o >{Fe[T@sdZddlZddlZddlZddlZddlmZmZddlm Z ddl m Z ddl m Z ddl mZddlmZdd lmZmZdd lmZdd lmZdd lmZGd ddeZGdddeZddZddZddZ ddZ!ddZ"dddZ#dS)ao This submodule contains various functionality related to Steam Guard. :class:`SteamAuthenticator` provides methods for genereating codes and enabling 2FA on a Steam account. Operations managing the authenticator on an account require an instance of either :class:`.MobileWebAuth` or :class:`.SteamClient`. The instance needs to be logged in. Adding an authenticator .. code:: python wa = MobileWebAuth('steamuser') wa.cli_login() sa = SteamAuthenticator(backend=wa) sa.add() # SMS code will be send to the account's phone number sa.secrets # dict with authenticator secrets (SAVE THEM!!) # save the secrets, for example to a file json.dump(sa.secrets, open('./mysecrets.json', 'w')) # HINT: You can stop here and add authenticator on your phone. # The secrets will be the same, and you will be able to # both use your phone and SteamAuthenticator. sa.finalize('SMS CODE') # activate the authenticator sa.get_code() # generate 2FA code for login sa.remove() # removes the authenticator from the account .. warning:: Before you finalize the authenticator, make sure to save your secrets. Otherwise you will lose access to the account. Once authenticator is enabled all you need is the secrets to generate codes. .. code:: python secrets = json.load(open('./mysecrets.json')) sa = SteamAuthenticator(secrets) sa.get_code() You can obtain the authenticator secrets from an Android device using :func:`extract_secrets_from_android_rooted`. See the function docstring for details on what is required for it to work. Format of ``secrets.json`` file: .. code:: json { "account_name": "", # account username "identity_secret": "", # unknown "revocation_code": "R51234", # revocation code "secret_1": "", # unknown "serial_number": "1111222333344445555", # serial number "server_time": "1600000000", # creation timestamp "shared_secret": "", # secret used for code generation "status": 1, # status, 1 = token active "token_gid": "a1a1a1a1a1a1a1a1", # token gid "uri": "otpauth://totp/Steam:?secret=&issuer=Steam" } N) b64decode b64encode)hexlify)time)webapi)ETwoFactorTokenType)SteamID) hmac_sha1 sha1_hash)EResult) MobileWebAuth) proto_to_dictc@seZdZdZdZdZdZdZdZdZ d*ddZ ddZ d d Z d+d d Z d,ddZddZddZddZd+ddZddZd+ddZddZddZd d!Zd"d#Zd$d%Zd&d'Zd(d)ZdS)-SteamAuthenticatorzNAdd/Remove authenticator from an account. Generate 2FA and confirmation codes.NrcCs|pi|_||_dS)z :param secret: a dict of authenticator secrets :type secret: dict :param backend: logged on session for steam user :type backend: :class:`.MobileWebAuth`, :class:`.SteamClient` N)secretsbackend)selfrrr6/usr/local/lib/python3.10/dist-packages/steam/guard.py__init__Zs  zSteamAuthenticator.__init__cCs$||jvr tdt||j|S)NzNo %s attribute)rAttributeErrorrepr)rkeyrrr __getattr__ds  zSteamAuthenticator.__getattr__cCsP|jdus|jrt|j|jkrt|_|jdurt|_tt|jp%dS)zF :return: Steam aligned timestamp :rtype: int Nr)steam_time_offsetalign_time_everyr_offset_last_checkget_time_offsetintrrrrget_timeis  zSteamAuthenticator.get_timecCs"tt|j|dur|S|S)z :param timestamp: time to use for code generation :type timestamp: int :return: two factor code :rtype: str N) generate_twofactor_code_for_timer shared_secretr )r timestamprrrget_codexs zSteamAuthenticator.get_codecCs$tt|j||dur|S|S)z :param tag: see :func:`generate_confirmation_key` for this value :type tag: str :param timestamp: time to use for code generation :type timestamp: int :return: trade confirmation key :rtype: str N)generate_confirmation_keyridentity_secretr )rtagr#rrrget_confirmation_keys z'SteamAuthenticator.get_confirmation_keyc Cs|j}t|tr@|jstd|j|d<d|d<z tjd|d|d}Wntj j y9}ztdt |d}~ww|d }|S|jsGtd |j d ||dd }|durYtd |j jtjkrntd|j jt|j jft|j}|dkrdD] }t||d||<qy|S)Nz$MobileWebAuth instance not logged in access_token http_timeoutITwoFactorServiceparamszError adding via WebAPI: %sresponsez"SteamClient instance not logged inzTwoFactor.