From e8b80f27dab2ecf46e4895528905bfa74983daa6 Mon Sep 17 00:00:00 2001 From: Sam Date: Sun, 7 Oct 2018 15:29:15 -0400 Subject: [PATCH 1/6] be nicer in readme thanks markypoo (https://github.com/Marcuzz) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7248bb5..662ba57 100644 --- a/README.md +++ b/README.md @@ -24,4 +24,4 @@ Make sure you have made/performed your migrations along with updating your `User Thanks to these libs which led me to make this - https://github.com/Ehesp/Steam-Login (Parts of code used and re-purposed for laravel) -- https://github.com/invisnik/laravel-steam-auth (Getting me to create a laravel steam auth that isn't shit, your code *totally* doesn't look like Ehesp's you cuck. For others reading this compare the code, invisnik can't even give proper credit) +- https://github.com/invisnik/laravel-steam-auth (Getting me to create a laravel steam auth that isn't bad, couldn't bother giving credit to Ehesp after *stealing* his code) From 82f746babedf22c9b35edbfef8f652b94eb9e1f2 Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 7 Oct 2018 20:35:47 +0100 Subject: [PATCH 2/6] Remove redundant defer --- src/SteamLoginServiceProvider.php | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/SteamLoginServiceProvider.php b/src/SteamLoginServiceProvider.php index 1fc9fa0..a1447c5 100644 --- a/src/SteamLoginServiceProvider.php +++ b/src/SteamLoginServiceProvider.php @@ -6,13 +6,6 @@ class SteamLoginServiceProvider extends ServiceProvider { - /** - * Indicates if loading of the provider is deferred. - * - * @var bool - */ - protected $defer = false; - /** * Bootstrap any application services. * From 55b879082af2b991b2e5668cbf6ffe1470e9a409 Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 7 Oct 2018 20:43:41 +0100 Subject: [PATCH 3/6] Type hint createLoginUrl return param --- src/SteamLogin.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/SteamLogin.php b/src/SteamLogin.php index 12a5a80..ec07ecc 100644 --- a/src/SteamLogin.php +++ b/src/SteamLogin.php @@ -150,11 +150,11 @@ public function setReturnUrl(string $return) /** * Build the steam openid login URL. * - * @param null $return + * @param string|null $return * * @return string */ - public function createLoginUrl($return = null): string + public function createLoginUrl(?string $return = null): string { $params = [ 'openid.ns' => self::OPENID_SPECS, From 443bf9469cbcd6ca7fb6280d7125976956ba9221 Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 7 Oct 2018 20:47:51 +0100 Subject: [PATCH 4/6] Use strict type checks everywhere --- src/SteamLogin.php | 322 +++++++++++++++++++-------------------------- 1 file changed, 132 insertions(+), 190 deletions(-) diff --git a/src/SteamLogin.php b/src/SteamLogin.php index ec07ecc..0314a98 100644 --- a/src/SteamLogin.php +++ b/src/SteamLogin.php @@ -2,68 +2,82 @@ namespace kanalumaddela\LaravelSteamLogin; -use Exception; use GuzzleHttp\Client as GuzzleClient; use GuzzleHttp\Psr7\Response; -use Illuminate\Foundation\Application; -use Illuminate\Http\RedirectResponse; use Illuminate\Support\Facades\Config; +use Illuminate\Support\Fluent; +use SteamID; -class SteamLogin implements SteamLoginInterface +class SteamUser { /** - * Steam OpenID URL. + * Steam Community URL using 64bit steamId. * * @var string */ - const OPENID_STEAM = 'https://steamcommunity.com/openid/login'; + const STEAM_PROFILE = 'https://steamcommunity.com/profiles/%s'; /** - * OpenID Specs. + * Steam Community URL using custom id. * * @var string */ - const OPENID_SPECS = 'http://specs.openid.net/auth/2.0'; + const STEAM_PROFILE_ID = 'https://steamcommunity.com/id/%s'; /** - * SteamUser instance of player details. + * Steam API GetPlayerSummaries URL. * - * @var SteamUser + * @var string */ - public $player; + const STEAM_PLAYER_API = 'https://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=%s&steamids=%s'; /** - * @var string + * personaStates. */ - protected $previousPage; + protected static $personaStates = [ + 'Offline', + 