auth.RdInitializes an authorized Steam session. Some functions in both the
Web API and storefront API require the session to be authenticated. This
concerns all API methods that access personal account information.
auth_* functions essentially sign in a user programmatically.
auth_qr authenticates by showing a QR code that can be
scanned using the Steam mobile app. The QR code is shown as an R plot
and refreshes every 5 seconds.
logout ends the active authenticated session by formally logging
out of Steam and removing all cookies and authentication information from
the session and the cache.
auth_credentials(
username,
password = openssl::askpass,
shared_secret = NULL,
persistent = FALSE,
friendly_name = "steamr",
details = "Login using credentials"
)
auth_qr(friendly_name = "steamr", device_details = "Login using QR code")
logout()Account name of the user to be authenticated.
A function that safely prompts the Steam password. Defaults
to askpass which obfuscates the input. The password
is RSA encrypted before transmission to the Steam servers.
A 5-character string representing the one-time Steam
Guard code needed to confirm the login. Note that the Steam Guard code
is regenerated every 30 seconds. If shared_secret is NULL,
authenticates using two-factor authentication. Two-factor confirmation
requires the manual confirmation of the login request in the Steam Guard
mobile app.
Whether to start a persistent or ephemeral session. If the session is ephemeral (default), then it is reset when the R session ends. If it is persistent, then the necessary cookies are stored in a persistent cache in the file system and recovered when the package is loaded.
Name of the session. Used to track authorized devices in Steam Guard.
Arbitrary details about the device attempting to authenticate. Will be shown in Steam Guard.
An object of class steam_auth_session holding information
about vanity ID, Steam64 ID, client ID, request ID, and access token. The
object is also attached to the session.
Internally, auth_credentials requests a public RSA key using the
GetPasswordRSAPublicKey method from the IAuthenticationService
interface. The public key is used to encrypt the entered password to safely
transfer it to Steam. An authenticated session is requested by querying
BeginAuthSessionViaCredentials. If a captcha is required, the
function aborts. If no Steam Guard code is provided, the function will
attempt to authenticate using 2 factor authentication. After confirming
the authentication, auth_credentials will redirect to all Steam
websites requiring authentication to set the necessary cookies.
auth_qr follows a very similar process, but requests an authenticated
session using BeginAuthSessionViaQR. The resulting challenge URL
is converted to a QR code using qrcode. Scanning the
QR code with the Steam Guard mobile app automatically authenticates the
session.
Session authentication is only possible in interactive mode because it requires the manual insertion of Steam guard codes, confirmation of login requests in the mobile app, or the scanning of QR codes. All of these actions are not suitable for batch processing.
if (FALSE) { # \dontrun{
user <- "gabelogannewell"
auth_credentials(user)
# use a different password method
auth_credentials(user, password = rstudioapi::askForPassword)
# set a friendly name to identify this session
auth_credentials(user, friendly_name = "R session")
# skip two-factor authentication by providing a Steam Guard code
auth_credentials(user, shared_secret = "XXXXX")
# authenticating a persistent session survives restarts of R
auth_credentials(user, persistent = TRUE)
.rs.restartR() # restart R
is_authenticated() # returns TRUE
# sign in using a QR code
auth_qr()} # }