regner
commented
6 years ago O_O You were NOT directing to HTTPS?
Closed MorpheusXAUT closed 6 years ago
regner
commented
6 years ago O_O You were NOT directing to HTTPS?
MorpheusXAUT
commented
6 years ago The initial Steam OpenID provider URL was HTTP-only up until a few days ago, at least the identity returned definitely was (see https://github.com/MorpheusXAUT/slotlist-backend/blob/master/src/shared/services/SteamService.ts#L62). The actual Steam login page itself always used HTTPS.
Since they've changed that now, the verification regex failed, probably should have included an optional s to start out with, oops 😬
regner
commented
6 years ago Ahhhhhhh
Steam switched their community URLs to use HTTPS, currently breaking the SSO login parsing. This should be fixed ASAP.