steamcommunity 3.46.1 → 3.47.1

package/examples/enable_twofactor.js

@@ -1,182 +1,182 @@
-// If you aren't running this script inside of the repository, replace the following line with:
-// const SteamCommunity = require('steamcommunity');
-const SteamCommunity = require('../index.js');
-const SteamSession = require('steam-session');
-const ReadLine = require('readline');
-const FS = require('fs');
-
-const EResult = SteamCommunity.EResult;
-
-let g_AbortPromptFunc = null;
-
-let community = new SteamCommunity();
-
-main();
-async function main() {
-	let accountName = await promptAsync('Username: ');
-	let password = await promptAsync('Password (hidden): ', true);
-
-	// Create a LoginSession for us to use to attempt to log into steam
-	let session = new SteamSession.LoginSession(SteamSession.EAuthTokenPlatformType.MobileApp);
-
-	// Go ahead and attach our event handlers before we do anything else.
-	session.on('authenticated', async () => {
-		abortPrompt();
-
-		let accessToken = session.accessToken;
-		let cookies = await session.getWebCookies();
-
-		community.setCookies(cookies);
-		community.setMobileAppAccessToken(accessToken);
-
-		// Enabling or disabling 2FA is presently the only action in node-steamcommunity which requires an access token.
-		// In all other cases, using `community.setCookies(cookies)` is all you need to do in order to be logged in,
-		// although there's never any harm in setting a mobile app access token.
-
-		doSetup();
-	});
-
-	session.on('timeout', () => {
-		abortPrompt();
-		console.log('This login attempt has timed out.');
-	});
-
-	session.on('error', (err) => {
-		abortPrompt();
-
-		// This should ordinarily not happen. This only happens in case there's some kind of unexpected error while
-		// polling, e.g. the network connection goes down or Steam chokes on something.
-
-		console.log(`ERROR: This login attempt has failed! ${err.message}`);
-	});
-
-	// Start our login attempt
-	let startResult = await session.startWithCredentials({accountName, password});
-	if (startResult.actionRequired) {
-		// Some Steam Guard action is required. We only care about email and device codes; in theory an
-		// EmailConfirmation and/or DeviceConfirmation action could be possible, but we're just going to ignore those.
-		// If the user does receive a confirmation and accepts it, LoginSession will detect and handle that automatically.
-		// The only consequence of ignoring it here is that we don't print a message to the user indicating that they
-		// could accept an email or device confirmation.
-
-		let codeActionTypes = [SteamSession.EAuthSessionGuardType.EmailCode, SteamSession.EAuthSessionGuardType.DeviceCode];
-		let codeAction = startResult.validActions.find(action => codeActionTypes.includes(action.type));
-		if (codeAction) {
-			if (codeAction.type == SteamSession.EAuthSessionGuardType.EmailCode) {
-				console.log(`A code has been sent to your email address at ${codeAction.detail}.`);
-			} else {
-				// We wouldn't expect this to happen since we're trying to enable 2FA, but just in case...
-				console.log('You need to provide a Steam Guard Mobile Authenticator code.');
-			}
-
-			let code = await promptAsync('Code: ');
-			if (code) {
-				await session.submitSteamGuardCode(code);
-			}
-
-			// If we fall through here without submitting a Steam Guard code, that means one of two things:
-			//   1. The user pressed enter without providing a code, in which case the script will simply exit
-			//   2. The user approved a device/email confirmation, in which case 'authenticated' was emitted and the prompt was canceled
-		}
-	}
-}
-
-function doSetup() {
-	community.enableTwoFactor((err, response) => {
-		if (err) {
-			if (err.eresult == EResult.Fail) {
-				console.log('Error: Failed to enable two-factor authentication. Do you have a phone number attached to your account?');
-				process.exit();
-				return;
-			}
-
-			if (err.eresult == EResult.RateLimitExceeded) {
-				console.log('Error: RateLimitExceeded. Try again later.');
