├── .gitignore ├── composer.json ├── README.md └── src └── SteamAuth.php /.gitignore: -------------------------------------------------------------------------------- 1 | /vendor/ 2 | 3 | composer\.lock 4 | .idea -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "vikas5914/steam-auth", 3 | "description": "A simple PHP Steam login and User Detail package", 4 | "keywords": ["steam", "steam-login", "steam-auth","steam login", "steam auth", "steam-user", "steam user"], 5 | "license": "MIT", 6 | "authors": [ 7 | { 8 | "name": "Vikas Kapadiya", 9 | "email": "vikas@kapadiya.net", 10 | "homepage": "https://www.kapadiya.net" 11 | } 12 | ], 13 | "minimum-stability": "stable", 14 | "require": { 15 | "php": ">=5.4.0" 16 | }, 17 | "autoload": { 18 | "psr-4": { "Vikas5914\\": "src/" } 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Steam authentication and User Details 2 | [![Latest Stable Version](https://poser.pugx.org/vikas5914/steam-auth/v/stable)](https://packagist.org/packages/vikas5914/steam-auth) [![Total Downloads](https://poser.pugx.org/vikas5914/steam-auth/downloads)](https://packagist.org/packages/vikas5914/steam-auth) [![License](https://poser.pugx.org/vikas5914/steam-auth/license)](https://packagist.org/packages/vikas5914/steam-auth) [![GitHub issues](https://img.shields.io/github/issues/vikas5914/steam-auth.svg)](https://github.com/vikas5914/steam-auth/issues) [![Packagist](https://img.shields.io/packagist/dd/vikas5914/steam-auth.svg)](https://packagist.org/packages/vikas5914/steam-auth) 3 | 4 | This package enables you to easily log users in via Steam and get user details , using their OpenID service. However, this package does not require that you have the OpenID PHP module installed! 5 | 6 | ## Installation Via Composer 7 | 8 | Add this to your `composer.json` file, in the require object: 9 | 10 | ```javascript 11 | "vikas5914/steam-auth": "1.*" 12 | ``` 13 | 14 | After that, run `composer install` to install the package. 15 | #### OR 16 | ```javascript 17 | composer require vikas5914/steam-auth:1.* 18 | ``` 19 | ## Usage example 20 | 21 | ```php 22 | require __DIR__ . '/vendor/autoload.php'; 23 | 24 | $config = array( 25 | 'apikey' => 'xxxxxxxxxxxxxxxxx', // Steam API KEY 26 | 'domainname' => 'http://localhost:3000', // Displayed domain in the login-screen 27 | 'loginpage' => 'http://localhost:3000/index.php', // Returns to last page if not set 28 | "logoutpage" => "", 29 | "skipAPI" => false, // true = dont get the data from steam, just return the steamid64 30 | ); 31 | 32 | $steam = new Vikas5914\SteamAuth($config); 33 | 34 | if ($steam->loggedIn()) { 35 | echo "Hello " . $steam->personaname . "!"; 36 | echo "Logout"; 37 | } else { 38 | echo "Login"; 39 | } 40 | ``` 41 | 42 | User-Data is accessible through `$steam->varName;` You can find a basic list of variables in the demo file or a more advanced one in the code. 43 | 44 | Check if the user is logged in with `$steam->loggedIn();` (Will return true or false) 45 | 46 | ## Planned 47 | 1. Test Case 48 | 2. Better ReadMe 49 | 50 | ## Legal stuff 51 | 52 | If you choose to use the steam web-api you need to follow the Steam Web API Terms of Use found at http://steamcommunity.com/dev/apiterms 53 | 54 | The marked code is taken from Syntax_Error's "Ultra Simple Steam-Login" Class found at http://forums.steampowered.com/forums/showthread.php?t=1430511 55 | 56 | 57 | [![forthebadge](http://forthebadge.com/images/badges/you-didnt-ask-for-this.svg)](http://forthebadge.com) 58 | -------------------------------------------------------------------------------- /src/SteamAuth.php: -------------------------------------------------------------------------------- 1 | 9 | * @author BlackCetha 10 | * @license https://opensource.org/licenses/MIT The MIT License 11 | * 12 | * @link https://github.com/vikas5914/steam-auth 13 | * 14 | * @version 1.0.0 15 | */ 16 | class SteamAuth 17 | { 18 | protected $settings = [ 19 | 'apikey' => '', // Get yours today from http://steamcommunity.com/dev/apikey 20 | 'domainname' => '', // Displayed domain in the login-screen 21 | 'loginpage' => '', // Returns to last page if not set 22 | 'logoutpage' => '', 23 | 'skipAPI' => false, // true = dont get the data from steam, just return the steamid64 24 | ]; 25 | 26 | public function __construct($apikey = null, $domainname = null, $loginpage = null, $logoutpage = null, $skipAPI = false) 27 | { 28 | if (session_id() == '') { 29 | session_start(); 30 | } 31 | 32 | // if params were passed as array 33 | if (is_array($apikey)) { 34 | foreach ($apikey as $key => $val) { 35 | $$key = $val; 36 | } 37 | } 38 | 39 | $this->settings['apikey'] = $apikey; 40 | $this->settings['domainname'] = $domainname; 41 | $this->settings['loginpage'] = $loginpage; 42 | $this->settings['logoutpage'] = $logoutpage; 43 | $this->settings['skipAPI'] = $skipAPI; 44 | 45 | // Start a session if none exists 46 | if ($this->settings['apikey'] == '') { 47 | exit('SteamAuth: Please supply a valid API-Key!'); 48 | } 49 | 50 | if ($this->settings['loginpage'] == '') { 51 | $this->settings['loginpage'] = /* [ */(!empty($_SERVER['HTTPS']) ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']; 52 | } 53 | // Code (c) 2010 ichimonai.com, released under MIT-License 54 | if (isset($_GET['openid_assoc_handle']) && !isset($_SESSION['steamdata']['steamid'])) { 55 | // Did we just return from steam login-page? If so, validate idendity and save the data 56 | $steamid = $this->validate(); 57 | if ($steamid != '') { 58 | // ID Proven, get data from steam and save them 59 | if ($this->settings['skipAPI']) { 60 | $_SESSION['steamdata']['steamid'] = $steamid; 61 | 62 | return; // Skip API here 63 | } 64 | @$apiresp = json_decode(file_get_contents('https://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key='.$this->settings['apikey'].'&steamids='.$steamid), true); 65 | foreach ($apiresp['response']['players'][0] as $key => $value) { 66 | $_SESSION['steamdata'][$key] = $value; 67 | } 68 | } 69 | } 70 | if (isset($_SESSION['steamdata']['steamid'])) { 71 | // If we are logged in, make user-data accessable through $steam->var 72 | foreach ($_SESSION['steamdata'] as $key => $value) { 73 | $this->{$key} = $value; 74 | } 75 | } 76 | } 77 | 78 | /** 79 | * Generate SteamLogin-URL. 80 | * 81 | * @copyright loginUrl function (c) 2010 ichimonai.com, released under MIT-License 82 | * Modified by BlackCetha for OOP use 83 | */ 84 | public function loginUrl() 85 | { 86 | $params = [ 87 | 'openid.ns' => 'http://specs.openid.net/auth/2.0', 88 | 'openid.mode' => 'checkid_setup', 89 | 'openid.return_to' => $this->settings['loginpage'], 90 | 'openid.realm' => (!empty($_SERVER['HTTPS']) ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'], 91 | 'openid.identity' => 'http://specs.openid.net/auth/2.0/identifier_select', 92 | 'openid.claimed_id' => 'http://specs.openid.net/auth/2.0/identifier_select', 93 | ]; 94 | 95 | return 'https://steamcommunity.com/openid/login'.'?'