'Online', + 'Busy', + 'Away', + 'Snooze', + 'Looking to trade', + 'Looking to play', + ]; /** - * Login route to redirect to steam. + * Attributes of a user. e.g. steamId, profile, etc. * - * @var string + * @var \stdClass */ - protected $loginRoute; + public $attributes; /** - * Auth handle route after returning from steam. + * Fluent instance of user data. + * + * @var \Illuminate\Support\Fluent + */ + public $fluent; + + /** + * Profile data retrieval method to use. * * @var string */ - protected $authRoute; + protected $method = 'xml'; /** - * Laravel Container/Application. + * URL to use when retrieving a user's profile. * - * @var \Illuminate\Foundation\Application + * @var string */ - protected $app; + protected $profileDataUrl; /** - * Laravel Request instance. + * Guzzle instance. * - * @var \Illuminate\Http\Request + * @var \SteamID */ - protected $request; + protected $steamId; /** * Guzzle instance. @@ -80,221 +94,149 @@ class SteamLogin implements SteamLoginInterface protected $response; /** - * Defines if app is HTTPS. + * SteamUser constructor. Extends SteamID and constructs that first. * - * @var bool + * @param string|int $steamId + * @param GuzzleClient|null $guzzle */ - protected $https; - - /** - * Login URL. - * - * @var string - */ - private $loginUrl; - - /** - * SteamLogin constructor. - * - * @param $app - * - * @throws Exception - */ - public function __construct(Application $app) + public function __construct($steamId, GuzzleClient $guzzle = null) { - $this->app = $app; - $this->request = $app->request; - $this->guzzle = new GuzzleClient(); - $this->https = $this->request->server('HTTP_X_FORWARDED_PROTO') == 'https' ?? isset($_SERVER['https']); + $this->steamId = new SteamID($steamId); + $this->guzzle = $guzzle ?? new GuzzleClient(); - $previousPage = url()->previous(); - $this->loginRoute = route(Config::get('steam-login.routes.login')); - $this->authRoute = route(Config::get('steam-login.routes.auth')); + $this->attributes = new \stdClass(); - $this->previousPage = $this->validRequest() && $this->request->has('redirect') ? $this->request->query('redirect') : ($previousPage != $this->loginRoute && $previousPage != $this->authRoute ? $previousPage : url('/')); + $this->attributes->steamId = $this->steamId->ConvertToUInt64(); + $this->attributes->steamId2 = $this->steamId->RenderSteam2(); + $this->attributes->steamId3 = $this->steamId->RenderSteam3(); + $this->attributes->accountId = $this->steamId->GetAccountID(); + $this->attributes->accountUrl = sprintf(self::STEAM_PROFILE, $this->attributes->steamId3); + $this->attributes->profileDataUrl = sprintf(self::STEAM_PROFILE.'/?xml=1', $this->attributes->steamId); - if (!filter_var($this->previousPage, FILTER_VALIDATE_URL)) { - throw new Exception('previousPage is not valid url'); - } + $this->fluent = new Fluent($this->attributes); - $this->setReturnUrl($this->authRoute.'?redirect='.$previousPage); + $this->method = Config::get('steam-login.method', 'xml') === 'api' ? 'api' : 'xml'; + $this->profileDataUrl = $this->method === 'xml' ? $this->attributes->profileDataUrl : sprintf(self::STEAM_PLAYER_API, Config::get('steam-login.api_key'), $this->attributes->steamId); } /** - * Check if query parameters are valid post steam login. + * magic method __call. * - * @return bool - */ - protected function validRequest() - { - $params = [ - 'openid_assoc_handle', - 'openid_claimed_id', - 'openid_sig', - 'openid_signed', - ]; - - return $this->request->filled($params); - } - - /** - * Generate openid login URL with specified return. - * - * @param $return - */ - public function setReturnUrl(string $return) - { - $this->loginUrl = $this->createLoginURL($return); - } - - /** - * Build the steam openid login URL. + * @param $name + * @param $arguments * - * @param string|null $return + * @throws \Exception * - * @return string - */ - public function createLoginUrl(?string $return = null): string - { - $params = [ - 'openid.ns' => self::OPENID_SPECS, - 'openid.mode' => 'checkid_setup', - 'openid.return_to' => (!empty($return) ? $return : $this->authRoute), - 'openid.realm' => ($this->https ? 