-				process.exit();
-				return;
-			}
-
-			console.log(err);
-			process.exit();
-			return;
-		}
-
-		if (response.status != EResult.OK) {
-			console.log(`Error: Status ${response.status}`);
-			process.exit();
-			return;
-		}
-
-		let filename = `twofactor_${community.steamID.getSteamID64()}.json`;
-		console.log(`Writing secrets to ${filename}`);
-		console.log(`Revocation code: ${response.revocation_code}`);
-		FS.writeFileSync(filename, JSON.stringify(response, null, '\t'));
-
-		promptActivationCode(response);
-	});
-}
-
-async function promptActivationCode(response) {
-	if (response.phone_number_hint) {
-		console.log(`A code has been sent to your phone ending in ${response.phone_number_hint}.`);
-	}
-
-	let smsCode = await promptAsync('SMS Code: ');
-	community.finalizeTwoFactor(response.shared_secret, smsCode, (err) => {
-		if (err) {
-			if (err.message == 'Invalid activation code') {
-				console.log(err);
-				promptActivationCode(response);
-				return;
-			}
-
-			console.log(err);
-		} else {
-			console.log('Two-factor authentication enabled!');
-		}
-
-		process.exit();
-	});
-}
-
-// Nothing interesting below here, just code for prompting for input from the console.
-
-function promptAsync(question, sensitiveInput = false) {
-	return new Promise((resolve) => {
-		let rl = ReadLine.createInterface({
-			input: process.stdin,
-			output: sensitiveInput ? null : process.stdout,
-			terminal: true
-		});
-
-		g_AbortPromptFunc = () => {
-			rl.close();
-			resolve('');
-		};
-
-		if (sensitiveInput) {
-			// We have to write the question manually if we didn't give readline an output stream
-			process.stdout.write(question);
-		}
-
-		rl.question(question, (result) => {
-			if (sensitiveInput) {
-				// We have to manually print a newline
-				process.stdout.write('\n');
-			}
-
-			g_AbortPromptFunc = null;
-			rl.close();
-			resolve(result);
-		});
-	});
-}
-
-function abortPrompt() {
-	if (!g_AbortPromptFunc) {
-		return;
-	}
-
-	g_AbortPromptFunc();
-	process.stdout.write('\n');
-}
+// If you aren't running this script inside of the repository, replace the following line with:
+// const SteamCommunity = require('steamcommunity');
+const SteamCommunity = require('../index.js');
+const SteamSession = require('steam-session');
+const ReadLine = require('readline');
+const FS = require('fs');
+
+const EResult = SteamCommunity.EResult;
+
+let g_AbortPromptFunc = null;
+
+let community = new SteamCommunity();
+
+main();
+async function main() {
+	let accountName = await promptAsync('Username: ');
+	let password = await promptAsync('Password (hidden): ', true);
+
+	// Create a LoginSession for us to use to attempt to log into steam
+	let session = new SteamSession.LoginSession(SteamSession.EAuthTokenPlatformType.MobileApp);
+
+	// Go ahead and attach our event handlers before we do anything else.
+	session.on('authenticated', async () => {
+		abortPrompt();
+
+		let accessToken = session.accessToken;
+		let cookies = await session.getWebCookies();
+
+		community.setCookies(cookies);
+		community.setMobileAppAccessToken(accessToken);
+
+		// Enabling or disabling 2FA is presently the only action in node-steamcommunity which requires an access token.
+		// In all other cases, using `community.setCookies(cookies)` is all you need to do in order to be logged in,
+		// although there's never any harm in setting a mobile app access token.
+
+		doSetup();
+	});
+
+	session.on('timeout', () => {
+		abortPrompt();
+		console.log('This login attempt has timed out.');
+	});
+
+	session.on('error', (err) => {
+		abortPrompt();
+
+		// This should ordinarily not happen. This only happens in case there's some kind of unexpected error while
+		// polling, e.g. the network connection goes down or Steam chokes on something.
+
+		console.log(`ERROR: This login attempt has failed! ${err.message}`);
+	});
+
+	// Start our login attempt
+	let startResult = await session.startWithCredentials({accountName, password});
+	if (startResult.actionRequired) {
