them directly
-from this examples directory.
-
-For example:
-
-```shell
-git clone https://github.com/DoctorMcKay/node-steamcommunity node-steamcommunity
-cd node-steamcommunity
-npm install
-cd examples
-node enable_twofactor.js
-```
-
-## Accept All Confirmations
-
-If you need to accept trade or market confirmations on your bot account for which you have your identity secret, you can
-use accept_all_confirmations.js to do so. The way that you're intended to use this script is by cloning the repository
-locally, and then running it directly from this examples directory.
-
-For example:
-
-```shell
-git clone https://github.com/DoctorMcKay/node-steamcommunity node-steamcommunity
-cd node-steamcommunity
-npm install
-cd examples
-node accept_all_confirmations.js
-```
+# node-steamcommunity examples
+
+The files in this directory are example scripts that you can use as a getting-started point for using node-steamcommunity.
+
+## Enable or Disable Two-Factor Authentication
+
+If you need to enable or disable 2FA on your bot account, you can use enable_twofactor.js and disable_twofactor.js to do so.
+The way that you're intended to use these scripts is by cloning the repository locally, and then running them directly
+from this examples directory.
+
+For example:
+
+```shell
+git clone https://github.com/DoctorMcKay/node-steamcommunity node-steamcommunity
+cd node-steamcommunity
+npm install
+cd examples
+node enable_twofactor.js
+```
+
+## Accept All Confirmations
+
+If you need to accept trade or market confirmations on your bot account for which you have your identity secret, you can
+use accept_all_confirmations.js to do so. The way that you're intended to use this script is by cloning the repository
+locally, and then running it directly from this examples directory.
+
+For example:
+
+```shell
+git clone https://github.com/DoctorMcKay/node-steamcommunity node-steamcommunity
+cd node-steamcommunity
+npm install
+cd examples
+node accept_all_confirmations.js
+```

package/examples/accept_all_confirmations.js

@@ -1,173 +1,173 @@
-// If you aren't running this script inside of the repository, replace the following line with:
-// const SteamCommunity = require('steamcommunity');
-const SteamCommunity = require('../index.js');
-const SteamSession = require('steam-session');
-const SteamTotp = require('steam-totp');
-const ReadLine = require('readline');
-
-const EConfirmationType = SteamCommunity.ConfirmationType;
-
-let g_AbortPromptFunc = null;
-
-let community = new SteamCommunity();
-
-main();
-async function main() {
-	let accountName = await promptAsync('Username: ');
-	let password = await promptAsync('Password (hidden): ', true);
-
-	// Create a LoginSession for us to use to attempt to log into steam
-	let session = new SteamSession.LoginSession(SteamSession.EAuthTokenPlatformType.MobileApp);
-
-	// Go ahead and attach our event handlers before we do anything else.
-	session.on('authenticated', async () => {
-		abortPrompt();
-
-		let cookies = await session.getWebCookies();
-		community.setCookies(cookies);
-
-		doConfirmations();
-	});
-
-	session.on('timeout', () => {
-		abortPrompt();
-		console.log('This login attempt has timed out.');
-	});
-
-	session.on('error', (err) => {
-		abortPrompt();
-
-		// This should ordinarily not happen. This only happens in case there's some kind of unexpected error while
-		// polling, e.g. the network connection goes down or Steam chokes on something.
-
-		console.log(`ERROR: This login attempt has failed! ${err.message}`);
-	});
-
-	// Start our login attempt
-	let startResult = await session.startWithCredentials({accountName, password});
-	if (startResult.actionRequired) {
-		// Some Steam Guard action is required. We only care about email and device codes; in theory an
-		// EmailConfirmation and/or DeviceConfirmation action could be possible, but we're just going to ignore those.
-		// If the user does receive a confirmation and accepts it, LoginSession will detect and handle that automatically.
-		// The only consequence of ignoring it here is that we don't print a message to the user indicating that they
-		// could accept an email or device confirmation.
-
-		let codeActionTypes = [SteamSession.EAuthSessionGuardType.EmailCode, SteamSession.EAuthSessionGuardType.DeviceCode];
-		let codeAction = startResult.validActions.find(action => codeActionTypes.includes(action.type));
-		if (codeAction) {
-			if (codeAction.type == SteamSession.EAuthSessionGuardType.EmailCode) {
-				// We wouldn't expect this to happen since mobile confirmations are only possible with 2FA enabled, but just in case...
