mirror
/
ValvePython.steam
mirror of https://github.com/ValvePython/steam
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

WebAuth: rework how cookies are set on all domains

pull/41/head
Rossen Georgiev 9 years ago
parent
aef88e4547
commit
793a200edd
4 changed files with 17 additions and 16 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      steam/webauth.py
  2. 8
      tests/generete_webauth_vcr.py
  3. 5
      tests/test_webauth.py
  4. 5
      vcr/webauth_user_pass_only_success.yaml

15
steam/webauth.py
View File

@ -163,21 +163,14 @@ class WebAuth(object):
self.complete = True self.complete = True
self.password = None self.password = None
rememberLogin = self.session.cookies['steamRememberLogin'] if 'steamRememberLogin' in self.session.cookies else None
self.session.cookies.clear()
data = resp['transfer_parameters'] data = resp['transfer_parameters']
self.steamid = SteamID(data['steamid']) self.steamid = SteamID(data['steamid'])
for cookie in list(self.session.cookies):
for domain in ['store.steampowered.com', 'help.steampowered.com', 'steamcommunity.com']:
self.session.cookies.set(cookie.name, cookie.value, domain=domain, secure=cookie.secure)
for domain in ['store.steampowered.com', 'help.steampowered.com', 'steamcommunity.com']: for domain in ['store.steampowered.com', 'help.steampowered.com', 'steamcommunity.com']:
if rememberLogin:
self.session.cookies.set('steamRememberLogin', '%s||%s' % (data['steamid'], rememberLogin),
domain=domain, secure=False)
self.session.cookies.set('steamLogin', '%s||%s' % (data['steamid'], data['token']),
domain=domain, secure=False)
self.session.cookies.set('steamLoginSecure', '%s||%s' % (data['steamid'], data['token_secure']),
domain=domain, secure=True)
self.session.cookies.set('Steam_Language', language, domain=domain) self.session.cookies.set('Steam_Language', language, domain=domain)
self.session.cookies.set('birthtime', '-3333', domain=domain) self.session.cookies.set('birthtime', '-3333', domain=domain)

8
tests/generete_webauth_vcr.py
View File

@ -26,7 +26,11 @@ def request_scrubber(r):
def response_scrubber(r): def response_scrubber(r):
if 'set-cookie' in r['headers']: if 'set-cookie' in r['headers']:
del r['headers']['set-cookie'] r['headers']['set-cookie'] = [
'steamLogin=0%7C%7C{}; path=/; httponly'.format('A'*16),
'steamLoginSecure=0%7C%7C{}; path=/; httponly; secure'.format('B'*16),
'steamMachineAuth=0%7C%7C{}; path=/; httponly'.format('C'*16),
]
if r.get('body', ''): if r.get('body', ''):
data = json.loads(r['body']['string']) data = json.loads(r['body']['string'])
@ -37,7 +41,7 @@ def response_scrubber(r):
data['transfer_parameters']['steamid'] = '0' data['transfer_parameters']['steamid'] = '0'
data['transfer_parameters']['token'] = 'A'*16 data['transfer_parameters']['token'] = 'A'*16
data['transfer_parameters']['token_secure'] = 'B'*16 data['transfer_parameters']['token_secure'] = 'B'*16
data['transfer_parameters']['auth'] = 'C'*16 data['transfer_parameters']['auth'] = 'Z'*16
body = json.dumps(data) body = json.dumps(data)
r['body']['string'] = body r['body']['string'] = body

5
tests/test_webauth.py
View File

@ -36,8 +36,9 @@ class WACase(unittest.TestCase):
self.assertIsInstance(s, requests.Session) self.assertIsInstance(s, requests.Session)
for domain in s.cookies.list_domains(): for domain in s.cookies.list_domains():
self.assertEqual(s.cookies.get('steamLogin', domain=domain), '0||%s' % ('A'*16)) self.assertEqual(s.cookies.get('steamLogin', domain=domain), '0%7C%7C{}'.format('A'*16))
self.assertEqual(s.cookies.get('steamLoginSecure', domain=domain), '0||%s' % ('B'*16)) self.assertEqual(s.cookies.get('steamLoginSecure', domain=domain), '0%7C%7C{}'.format('B'*16))
self.assertEqual(s.cookies.get('steamMachineAuth', domain=domain), '0%7C%7C{}'.format('C'*16))
self.assertEqual(s, user.login()) self.assertEqual(s, user.login())

5
vcr/webauth_user_pass_only_success.yaml
View File

@ -39,7 +39,7 @@ interactions:
body: {string: !!python/unicode '{"requires_twofactor": false, "login_complete": body: {string: !!python/unicode '{"requires_twofactor": false, "login_complete":
true, "transfer_urls": ["https://steamcommunity.com/login/transfer", "https://help.steampowered.com/login/transfer"], true, "transfer_urls": ["https://steamcommunity.com/login/transfer", "https://help.steampowered.com/login/transfer"],
"transfer_parameters": {"steamid": "0", "remember_login": false, "token": "transfer_parameters": {"steamid": "0", "remember_login": false, "token":
"AAAAAAAAAAAAAAAA", "token_secure": "BBBBBBBBBBBBBBBB", "auth": "CCCCCCCCCCCCCCCC"}, "AAAAAAAAAAAAAAAA", "token_secure": "BBBBBBBBBBBBBBBB", "auth": "ZZZZZZZZZZZZZZZZ"},
"success": true}'} "success": true}'}
headers: headers:
cache-control: [no-cache] cache-control: [no-cache]
@ -49,6 +49,9 @@ interactions:
date: ['Fri, 13 May 2016 03:01:25 GMT'] date: ['Fri, 13 May 2016 03:01:25 GMT']
expires: ['Mon, 26 Jul 1997 05:00:00 GMT'] expires: ['Mon, 26 Jul 1997 05:00:00 GMT']
server: [Apache] server: [Apache]
set-cookie: [steamLogin=0%7C%7CAAAAAAAAAAAAAAAA; path=/; httponly, steamLoginSecure=0%7C%7CBBBBBBBBBBBBBBBB;
path=/; httponly; secure, steamMachineAuth=0%7C%7CCCCCCCCCCCCCCCCC; path=/;
httponly]
x-frame-options: [DENY] x-frame-options: [DENY]
status: {code: 200, message: OK} status: {code: 200, message: OK}
version: 1 version: 1

Write Preview
Loading…
Cancel
Save