.http_build_query($params, '', '&'); 96 | } 97 | 98 | /* 99 | * Validate data against Steam-Servers 100 | * @copyright validate function (c) 2010 ichimonai.com, released under MIT-License 101 | * Modified by BlackCetha for OOP use 102 | */ 103 | private static function validate() 104 | { 105 | // Star off with some basic params 106 | $params = [ 107 | 'openid.assoc_handle' => $_GET['openid_assoc_handle'], 108 | 'openid.signed' => $_GET['openid_signed'], 109 | 'openid.sig' => $_GET['openid_sig'], 110 | 'openid.ns' => 'http://specs.openid.net/auth/2.0', 111 | ]; 112 | 113 | // Get all the params that were sent back and resend them for validation 114 | $signed = explode(',', $_GET['openid_signed']); 115 | foreach ($signed as $item) { 116 | $val = $_GET['openid_'.str_replace('.', '_', $item)]; 117 | $params['openid.'.$item] = stripslashes($val); 118 | } 119 | 120 | // Finally, add the all important mode. 121 | $params['openid.mode'] = 'check_authentication'; 122 | 123 | // Stored to send a Content-Length header 124 | $data = http_build_query($params); 125 | $context = stream_context_create([ 126 | 'http' => [ 127 | 'method' => 'POST', 128 | 'header' => "Accept-language: en\r\n". 129 | "Content-type: application/x-www-form-urlencoded\r\n". 130 | 'Content-Length: '.strlen($data)."\r\n". 131 | "Referer: https://steamcommunity.com/\r\n". 132 | "Origin: https://steamcommunity.com\r\n", 133 | 'content' => $data, 134 | ], 135 | ]); 136 | 137 | $result = file_get_contents('https://steamcommunity.com/openid/login', false, $context); 138 | 139 | // Validate wheather it's true and if we have a good ID 140 | preg_match('#^https://steamcommunity.com/openid/id/([0-9]{17,25})#', $_GET['openid_claimed_id'], $matches); 141 | $steamID64 = is_numeric($matches[1]) ? $matches[1] : 0; 142 | 143 | // Return our final value 144 | return preg_match("#is_valid\s*:\s*true#i", $result) == 1 ? $steamID64 : ''; 145 | } 146 | 147 | public function logout() 148 | { 149 | if (!$this->loggedIn()) { 150 | return false; 151 | } 152 | 153 | unset($_SESSION['steamdata']); // Delete the users info from the cache, DOESNT DESTROY YOUR SESSION! 154 | if (!isset($_SESSION[0])) { 155 | session_destroy(); 156 | } 157 | // End the session if theres no more data in it 158 | if ($this->settings['logoutpage'] != '') { 159 | header('Location: '.$this->settings['logoutpage']); 160 | } 161 | // If the logout-page is set, go there 162 | return true; 163 | } 164 | 165 | public function loggedIn() 166 | { 167 | return (isset($_SESSION['steamdata']['steamid']) && $_SESSION['steamdata']['steamid'] != '') ? true : false; 168 | } 169 | 170 | public function forceReload() 171 | { 172 | if (!isset($_SESSION['steamdata']['steamid'])) { 173 | return false; 174 | } 175 | // User is not logged in, nothing to reload 176 | @$apiresp = json_decode(file_get_contents('https://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key='.$this->settings['apikey'].'&steamids='.$_SESSION['steamdata']['steamid']), true); 177 | foreach ($apiresp['response']['players'][0] as $key => $value) { 178 | $_SESSION['steamdata'][$key] = $value; 179 | } 180 | 181 | foreach ($_SESSION['steamdata'] as $key => $value) { 182 | $this->{$key} = $value; 183 | } 184 | // Make user-data accessable through $steam->var 185 | return true; 186 | } 187 | 188 | /** 189 | * Prints debug information about steamauth. 190 | */ 191 | public function debug() 192 | { 193 | echo '

SteamAuth debug report

Settings-array:
'; 194 | echo '
'.print_r($this->settings, true).'
'; 195 | echo '

Data:
'; 196 | echo '
'.print_r($_SESSION['steamdata'], true).'
'; 197 | } 198 | } 199 | --------------------------------------------------------------------------------