-				console.log(`A code has been sent to your email address at ${codeAction.detail}.`);
-			} else {
-				console.log('You need to provide a Steam Guard Mobile Authenticator code.');
-			}
-
-			let code = await promptAsync('Code or Shared Secret: ');
-			if (code) {
-				// The code might've been a shared secret
-				if (code.length > 10) {
-					code = SteamTotp.getAuthCode(code);
-				}
-				await session.submitSteamGuardCode(code);
-			}
-
-			// If we fall through here without submitting a Steam Guard code, that means one of two things:
-			//   1. The user pressed enter without providing a code, in which case the script will simply exit
-			//   2. The user approved a device/email confirmation, in which case 'authenticated' was emitted and the prompt was canceled
-		}
-	}
-}
-
-async function doConfirmations() {
-	let identitySecret = await promptAsync('Identity Secret: ');
-
-	let confs = await new Promise((resolve, reject) => {
-		let time = SteamTotp.time();
-		let key = SteamTotp.getConfirmationKey(identitySecret, time, 'conf');
-		community.getConfirmations(time, key, (err, confs) => {
-			if (err) {
-				return reject(err);
-			}
-
-			resolve(confs);
-		});
-	});
-
-	console.log(`Found ${confs.length} outstanding confirmations.`);
-
-	// We need to track the previous timestamp we used, as we cannot reuse timestamps.
-	let previousTime = 0;
-
-	for (let i = 0; i < confs.length; i++) {
-		let conf = confs[i];
-
-		process.stdout.write(`Accepting confirmation for ${EConfirmationType[conf.type]} - ${conf.title}... `);
-
-		try {
-			await new Promise((resolve, reject) => {
-				let time = SteamTotp.time();
-				if (time == previousTime) {
-					time++;
-				}
-
-				previousTime = time;
-				let key = SteamTotp.getConfirmationKey(identitySecret, time, 'allow');
-				conf.respond(time, key, true, (err) => {
-					err ? reject(err) : resolve();
-				});
-			});
-
-			console.log('success');
-		} catch (ex) {
-			console.log(`error: ${ex.message}`);
-		}
-
-		// sleep 500ms so we don't run too far away from the current timestamp
-		await new Promise(resolve => setTimeout(resolve, 500));
-	}
-
-	console.log('Finished processing confirmations');
-	process.exit(0);
-}
-
-// Nothing interesting below here, just code for prompting for input from the console.
-
-function promptAsync(question, sensitiveInput = false) {
-	return new Promise((resolve) => {
-		let rl = ReadLine.createInterface({
-			input: process.stdin,
-			output: sensitiveInput ? null : process.stdout,
-			terminal: true
-		});
-
-		g_AbortPromptFunc = () => {
-			rl.close();
-			resolve('');
-		};
-
-		if (sensitiveInput) {
-			// We have to write the question manually if we didn't give readline an output stream
-			process.stdout.write(question);
-		}
-
-		rl.question(question, (result) => {
-			if (sensitiveInput) {
-				// We have to manually print a newline
-				process.stdout.write('\n');
-			}
-
-			g_AbortPromptFunc = null;
-			rl.close();
-			resolve(result);
-		});
-	});
-}
-
-function abortPrompt() {
-	if (!g_AbortPromptFunc) {
-		return;
-	}
-
-	g_AbortPromptFunc();
-	process.stdout.write('\n');
-}
+// If you aren't running this script inside of the repository, replace the following line with:
+// const SteamCommunity = require('steamcommunity');
+const SteamCommunity = require('../index.js');
+const SteamSession = require('steam-session');
+const SteamTotp = require('steam-totp');
+const ReadLine = require('readline');
+
+const EConfirmationType = SteamCommunity.ConfirmationType;
+
+let g_AbortPromptFunc = null;
+
+let community = new SteamCommunity();
+
+main();
+async function main() {
+	let accountName = await promptAsync('Username: ');
+	let password = await promptAsync('Password (hidden): ', true);
+
+	// Create a LoginSession for us to use to attempt to log into steam
+	let session = new SteamSession.LoginSession(SteamSession.EAuthTokenPlatformType.MobileApp);
+
+	// Go ahead and attach our event handlers before we do anything else.
+	session.on('authenticated', async () => {
+		abortPrompt();
+
+		let cookies = await session.getWebCookies();
+		community.setCookies(cookies);
+
+		doConfirmations();
+	});
+
+	session.on('timeout', () => {
+		abortPrompt();
+		console.log('This login attempt has timed out.');
+	});
+
+	session.on('error', (err) => {
+		abortPrompt();
+
+		// This should ordinarily not happen. This only happens in case there's some kind of unexpected error while
+		// polling, e.g. the network connection goes down or Steam chokes on something.