%s#1)timeoutzFailed. Request timeoutzFailed: %s (%s)AddAuthenticator)r"r'secret_1ascii)r isinstancer logged_onSteamAuthenticatorError oauth_tokenrpostrequests exceptionsRequestExceptionstrsend_um_and_waitheadereresultr OK error_messagerr bodyrdecode)ractionr0rrespexprrrr _send_requests<      z SteamAuthenticator._send_requestc Cs|std|d|jjttttjt |jjdd}|dt j kr3tdt t |d||_ t|dt|_dS) zAdd authenticator to an account. The account's phone number will receive a SMS code required for :meth:`finalize`. :raises: :class:`SteamAuthenticatorError` z,Account doesn't have a verified phone numberr31)steamidauthenticator_timeauthenticator_typedevice_identifier sms_phone_idstatusz&Failed to add authenticator. Error: %s server_timeN)has_phone_numberr8rIrsteam_idrrrValveMobileAppgenerate_device_idr rBrrr)rrGrrradds zSteamAuthenticator.addcCs|d|jjtt||d}|dtjkr7|ddr7|j r7|j d7_ |j d8_ | |dS|d sJd |_ t d t t|dt|d t|_ dS) zFinalize authenticator with received SMS code :param activation_code: SMS code :type activation_code: str :raises: :class:`SteamAuthenticatorError` FinalizeAddAuthenticator)rKrLauthenticator_codeactivation_coderP want_moreFr.Nsuccessrz+Failed to finalize authenticator. Error: %srQ)rIrrSrrr$r TwoFactorActivationCodeMismatchget_finalize_attemptsrfinalizer8r)rrYrGrrrr`s  zSteamAuthenticator.finalizecCsl|jstdt|jtstd|d|jj|r|n|jdd}|ds/td|df|jd S) a~Remove authenticator :param revocation_code: revocation code for account (e.g. R12345) :type revocation_code: str .. note:: After removing authenticator Steam Guard will be set to email codes .. warning:: Doesn't work via :class:`.SteamClient`. Disabled by Valve :raises: :class:`SteamAuthenticatorError` z#No authenticator secrets available?z Only available via MobileWebAuthRemoveAuthenticatorr.)rKrevocation_codesteamguard_schemer\z8Failed to remove authenticator. (attempts remaining: %s)revocation_attempts_remainingN) rr8r6rr rIrSrbclear)rrbrGrrrremoves  zSteamAuthenticator.removecCs|dd|jjiS)zFetch authenticator status for the account :raises: :class:`SteamAuthenticatorError` :return: dict with status parameters :rtype: dict QueryStatusrKrIrrSrrrrrPszSteamAuthenticator.statuscCs,|r|dd|idgS|didS)aGenerate emergency codes :param code: SMS code :type code: str :raises: :class:`SteamAuthenticatorError` :return: list of codes :rtype: list .. note:: A confirmation code is required to generate emergency codes and this method needs to be called twice as shown below. .. code:: python sa.create_emergency_codes() # request a SMS code sa.create_emergency_codes(code='12345') # creates emergency codes createemergencycodescodecodesN)rIr^)rrjrrrcreate_emergency_codes s z)SteamAuthenticator.create_emergency_codescCs|dd|jjidS)zWDestroy all emergency codes :raises: :class:`SteamAuthenticatorError` DestroyEmergencyCodesrKNrhrrrrdestroy_emergency_codes$sz*SteamAuthenticator.destroy_emergency_codescCsBt|jtr |jjS|jjr|j}|durtd|Std)z :return: authenticated web session :rtype: :class:`requests.Session` :raises: :class:`RuntimeError` when session is unavailable Nz7Failed to get a web session. Try again in a few minutesz%SteamClient instance is not connected)r6rr sessionr7get_web_session RuntimeError)rsessrrr_get_web_session+s  z#SteamAuthenticator._get_web_sessionc CN|}z|jdd|dd|jjdddddd }W|Sd d iYS) aAdd phone number to account Steps: 1. Call :meth:`add_phone_number()` then check ``email_confirmation`` key in the response i. On ``True``, user needs to click link in email, then step 2 ii. On ``False``, SMS code is sent, go to step 3 2. Confirm email via :meth:`confirm_email()`, SMS code is sent 3. Finalize phone number with SMS code :meth:`confirm_phone_number(sms_code)` :param phone_number: phone number with country code :type phone_number: :class:`str` :return: see example below :rtype: :class:`dict` .. code:: python {'success': True, 'email_confirmation': True, 'error_text': '', 'fatal': False} /https://steamcommunity.com/steamguard/phoneajaxadd_phone_numberr sessionidsteamcommunity.comdomainoparg checkfortosskipvoiprwdatar2r\Frsr:cookiesr^jsonr phone_numberrrrGrrrrv>s   z#SteamAuthenticator.add_phone_numberc CsP|}z|jddddd|jjddddd d }W|Sd d d YS)aConfirm email confirmation. See :meth:`add_phone_number()` .. note:: If ``email_confirmation`` is ``True``, then user hasn't clicked the link yet. :return: see example below :rtype: :class:`dict` .. code:: python {'success': True, 