'https' : 'http').'://'.$this->request->getHttpHost(), - 'openid.identity' => self::OPENID_SPECS.'/identifier_select', - 'openid.claimed_id' => self::OPENID_SPECS.'/identifier_select', - ]; - - return self::OPENID_STEAM.'?'.http_build_query($params); - } - - /** - * {@inheritdoc} + * @return mixed */ - public function getLoginURL(): string + public function __call($name, $arguments) { - return $this->loginUrl; - } + if (method_exists($this->fluent, $name)) { + return call_user_func_array([$this->fluent, $name], $arguments); + } + if (method_exists($this->steamId, $name)) { + return call_user_func_array([$this->steamId, $name], $arguments); + } + if (substr($name, 0, 3) === 'get') { + $property = lcfirst(substr($name, 3)); - /** - * {@inheritdoc} - */ - public function redirectToSteam(): RedirectResponse - { - return redirect($this->loginUrl); - } + return call_user_func_array([$this, '__get'], [$property]); + } - /** - * Return the user to the page they were on before logging in. - * - * @return RedirectResponse - */ - public function previousPage(): RedirectResponse - { - return redirect($this->previousPage); + throw new \Exception('Unknown method '.$name); } /** - * Return player object and optionally choose to retrieve profile info. - * - * @param bool $info + * magic method __get. * - * @throws Exception + * @param $name * - * @return SteamUser + * @return mixed */ - public function getPlayer(bool $info = false): SteamUser + public function __get($name) { - return $info ? $this->player->getUserInfo() : $this->player; + return $this->fluent->__get($name); } /** - * Return Guzzle response of POSTing to Steam's OpenID. + * magic method __toString using Fluent toJson(). * - * @return Response + * @return string */ - public function getResponse(): Response + public function __toString(): string { - return $this->response; + return $this->fluent->toJson(); } /** - * Check if login is valid. + * Retrieve a user's steam info set its attributes. * - * @throws Exception - * - * @return bool + * @return $this */ - public function validated(): bool + public function getUserInfo(): self { - if (!$this->validRequest()) { - return false; - } - - $steamid = $this->validate(); - - if ($validated = !empty($steamid)) { - $this->player = new SteamUser($steamid); - } + $this->userInfo(); - return $validated; + return $this; } /** - * {@inheritdoc} + * Retrieve a user's profile info from Steam via API or XML data. */ - public function validate(): ?string + private function userInfo() { - $params = [ - 'openid.assoc_handle' => $this->request->input('openid_assoc_handle'), - 'openid.signed' => $this->request->input('openid_signed'), - 'openid.sig' => $this->request->input('openid_sig'), - 'openid.ns' => self::OPENID_SPECS, - ]; - - $signed = explode(',', $this->request->input('openid_signed')); - - foreach ($signed as $item) { - $params['openid.'.$item] = $this->request->input('openid_'.str_replace('.', '_', $item)); + $this->response = $this->guzzle->get($this->profileDataUrl, ['connect_timeout' => Config::get('steam-login.timeout')]); + $data = $this->method === 'xml' ? simplexml_load_string($this->response->getBody(), 'SimpleXMLElement', LIBXML_NOCDATA) : json_decode($this->response->getBody()); + + switch ($this->method) { + case 'api': + $data = isset($data->response->players[0]) ? $data->response->players[0] : null; + + if ($data) { + $this->attributes->name = $data->personaname; + $this->attributes->realName = isset($data->realname) ? $data->realname : null; + $this->attributes->profileUrl = $data->profileurl; + $this->attributes->privacyState = $data->communityvisibilitystate === 3 ? 'Public' : 'Private'; + $this->attributes->visibilityState = $data->communityvisibilitystate; + $this->attributes->isOnline = $data->personastate != 0; + $this->attributes->onlineState = isset($data->gameid) ? 