+		// Some Steam Guard action is required. We only care about email and device codes; in theory an
+		// EmailConfirmation and/or DeviceConfirmation action could be possible, but we're just going to ignore those.
+		// If the user does receive a confirmation and accepts it, LoginSession will detect and handle that automatically.
+		// The only consequence of ignoring it here is that we don't print a message to the user indicating that they
+		// could accept an email or device confirmation.
+
+		let codeActionTypes = [SteamSession.EAuthSessionGuardType.EmailCode, SteamSession.EAuthSessionGuardType.DeviceCode];
+		let codeAction = startResult.validActions.find(action => codeActionTypes.includes(action.type));
+		if (codeAction) {
+			if (codeAction.type == SteamSession.EAuthSessionGuardType.EmailCode) {
+				console.log(`A code has been sent to your email address at ${codeAction.detail}.`);
+			} else {
+				// We wouldn't expect this to happen since we're trying to enable 2FA, but just in case...
+				console.log('You need to provide a Steam Guard Mobile Authenticator code.');
+			}
+
+			let code = await promptAsync('Code: ');
+			if (code) {
+				await session.submitSteamGuardCode(code);
+			}
+
+			// If we fall through here without submitting a Steam Guard code, that means one of two things:
+			//   1. The user pressed enter without providing a code, in which case the script will simply exit
+			//   2. The user approved a device/email confirmation, in which case 'authenticated' was emitted and the prompt was canceled
+		}
+	}
+}
+
+function doSetup() {
+	community.enableTwoFactor((err, response) => {
+		if (err) {
+			if (err.eresult == EResult.Fail) {
+				console.log('Error: Failed to enable two-factor authentication. Do you have a phone number attached to your account?');
+				process.exit();
+				return;
+			}
+
+			if (err.eresult == EResult.RateLimitExceeded) {
+				console.log('Error: RateLimitExceeded. Try again later.');
+				process.exit();
+				return;
+			}
+
+			console.log(err);
+			process.exit();
+			return;
+		}
+
+		if (response.status != EResult.OK) {
+			console.log(`Error: Status ${response.status}`);
+			process.exit();
+			return;
+		}
+
+		let filename = `twofactor_${community.steamID.getSteamID64()}.json`;
+		console.log(`Writing secrets to ${filename}`);
+		console.log(`Revocation code: ${response.revocation_code}`);
+		FS.writeFileSync(filename, JSON.stringify(response, null, '\t'));
+
+		promptActivationCode(response);
+	});
+}
+
+async function promptActivationCode(response) {
+	if (response.phone_number_hint) {
+		console.log(`A code has been sent to your phone ending in ${response.phone_number_hint}.`);
+	}
+
+	let smsCode = await promptAsync('SMS Code: ');
+	community.finalizeTwoFactor(response.shared_secret, smsCode, (err) => {
+		if (err) {
+			if (err.message == 'Invalid activation code') {
+				console.log(err);
+				promptActivationCode(response);
+				return;
+			}
+
+			console.log(err);
+		} else {
+			console.log('Two-factor authentication enabled!');
+		}
+
+		process.exit();
+	});
+}
+
+// Nothing interesting below here, just code for prompting for input from the console.
+
+function promptAsync(question, sensitiveInput = false) {
+	return new Promise((resolve) => {
+		let rl = ReadLine.createInterface({
+			input: process.stdin,
+			output: sensitiveInput ? null : process.stdout,
+			terminal: true
+		});
+
+		g_AbortPromptFunc = () => {
+			rl.close();
+			resolve('');
+		};
+
+		if (sensitiveInput) {
+			// We have to write the question manually if we didn't give readline an output stream
+			process.stdout.write(question);
+		}
+
+		rl.question(question, (result) => {
+			if (sensitiveInput) {
+				// We have to manually print a newline
+				process.stdout.write('\n');
+			}
+
+			g_AbortPromptFunc = null;
+			rl.close();
+			resolve(result);
+		});
+	});
+}
+
+function abortPrompt() {
+	if (!g_AbortPromptFunc) {
+		return;
+	}
+
+	g_AbortPromptFunc();
+	process.stdout.write('\n');
+}

