-
Notifications
You must be signed in to change notification settings - Fork 471
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ISteamUser.GetAuthSessionTicket implementation #789
base: master
Are you sure you want to change the base?
Conversation
/// </summary> | ||
/// <param name="appid">The appid to request the ticket of.</param> | ||
/// <returns><c>null</c> if user isn't fully logged in, doesn't own the game, or steam deemed ticket invalid; otherwise <see cref="TicketInfo" /> instance.</returns> | ||
public async Task<TicketInfo?> GetAuthSessionTicket( uint appid ) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Task returning method seems out of place for me looking at the rest of the codebase, but couldn't figure out how to do it better.
Codecov Report
@@ Coverage Diff @@
## master #789 +/- ##
==========================================
- Coverage 22.77% 22.51% -0.26%
==========================================
Files 95 98 +3
Lines 9329 9494 +165
Branches 772 781 +9
==========================================
+ Hits 2125 2138 +13
- Misses 7069 7221 +152
Partials 135 135
Continue to review full report at Codecov.
|
After recent updates tokens generated with the GetAuthSessionTicket are not valid. Looks like the process was changed a little. Now it doesn't accept obfuscated ip addressess, but requires some "random" value. It worked if zeros were set, but now the value is validated on steam side, if it is 0 or any random value, the token is considered to be invalid. I opened steamclient.dll and steamclient.so in IDA and the lines for appending ip addresses, which looked like this (F5 in IDA):
now look like this:
The function can be found by scanning the *.dll and *.so for these text lines in IDA:
Here are 5 valid tokens generated via game client for 730 appid: |
Implements generating auth token, which can be used by games to authenticate user.
Would welcome feedback, as I'm not sure about some stuff.