'In-Game' : ($data->personastate != 0 ? 'Online' : 'Offline'); + // todo: stateMessage + $this->attributes->avatarSmall = $this->attributes->avatarIcon = $data->avatar; + $this->attributes->avatarMedium = $data->avatarmedium; + $this->attributes->avatarLarge = $this->attributes->avatarFull = $this->attributes->avatar = $data->avatarfull; + $this->attributes->joined = isset($data->timecreated) ? $data->timecreated : null; + } + break; + case 'xml': + if ($data !== false && !isset($data->error)) { + $this->attributes->name = (string) $data->steamID; + $this->attributes->realName = isset($data->realName) ? $data->realName : null; + $this->attributes->profileUrl = isset($data->customURL) ? 'https://steamcommunity.com/id/'.$data->customURL : $this->attributes->accountUrl; + $this->attributes->privacyState = $data->privacyState === 'public' ? 'Public' : 'Private'; + $this->attributes->visibilityState = (int) $data->visibilityState; + $this->attributes->isOnline = $data->onlineState != 'offline'; + $this->attributes->onlineState = $data->onlineState === 'in-game' ? 'In-Game' : ucfirst($data->onlineState); + // todo: stateMessage + $this->attributes->avatarSmall = $this->attributes->avatarIcon = (string) $data->avatarIcon; + $this->attributes->avatarMedium = (string) $data->avatarMedium; + $this->attributes->avatarLarge = $this->attributes->avatarFull = $this->attributes->avatar = (string) $data->avatarFull; + $this->attributes->joined = isset($data->memberSince) ? strtotime($data->memberSince) : null; + } + break; + default: + break; } - $params['openid.mode'] = 'check_authentication'; - - $this->response = $this->guzzle->post(self::OPENID_STEAM, [ - 'connect_timeout' => Config::get('steam-login.timeout'), - 'form_params' => $params, - ]); - - $result = $this->response->getBody(); - - preg_match('#^https?://steamcommunity.com/openid/id/([0-9]{17,25})#', $this->request->input('openid_claimed_id'), $matches); - $steamid = is_numeric($matches[1]) ? $matches[1] : 0; - $steamid = preg_match("#is_valid\s*:\s*true#i", $result) == 1 ? $steamid : null; - - return $steamid; - } - - /** - * Returns Steam Login button with link. - * - * @param string $type - * - * @return string - */ - public function loginButton(string $type = 'small'): string - { - return sprintf('', $this->loginUrl, self::button($type)); + $this->fluent = new Fluent($this->attributes); } /** - * Return the URL of Steam Login buttons. - * - * @param string $type + * Return Guzzle response of POSTing to Steam's OpenID. * - * @return string + * @return Response */ - public static function button(string $type = 'small'): string + public function getResponse(): Response { - return 'https://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_0'.($type == 'small' ? 1 : 2).'.png'; + return $this->response; } } From 8df49c6a67af148d34268153a8000c75939dca37 Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 7 Oct 2018 20:53:24 +0100 Subject: [PATCH 5/6] Revert "Use strict type checks everywhere" This reverts commit 443bf94 --- src/SteamLogin.php | 322 ++++++++++++++++++++++++++------------------- 1 file changed, 190 insertions(+), 132 deletions(-) diff --git a/src/SteamLogin.php b/src/SteamLogin.php index 0314a98..ec07ecc 100644 --- a/src/SteamLogin.php +++ b/src/SteamLogin.php @@ -2,82 +2,68 @@ namespace kanalumaddela\LaravelSteamLogin; +use Exception; use GuzzleHttp\Client as GuzzleClient; use GuzzleHttp\Psr7\Response; +use Illuminate\Foundation\Application; +use Illuminate\Http\RedirectResponse; use Illuminate\Support\Facades\Config; -use Illuminate\Support\Fluent; -use SteamID; -class SteamUser +class SteamLogin implements SteamLoginInterface { /** - * Steam Community URL using 64bit steamId. + * Steam OpenID URL. * * @var string */ - const STEAM_PROFILE = 'https://steamcommunity.com/profiles/%s'; + const OPENID_STEAM = 'https://steamcommunity.com/openid/login'; /** - * Steam Community URL using custom id. + * OpenID Specs. * * @var string */ - const STEAM_PROFILE_ID = 