package/index.js

@@ -1,12 +1,9 @@
-const hex2b64 = require('node-bignumber').hex2b64;
+const {chrome} = require('@doctormckay/user-agents');
 const Request = require('request');
-const RSA = require('node-bignumber').Key;
 const SteamID = require('steamid');
 
 const Helpers = require('./components/helpers.js');
 
-const USER_AGENT = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36";
-
 require('util').inherits(SteamCommunity, require('events').EventEmitter);
 
 module.exports = SteamCommunity;
@@ -31,7 +28,7 @@ function SteamCommunity(options) {
 		"timeout": options.timeout || 50000,
 		"gzip": true,
 		"headers": {
-			"User-Agent": options.userAgent || USER_AGENT
+			"User-Agent": options.userAgent || chrome()
 		}
 	};
 
@@ -61,158 +58,22 @@ SteamCommunity.prototype.login = function(details, callback) {
 		throw new Error("Missing either accountName or password to login; both are needed");
 	}
 
-	if (details.steamguard) {
-		var parts = details.steamguard.split('||');
-		this._setCookie(Request.cookie('steamMachineAuth' + parts[0] + '=' + encodeURIComponent(parts[1])), true);
-	}
-
-	var disableMobile = typeof details.disableMobile == 'undefined' ? true : details.disableMobile;
-
-	var self = this;
-
 	// Delete the cache
-	delete self._profileURL;
-
-	// headers required to convince steam that we're logging in from a mobile device so that we can get the oAuth data
-	var mobileHeaders = {};
-	if (!disableMobile) {
-		mobileHeaders = {
-			"X-Requested-With": "com.valvesoftware.android.steam.community",
-			"Referer": "https://steamcommunity.com/mobilelogin?oauth_client_id=DE45CD61&oauth_scope=read_profile%20write_profile%20read_client%20write_client",
-			"User-Agent": this._options.mobileUserAgent || details.mobileUserAgent || "Mozilla/5.0 (Linux; U; Android 4.1.1; en-us; Google Nexus 4 - 4.1.1 - API 16 - 768x1280 Build/JRO03S) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30",
-			"Accept": "text/javascript, text/html, application/xml, text/xml, */*"
-		};
-
-		this._setCookie(Request.cookie("mobileClientVersion=0 (2.1.3)"));
-		this._setCookie(Request.cookie("mobileClient=android"));
-	} else {
-		mobileHeaders = {"Referer": "https://steamcommunity.com/login"};
-	}
-
-	this.httpRequestPost("https://steamcommunity.com/login/getrsakey/", {
-		"form": {"username": details.accountName},
-		"headers": mobileHeaders,
-		"json": true
-	}, function(err, response, body) {
-		// Remove the mobile cookies
-		if (err) {
-			deleteMobileCookies();
-			callback(err);
-			return;
-		}
+	delete this._profileURL;
 
-		if (!body.publickey_mod || !body.publickey_exp) {
-			deleteMobileCookies();
-			callback(new Error("Invalid RSA key received"));
-			return;
-		}
+	// default disableMobile to true
+	let logOnOptions = Object.assign({}, details);
+	logOnOptions.disableMobile = details.disableMobile !== false;
 
-		var key = new RSA();
-		key.setPublic(body.publickey_mod, body.publickey_exp);
-
-		var formObj = {
-			"captcha_text": details.captcha || "",
-			"captchagid": self._captchaGid,
-			"emailauth": details.authCode || "",
-			"emailsteamid": "",
-			"password": hex2b64(key.encrypt(details.password)),
-			"remember_login": "true",
-			"rsatimestamp": body.timestamp,
-			"twofactorcode": details.twoFactorCode || "",
-			"username": details.accountName,
-			"loginfriendlyname": "",
-			"donotcache": Date.now()
-		};
+	this._modernLogin(logOnOptions).then(({sessionID, cookies, steamguard, mobileAccessToken}) => {
+		this.setCookies(cookies);
 
-		if (!disableMobile) {
-			formObj.oauth_client_id = "DE45CD61";
-			formObj.oauth_scope = "read_profile write_profile read_client write_client";
-			formObj.loginfriendlyname = "#login_emailauth_friendlyname_mobile";
+		if (mobileAccessToken) {
+			this.setMobileAppAccessToken(mobileAccessToken);
 		}
 