'email_confirmation': True, 'error_text': '', 'fatal': False} ruemail_confirmationr%r.rwrxryr{rrTF)fatalr\rrrrrGrrr confirm_emailhs  z SteamAuthenticator.confirm_emailc Crt) aWConfirm phone number with the recieved SMS code. See :meth:`add_phone_number()` :param sms_code: sms code :type sms_code: :class:`str` :return: see example below :rtype: :class:`dict` .. code:: python {'success': True, 'error_text': '', 'fatal': False} rucheck_sms_coder.rwrxryr{rrr\Fr)rsms_coderrrGrrrconfirm_phone_numbers   z'SteamAuthenticator.confirm_phone_numberc CsN|}z|jddddd|jjdddd d d }W|Sd d iYS)aCheck whether the account has a verified phone number :return: see example below :rtype: :class:`dict` .. code:: python {'success': True, 'has_phone': True, 'error_text': '', 'fatal': False} ru has_phone0rr.rwrxryr{rrr\FrrrrrrRs    z#SteamAuthenticator.has_phone_numbercCsL|}z|jd||jjddddddd}W|Sd di}Y|S) aTest whether phone number is valid for Steam :param phone_number: phone number with country code :type phone_number: :class:`str` :return: see example below :rtype: :class:`dict` .. code:: python {'is_fixed': False, 'is_valid': False, 'is_voip': True, 'number': '+1 123-555-1111', 'success': True} z-https://store.steampowered.com/phone/validaterwzstore.steampowered.comry) phoneNumber sessionIDFr)rallow_redirectsr2r\rrrrrvalidate_phone_numbers  z(SteamAuthenticator.validate_phone_number)NN)N)r%N)__name__ __module__ __qualname____doc__r_rrrrrrrr r$r)rIrVr`rfrPrlrnrsrvrrrRrrrrrrQs4     %  *! rc@s eZdZdS)r8N)rrrrrrrr8sr8cCst|ttpdS)zGenerate Steam 2FA code for login with current time :param shared_secret: authenticator shared shared_secret :type shared_secret: bytes :return: steam two factor code :rtype: str r)r!rr)r"rrrgenerate_twofactor_codesrc Cstt|tdt|d}t|ddd@}td|||ddd @}d }d }td D]}t|t |\}}|||7}q1|S) aGenerate Steam 2FA code for timestamp :param shared_secret: authenticator shared secret :type shared_secret: bytes :param timestamp: timestamp to use, if left out uses current time :type timestamp: int :return: steam two factor code :rtype: str >Qr[rz>Iri23456789BCDFGHJKMNPQRTVWXYr%r) r bytesstructpackrordunpackrangedivmodlen) r"r#hmacstartcodeintcharsetrj_irrrr!s   r!cCs(tdt||d}tt||S)a;Generate confirmation key for trades. Can only be used once. :param identity_secret: authenticator identity secret :type identity_secret: bytes :param tag: tag identifies what the request, see list below :type tag: str :param timestamp: timestamp to use for generating key :type timestamp: int :return: confirmation key :rtype: bytes Tag choices: * ``conf`` to load the confirmations page * ``details`` to load details about a trade * ``allow`` to confirm a trade * ``cancel`` to cancel a trade rr5)rrrencoder r)r'r(r#rrrrr& sr&cCsNz tjdddddid}WnYdStt}t|did ||S) zGet time offset from steam server time via WebAPI :return: time offset (``None`` when Steam WebAPI fails to respond) :rtype: :class:`int`, :class:`None` r- QueryTimer.r,r+r/Nr1rQ)rr:rrr^)rGtsrrrr$s  rcCsVttt|dd}d|dd|dd|dd|dd|ddfS) zGenerate Android device id :param steamid: Steam ID :type steamid: :class:`.SteamID`, :class:`int` :return: android device id :rtype: str r5zandroid:%s-%s-%s-%s-%sN r )rr r>rrE)rKhrrrrU2s:rUadbcCsht|ddddg}|ddd}|dd kr"td t|d d ttj| d ddDS)aYExtract Steam Authenticator secrets from a rooted Android device Prerequisite for this to work: - rooted android device - `adb binary `_ - device in debug mode, connected and paired .. note:: If you know how to make this work, without requiring the device to be rooted, please open a issue on github. Thanks :param adb_path: path to adb binary :type adb_path: str :raises: When there is any problem :return: all secrets from the device, steamid as key :rtype: dict shellsuz-czL'cat /data/data/com.valvesoftware.android.steam.community/files/Steamguard*'zutf-8 r{zGot invalid data: %scSsi|] }t|d|qS)rK)r).0xrrr \sz7extract_secrets_from_android_rooted..z}{z}|||||{z|||||) subprocess check_outputrEsplitrqrmaprloadsreplace)adb_pathrrrr#extract_secrets_from_android_rooted=s r)r)$rrrrr;base64rrbinasciirrsteamr steam.enumsr steam.steamidrsteam.core.cryptor r steam.enums.commonr steam.webauthr steam.utils.protor objectr Exceptionr8rr!r&rrUrrrrrs4@