'https://steamcommunity.com/id/%s'; + const OPENID_SPECS = 'http://specs.openid.net/auth/2.0'; /** - * Steam API GetPlayerSummaries URL. + * SteamUser instance of player details. * - * @var string - */ - const STEAM_PLAYER_API = 'https://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=%s&steamids=%s'; - - /** - * personaStates. + * @var SteamUser */ - protected static $personaStates = [ - 'Offline', - 'Online', - 'Busy', - 'Away', - 'Snooze', - 'Looking to trade', - 'Looking to play', - ]; + public $player; /** - * Attributes of a user. e.g. steamId, profile, etc. - * - * @var \stdClass + * @var string */ - public $attributes; + protected $previousPage; /** - * Fluent instance of user data. + * Login route to redirect to steam. * - * @var \Illuminate\Support\Fluent + * @var string */ - public $fluent; + protected $loginRoute; /** - * Profile data retrieval method to use. + * Auth handle route after returning from steam. * * @var string */ - protected $method = 'xml'; + protected $authRoute; /** - * URL to use when retrieving a user's profile. + * Laravel Container/Application. * - * @var string + * @var \Illuminate\Foundation\Application */ - protected $profileDataUrl; + protected $app; /** - * Guzzle instance. + * Laravel Request instance. * - * @var \SteamID + * @var \Illuminate\Http\Request */ - protected $steamId; + protected $request; /** * Guzzle instance. @@ -94,149 +80,221 @@ class SteamUser protected $response; /** - * SteamUser constructor. Extends SteamID and constructs that first. + * Defines if app is HTTPS. * - * @param string|int $steamId - * @param GuzzleClient|null $guzzle + * @var bool */ - public function __construct($steamId, GuzzleClient $guzzle = null) + protected $https; + + /** + * Login URL. + * + * @var string + */ + private $loginUrl; + + /** + * SteamLogin constructor. + * + * @param $app + * + * @throws Exception + */ + public function __construct(Application $app) { - $this->steamId = new SteamID($steamId); - $this->guzzle = $guzzle ?? new GuzzleClient(); + $this->app = $app; + $this->request = $app->request; + $this->guzzle = new GuzzleClient(); + $this->https = $this->request->server('HTTP_X_FORWARDED_PROTO') == 'https' ?? isset($_SERVER['https']); - $this->attributes = new \stdClass(); + $previousPage = url()->previous(); + $this->loginRoute = route(Config::get('steam-login.routes.login')); + $this->authRoute = route(Config::get('steam-login.routes.auth')); - $this->attributes->steamId = $this->steamId->ConvertToUInt64(); - $this->attributes->steamId2 = $this->steamId->RenderSteam2(); - $this->attributes->steamId3 = $this->steamId->RenderSteam3(); - $this->attributes->accountId = $this->steamId->GetAccountID(); - $this->attributes->accountUrl = sprintf(self::STEAM_PROFILE, $this->attributes->steamId3); - $this->attributes->profileDataUrl = sprintf(self::STEAM_PROFILE.'/?xml=1', $this->attributes->steamId); + $this->previousPage = $this->validRequest() && $this->request->has('redirect') ? $this->request->query('redirect') : ($previousPage != $this->loginRoute && $previousPage != $this->authRoute ? $previousPage : url('/')); - $this->fluent = new Fluent($this->attributes); + if (!filter_var($this->previousPage, FILTER_VALIDATE_URL)) { + throw new Exception('previousPage is not valid url'); + } - $this->method = Config::get('steam-login.method', 'xml') === 'api' ? 'api' : 'xml'; - $this->profileDataUrl = $this->method === 'xml' ? $this->attributes->profileDataUrl : sprintf(self::STEAM_PLAYER_API, Config::get('steam-login.api_key'), $this->attributes->steamId); + $this->setReturnUrl($this->authRoute.'?redirect='.