-		self.httpRequestPost({
-			"uri": "https://steamcommunity.com/login/dologin/",
-			"json": true,
-			"form": formObj,
-			"headers": mobileHeaders
-		}, function(err, response, body) {
-			deleteMobileCookies();
-
-			if (err) {
-				callback(err);
-				return;
-			}
-
-			var error;
-			if (!body.success && body.emailauth_needed) {
-				// Steam Guard (email)
-				error = new Error("SteamGuard");
-				error.emaildomain = body.emaildomain;
-
-				callback(error);
-			} else if (!body.success && body.requires_twofactor) {
-				// Steam Guard (app)
-				callback(new Error("SteamGuardMobile"));
-			} else if (!body.success && body.captcha_needed && body.message.match(/Please verify your humanity/)) {
-				error = new Error("CAPTCHA");
-				error.captchaurl = "https://steamcommunity.com/login/rendercaptcha/?gid=" + body.captcha_gid;
-
-				self._captchaGid = body.captcha_gid;
-
-				callback(error);
-			} else if (!body.success) {
-				callback(new Error(body.message || "Unknown error"));
-			} else {
-				var sessionID = generateSessionID();
-				var oAuth = {};
-				self._setCookie(Request.cookie('sessionid=' + sessionID));
-
-				var cookies = self._jar.getCookieString("https://steamcommunity.com").split(';').map(function(cookie) {
-					return cookie.trim();
-				});
-
-				if (!disableMobile && body.oauth) {
-					oAuth = JSON.parse(body.oauth);
-					self.steamID = new SteamID(oAuth.steamid);
-					self.oAuthToken = oAuth.oauth_token;
-				} else {
-					for(var i = 0; i < cookies.length; i++) {
-						var parts = cookies[i].split('=');
-						if(parts[0] == 'steamLogin') {
-							self.steamID = new SteamID(decodeURIComponent(parts[1]).split('||')[0])
-							break;
-						}
-					}
-
-					self.oAuthToken = null;
-				}
-
-				// Find the Steam Guard cookie
-				var steamguard = null;
-				for (var i = 0; i < cookies.length; i++) {
-					var parts = cookies[i].split('=');
-					if(parts[0] == 'steamMachineAuth' + self.steamID) {
-						steamguard = self.steamID.toString() + '||' + decodeURIComponent(parts[1]);
-						break;
-					}
-				}
-
-				self.setCookies(cookies);
-
-				callback(null, sessionID, cookies, steamguard, disableMobile ? null : oAuth.oauth_token);
-			}
-		}, "steamcommunity");
-	}, "steamcommunity");
-
-	function deleteMobileCookies() {
-		var cookie = Request.cookie('mobileClientVersion=');
-		cookie.expires = new Date(0);
-		self._setCookie(cookie);
-
-		cookie = Request.cookie('mobileClient=');
-		cookie.expires = new Date(0);
-		self._setCookie(cookie);
-	}
+		callback(null, sessionID, cookies, steamguard, null);
+	}).catch(err => callback(err));
 };
 
 /**
@@ -576,6 +437,7 @@ SteamCommunity.prototype.getFriendsList = function(callback) {
 	});
 };
 
+require('./components/login.js');
 require('./components/http.js');
 require('./components/chat.js');
 require('./components/profile.js');

package/package.json

@@ -1,7 +1,14 @@
 {
 	"name": "steamcommunity",
-	"version": "3.46.1",
+	"version": "3.47.1",
 	"description": "Provides an interface for logging into and interacting with the Steam Community website",
+	"files": [
+		"/classes",
+		"/components",
+		"/examples",
+		"/resources",
+		"/index.js"
+	],
 	"keywords": [
 		"steam",
 		"steam community"
@@ -21,17 +28,15 @@
 		"url": "https://github.com/DoctorMcKay/node-steamcommunity.git"
 	},
 	"dependencies": {
+	  	"@doctormckay/user-agents": "^1.0.0",
 		"async": "^2.6.3",
 		"cheerio": "0.22.0",
 		"image-size": "^0.8.2",
-		"node-bignumber": "^1.2.1",
 		"request": "^2.88.0",
+		"steam-session": "^1.6.0",
 		"steam-totp": "^1.5.0",
 		"steamid": "^1.1.3",
-		"xml2js": "^0.4.22"
-	},
-	"devDependencies": {
-		"steam-session": "^1.2.3"
+		"xml2js": "^0.6.2"
 	},
 	"engines": {
 		"node": ">=4.0.0"

package/resources/EChatState.js

@@ -1,14 +1,14 @@
-/**
- * @enum EChatState
- */
-module.exports = {
-	"Offline": 0,
-	"LoggingOn": 1,
-	"LogOnFailed": 2,
-	"LoggedOn": 3,
-
-	"0": "Offline",
-	"1": "LoggingOn",
-	"2": "LogOnFailed",
-	"3": "LoggedOn"
-};
+/**
+ * @enum EChatState
+ */
+module.exports = {
+	"Offline": 0,
+	"LoggingOn": 1,
+	"LogOnFailed": 2,
+	"LoggedOn": 3,
+
+	"0": "Offline",
+	"1": "LoggingOn",
+	"2": "LogOnFailed",
+	"3": "LoggedOn"
+};

package/resources/EConfirmationType.js

@@ -1,12 +1,12 @@
-/**
- * @enum EConfirmationType
- */
-module.exports = {
-	// 1 is unknown, possibly "Invalid"
-	"Trade": 2,
-	"MarketListing": 3,
-	// 4 is opt-out or other like account confirmation?
-
-	"2": "Trade",
-	"3": "MarketListing"
-};
+/**
+ * @enum EConfirmationType
+ */
+module.exports = {
+	// 1 is unknown, possibly "Invalid"
+	"Trade": 2,
+	"MarketListing": 3,
+	// 4 is opt-out or other like account confirmation?
+
+	"2": "Trade",
+	"3": "MarketListing"
+};