+
+		console.log(`ERROR: This login attempt has failed! ${err.message}`);
+	});
+
+	// Start our login attempt
+	let startResult = await session.startWithCredentials({accountName, password});
+	if (startResult.actionRequired) {
+		// Some Steam Guard action is required. We only care about email and device codes; in theory an
+		// EmailConfirmation and/or DeviceConfirmation action could be possible, but we're just going to ignore those.
+		// If the user does receive a confirmation and accepts it, LoginSession will detect and handle that automatically.
+		// The only consequence of ignoring it here is that we don't print a message to the user indicating that they
+		// could accept an email or device confirmation.
+
+		let codeActionTypes = [SteamSession.EAuthSessionGuardType.EmailCode, SteamSession.EAuthSessionGuardType.DeviceCode];
+		let codeAction = startResult.validActions.find(action => codeActionTypes.includes(action.type));
+		if (codeAction) {
+			if (codeAction.type == SteamSession.EAuthSessionGuardType.EmailCode) {
+				// We wouldn't expect this to happen since mobile confirmations are only possible with 2FA enabled, but just in case...
+				console.log(`A code has been sent to your email address at ${codeAction.detail}.`);
+			} else {
+				console.log('You need to provide a Steam Guard Mobile Authenticator code.');
+			}
+
+			let code = await promptAsync('Code or Shared Secret: ');
+			if (code) {
+				// The code might've been a shared secret
+				if (code.length > 10) {
+					code = SteamTotp.getAuthCode(code);
+				}
+				await session.submitSteamGuardCode(code);
+			}
+
+			// If we fall through here without submitting a Steam Guard code, that means one of two things:
+			//   1. The user pressed enter without providing a code, in which case the script will simply exit
+			//   2. The user approved a device/email confirmation, in which case 'authenticated' was emitted and the prompt was canceled
+		}
+	}
+}
+
+async function doConfirmations() {
+	let identitySecret = await promptAsync('Identity Secret: ');
+
+	let confs = await new Promise((resolve, reject) => {
+		let time = SteamTotp.time();
+		let key = SteamTotp.getConfirmationKey(identitySecret, time, 'conf');
+		community.getConfirmations(time, key, (err, confs) => {
+			if (err) {
+				return reject(err);
+			}
+
+			resolve(confs);
+		});
+	});
+
+	console.log(`Found ${confs.length} outstanding confirmations.`);
+
+	// We need to track the previous timestamp we used, as we cannot reuse timestamps.
+	let previousTime = 0;
+
+	for (let i = 0; i < confs.length; i++) {
+		let conf = confs[i];
+
+		process.stdout.write(`Accepting confirmation for ${EConfirmationType[conf.type]} - ${conf.title}... `);
+
+		try {
+			await new Promise((resolve, reject) => {
+				let time = SteamTotp.time();
+				if (time == previousTime) {
+					time++;
+				}
+
+				previousTime = time;
+				let key = SteamTotp.getConfirmationKey(identitySecret, time, 'allow');
+				conf.respond(time, key, true, (err) => {
+					err ? reject(err) : resolve();
+				});
+			});
+
+			console.log('success');
+		} catch (ex) {
+			console.log(`error: ${ex.message}`);
+		}
+
+		// sleep 500ms so we don't run too far away from the current timestamp
+		await new Promise(resolve => setTimeout(resolve, 500));
+	}
+
+	console.log('Finished processing confirmations');
+	process.exit(0);
+}
+
+// Nothing interesting below here, just code for prompting for input from the console.
+
+function promptAsync(question, sensitiveInput = false) {
+	return new Promise((resolve) => {
+		let rl = ReadLine.createInterface({
+			input: process.stdin,
+			output: sensitiveInput ? null : process.stdout,
+			terminal: true
+		});
+
+		g_AbortPromptFunc = () => {
+			rl.close();
+			resolve('');
+		};
+
+		if (sensitiveInput) {
+			// We have to write the question manually if we didn't give readline an output stream
+			process.stdout.write(question);
+		}
+
+		rl.question(question, (result) => {
+			if (sensitiveInput) {
+				// We have to manually print a newline
+				process.stdout.write('\n');
+			}
+
+			g_AbortPromptFunc = null;
+			rl.close();
+			resolve(result);
+		});
+	});
+}
+
+function abortPrompt() {
+	if (!g_AbortPromptFunc) {
+		return;
+	}
+
+	g_AbortPromptFunc();
+	process.stdout.write('\n');
+}