$previousPage); } /** - * magic method __call. + * Check if query parameters are valid post steam login. * - * @param $name - * @param $arguments + * @return bool + */ + protected function validRequest() + { + $params = [ + 'openid_assoc_handle', + 'openid_claimed_id', + 'openid_sig', + 'openid_signed', + ]; + + return $this->request->filled($params); + } + + /** + * Generate openid login URL with specified return. + * + * @param $return + */ + public function setReturnUrl(string $return) + { + $this->loginUrl = $this->createLoginURL($return); + } + + /** + * Build the steam openid login URL. * - * @throws \Exception + * @param string|null $return * - * @return mixed + * @return string */ - public function __call($name, $arguments) + public function createLoginUrl(?string $return = null): string { - if (method_exists($this->fluent, $name)) { - return call_user_func_array([$this->fluent, $name], $arguments); - } - if (method_exists($this->steamId, $name)) { - return call_user_func_array([$this->steamId, $name], $arguments); - } - if (substr($name, 0, 3) === 'get') { - $property = lcfirst(substr($name, 3)); + $params = [ + 'openid.ns' => self::OPENID_SPECS, + 'openid.mode' => 'checkid_setup', + 'openid.return_to' => (!empty($return) ? $return : $this->authRoute), + 'openid.realm' => ($this->https ? 'https' : 'http').'://'.$this->request->getHttpHost(), + 'openid.identity' => self::OPENID_SPECS.'/identifier_select', + 'openid.claimed_id' => self::OPENID_SPECS.'/identifier_select', + ]; - return call_user_func_array([$this, '__get'], [$property]); - } + return self::OPENID_STEAM.'?'.http_build_query($params); + } + + /** + * {@inheritdoc} + */ + public function getLoginURL(): string + { + return $this->loginUrl; + } - throw new \Exception('Unknown method '.$name); + /** + * {@inheritdoc} + */ + public function redirectToSteam(): RedirectResponse + { + return redirect($this->loginUrl); } /** - * magic method __get. + * Return the user to the page they were on before logging in. + * + * @return RedirectResponse + */ + public function previousPage(): RedirectResponse + { + return redirect($this->previousPage); + } + + /** + * Return player object and optionally choose to retrieve profile info. + * + * @param bool $info * - * @param $name + * @throws Exception * - * @return mixed + * @return SteamUser */ - public function __get($name) + public function getPlayer(bool $info = false): SteamUser { - return $this->fluent->__get($name); + return $info ? $this->player->getUserInfo() : $this->player; } /** - * magic method __toString using Fluent toJson(). + * Return Guzzle response of POSTing to Steam's OpenID. * - * @return string + * @return Response */ - public function __toString(): string + public function getResponse(): Response { - return $this->fluent->toJson(); + return $this->response; } /** - * Retrieve a user's steam info set its attributes. + * Check if login is valid. * - * @return $this + * @throws Exception + * + * @return bool */ - public function getUserInfo(): self + public function validated(): bool { - $this->userInfo(); + if (!$this->validRequest()) { + return false; + } + + $steamid = $this->validate(); + + if ($validated = !empty($steamid)) { + $this->player = new SteamUser($steamid); + } - return $this; + return $validated; } /** - * Retrieve a user's profile info from Steam via API or XML data. + * {@inheritdoc} */ - private function userInfo() + public function validate(): ?string { - $this->response = $this->guzzle->get($this->profileDataUrl, ['connect_timeout' => Config::get('steam-login.timeout')]); - $data = $this->method === 'xml' ? simplexml_load_string($this->response->getBody(), 'SimpleXMLElement', LIBXML_NOCDATA) : json_decode($this->response->getBody()); - - switch ($this->method) { - case 'api': - $data = isset($data->response->players[0]) ? $data->response->players[0] : null; - - if ($data) { - $this->attributes->name = $data->personaname; - $this->attributes->realName = isset($data->realname) ? $data->realname : null; - $this->attributes->profileUrl = $data->profileurl; - $this->attributes->privacyState = $data->communityvisibilitystate === 3 ? 'Public' : 'Private'; - $this->attributes->visibilityState = $data->communityvisibilitystate; - $this->attributes->isOnline = $data->personastate != 0; - $this->attributes->onlineState = isset($data->gameid) ? 