TODO and discussion

[DoctorMcKay]

• Ability to get cookies
• Ability to logout and thus turn a token into a steam guard machine auth
• QR login
• Handle multiple valid confirmation types (e.g. device code and device confirmation)
  • Requires a change to the API since emitting the authSessionGuardRequired event multiple times isn't a good experience
  • Maybe we could just return the guards to startWithCredentials
• Login attempt should timeout at some point
• Documentation
• Tests
• Document website ids
• Proxy support
• Figure out how the app refreshes its access token
  • https://github.com/DoctorMcKay/node-steam-session/blob/master/protobufs/steammessages_auth.steamclient.proto#L145-L152
• Handle timeouts when sending requests over a CM websocket

[fcastrocs]

How does one use the access_token to login using CMsgClientLogon? I'm passing account_name and access_token, but it returns AccessDenied

[DoctorMcKay]

How does one use the access_token to login using CMsgClientLogon? I'm passing account_name and access_token, but it returns AccessDenied

I haven't fully investigated this yet, but I believe you don't need to pass account_name, and you also need to set the steamID in the message header to your own.

[DoctorMcKay]

Also, the client passes a refresh token to access_token because of course it does.

[fcastrocs]

Also, the client passes a refresh token to access_token because of course it does.

haha, Valve things. Oh well, thanks for investigating this.

[akuma0]

Hi, I have a question about the login-with-password.ts. Actually, the session is create with EAuthTokenPlatformType.SteamClient by default. i've try to use it with WebBrowser because i only need a web token. But i never receive the steam guard email. More strange, when i debug the BeginAuthSessionViaCredentials result i got the allowed_confirmations CAuthentication_BeginAuthSessionViaCredentials_Response: client_id: XXX request_id: "XXX" interval: 5.0 allowed_confirmations { confirmation_type: k_EAuthSessionGuardType_EmailCode associated_message: "gmail.com" } allowed_confirmations { confirmation_type: k_EAuthSessionGuardType_MachineToken } ...

Any idea...? Did the EAuthTokenPlatformType.SteamClient is mandatory in the session ?

[DoctorMcKay]

Hi, I have a question about the login-with-password.ts. Actually, the session is create with EAuthTokenPlatformType.SteamClient by default. i've try to use it with WebBrowser because i only need a web token. But i never receive the steam guard email. More strange, when i debug the BeginAuthSessionViaCredentials result i got the allowed_confirmations CAuthentication_BeginAuthSessionViaCredentials_Response: client_id: XXX request_id: "XXX" interval: 5.0 allowed_confirmations { confirmation_type: k_EAuthSessionGuardType_EmailCode associated_message: "gmail.com" } allowed_confirmations { confirmation_type: k_EAuthSessionGuardType_MachineToken } ...

Any idea...? Did the EAuthTokenPlatformType.SteamClient is mandatory in the session ?

I see no reason why you wouldn't be getting your email code. Check your spam I guess.

[akuma0]

Already done, no mail anywhere... Before the recent update (websocket) i was using EAuthTokenPlatformType.SteamClient and the mail was send and received, but when i used WebBrowser, i didn't receive it. That's why i used SteamClient before. Did the WebBrowser platform works for you...?

Resolved: that's was a http call issue in /jwt/checkdevice

[tairasoul]

kind of confused, what fires the steamGuardMachineToken event? i see no examples and adding a listener for it to the original LoginSession i make doesn't do anything, upon calling eventNames() i only got 'debug'

[DoctorMcKay]

kind of confused, what fires the steamGuardMachineToken event?

https://github.com/DoctorMcKay/node-steam-session/blob/master/src/LoginSession.ts#L378

This is only relevant when logging on with EAuthTokenPlatformType.SteamClient.

[venila]

how to get the OAuthToken via node-steam-session?

[DoctorMcKay]

how to get the OAuthToken via node-steam-session?

https://github.com/DoctorMcKay/node-steam-session/tree/master/examples

[venila]

how to get the OAuthToken via node-steam-session?

https://github.com/DoctorMcKay/node-steam-session/tree/master/examples

no mention about OAuthToken there. even if you specify the EAuthTokenPlatformType.MobileApp you can't get it.

[DoctorMcKay]

Oh, that. Those tokens aren't really a thing anymore.

[DoctorMcKay]

@venila I need to add better support for this to node-steamcommunity, but if you're trying to enable or disable 2FA, I think it'll work if you use steam-session's access_token in place of the oauth token. Like this:

// This assumes that `session` is a steam-session LoginSession object and that `community` is a steamcommunity SteamCommunity object
// This additionally assumes that you're using EAuthTokenPlatformType.MobileApp

session.on('authenticated', async () => {
    let webCookies = await session.getWebCookies();
    community.setCookies(webCookies);
    community.oAuthToken = session.accessToken;
});

I haven't checked to confirm that this works, but I think it should.