'In-Game' : ($data->personastate != 0 ? 'Online' : 'Offline'); - // todo: stateMessage - $this->attributes->avatarSmall = $this->attributes->avatarIcon = $data->avatar; - $this->attributes->avatarMedium = $data->avatarmedium; - $this->attributes->avatarLarge = $this->attributes->avatarFull = $this->attributes->avatar = $data->avatarfull; - $this->attributes->joined = isset($data->timecreated) ? $data->timecreated : null; - } - break; - case 'xml': - if ($data !== false && !isset($data->error)) { - $this->attributes->name = (string) $data->steamID; - $this->attributes->realName = isset($data->realName) ? $data->realName : null; - $this->attributes->profileUrl = isset($data->customURL) ? 'https://steamcommunity.com/id/'.$data->customURL : $this->attributes->accountUrl; - $this->attributes->privacyState = $data->privacyState === 'public' ? 'Public' : 'Private'; - $this->attributes->visibilityState = (int) $data->visibilityState; - $this->attributes->isOnline = $data->onlineState != 'offline'; - $this->attributes->onlineState = $data->onlineState === 'in-game' ? 'In-Game' : ucfirst($data->onlineState); - // todo: stateMessage - $this->attributes->avatarSmall = $this->attributes->avatarIcon = (string) $data->avatarIcon; - $this->attributes->avatarMedium = (string) $data->avatarMedium; - $this->attributes->avatarLarge = $this->attributes->avatarFull = $this->attributes->avatar = (string) $data->avatarFull; - $this->attributes->joined = isset($data->memberSince) ? strtotime($data->memberSince) : null; - } - break; - default: - break; + $params = [ + 'openid.assoc_handle' => $this->request->input('openid_assoc_handle'), + 'openid.signed' => $this->request->input('openid_signed'), + 'openid.sig' => $this->request->input('openid_sig'), + 'openid.ns' => self::OPENID_SPECS, + ]; + + $signed = explode(',', $this->request->input('openid_signed')); + + foreach ($signed as $item) { + $params['openid.'.$item] = $this->request->input('openid_'.str_replace('.', '_', $item)); } - $this->fluent = new Fluent($this->attributes); + $params['openid.mode'] = 'check_authentication'; + + $this->response = $this->guzzle->post(self::OPENID_STEAM, [ + 'connect_timeout' => Config::get('steam-login.timeout'), + 'form_params' => $params, + ]); + + $result = $this->response->getBody(); + + preg_match('#^https?://steamcommunity.com/openid/id/([0-9]{17,25})#', $this->request->input('openid_claimed_id'), $matches); + $steamid = is_numeric($matches[1]) ? $matches[1] : 0; + $steamid = preg_match("#is_valid\s*:\s*true#i", $result) == 1 ? $steamid : null; + + return $steamid; } /** - * Return Guzzle response of POSTing to Steam's OpenID. + * Returns Steam Login button with link. * - * @return Response + * @param string $type + * + * @return string */ - public function getResponse(): Response + public function loginButton(string $type = 'small'): string { - return $this->response; + return sprintf('', $this->loginUrl, self::button($type)); + } + + /** + * Return the URL of Steam Login buttons. + * + * @param string $type + * + * @return string + */ + public static function button(string $type = 'small'): string + { + return 'https://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_0'.($type == 'small' ? 1 : 2).'.png'; } } From beccade6321b9b7d4092fae273fcfb0e373be7c9 Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 7 Oct 2018 20:54:46 +0100 Subject: [PATCH 6/6] Use strict type checks everywhere --- src/SteamLogin.php | 6 +++--- src/SteamUser.php | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/SteamLogin.php b/src/SteamLogin.php index ec07ecc..4c7abef 100644 --- a/src/SteamLogin.php +++ b/src/SteamLogin.php @@ -105,7 +105,7 @@ public function __construct(Application $app) $this->app = $app; $this->request = $app->request; $this->guzzle = new GuzzleClient(); - $this->https = $this->request->server('HTTP_X_FORWARDED_PROTO') == 'https' ?? isset($_SERVER['https']); + $this->https = $this->request->server('HTTP_X_FORWARDED_PROTO') === 'https' ?? isset($_SERVER['https']); $previousPage = url()->previous(); $this->loginRoute = route(Config::get('steam-login.routes.login')); @@ -269,7 +269,7 @@ public function validate(): ?string preg_match('#^https?://steamcommunity.com/openid/id/([0-9]{17,25})#', $this->request->input('openid_claimed_id'), $matches); $steamid = is_numeric($matches[1]) ? $matches[1] : 0; - $steamid = preg_match("#is_valid\s*:\s*true#i", $result) == 1 ? $steamid : null; + $steamid = preg_match("#is_valid\s*:\s*true#i", $result) === 1 ? $steamid : null; return $steamid; } @@ -295,6 +295,6 @@ public function loginButton(string $type = 'small'): string */ public static function button(string $type = 'small'): string { - return 'https://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_0'.($type == 'small' ? 1 : 2).'.png'; + return 'https://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_0'.($type === 'small' ? 1 : 2).'.png'; } } diff --git a/src/SteamUser.php b/src/SteamUser.php index 0a615d5..0314a98 100644 --- a/src/SteamUser.php +++ b/src/SteamUser.php @@ -115,8 +115,8 @@ public function __construct($steamId, GuzzleClient $guzzle = null) $this->fluent = new Fluent($this->attributes); - $this->method = Config::get('steam-login.method', 'xml') == 'api' ? 'api' : 'xml'; - $this->profileDataUrl = $this->method == 'xml' ? $this->attributes->profileDataUrl : sprintf(self::STEAM_PLAYER_API, Config::get('steam-login.api_key'), $this->attributes->steamId); + $this->method = Config::get('steam-login.method', 'xml') === 'api' ? 'api' : 'xml'; + $this->profileDataUrl = $this->method === 'xml' ? $this->attributes->profileDataUrl : sprintf(self::STEAM_PLAYER_API, Config::get('steam-login.api_key'), $this->attributes->steamId); } /** @@ -186,7 +186,7 @@ public function getUserInfo(): self private function userInfo() { $this->response = $this->guzzle->get($this->profileDataUrl, ['connect_timeout' => Config::get('steam-login.timeout')]); - $data = $this->method == 'xml' ? simplexml_load_string($this->response->getBody(), 'SimpleXMLElement', LIBXML_NOCDATA) : json_decode($this->response->getBody()); + $data = $this->method === 'xml' ? simplexml_load_string($this->response->getBody(), 'SimpleXMLElement', LIBXML_NOCDATA) : json_decode($this->response->getBody()); switch ($this->method) { case 'api': @@ -196,7 +196,7 @@ private function userInfo() $this->attributes->name = $data->personaname; $this->attributes->realName = isset($data->realname) ? $data->realname : null; $this->attributes->profileUrl = $data->profileurl; - $this->attributes->privacyState = $data->communityvisibilitystate == 3 ? 'Public' : 'Private'; + $this->attributes->privacyState = $data->communityvisibilitystate === 3 ? 'Public' : 'Private'; $this->attributes->visibilityState = $data->communityvisibilitystate; $this->attributes->isOnline = $data->personastate != 0; $this->attributes->onlineState = isset($data->gameid) ? 'In-Game' : ($data->personastate != 0 ? 'Online' : 'Offline'); @@ -212,10 +212,10 @@ private function userInfo() $this->attributes->name = (string) $data->steamID; $this->attributes->realName = isset($data->realName) ? $data->realName : null; $this->attributes->profileUrl = isset($data->customURL) ? 'https://steamcommunity.com/id/'.$data->customURL : $this->attributes->accountUrl; - $this->attributes->privacyState = $data->privacyState == 'public' ? 'Public' : 'Private'; + $this->attributes->privacyState = $data->privacyState === 'public' ? 'Public' : 'Private'; $this->attributes->visibilityState = (int) $data->visibilityState; $this->attributes->isOnline = $data->onlineState != 'offline'; - $this->attributes->onlineState = $data->onlineState == 'in-game' ? 'In-Game' : ucfirst($data->onlineState); + $this->attributes->onlineState = $data->onlineState === 'in-game' ? 'In-Game' : ucfirst($data->onlineState); // todo: stateMessage $this->attributes->avatarSmall = $this->attributes->avatarIcon = (string) $data->avatarIcon; $this->attributes->avatarMedium = (string) $data->avatarMedium;