Resource icon

Steam Authentication & Integration 1.0.7

No permission to download
Overview Updates (8) Reviews (14) History Discussion
Soo does this work for anyone else? I can't actually associate Steam accounts with forum accounts, continually getting this error.

Code: 
http://example.com/register/steam?redirect=http://example.com/account/steam&openid.ns=http://specs.openid.net/auth/2.0&openid.mode=error&openid.error=realm and return_to do not match
 
Binari0 said:
On my forums works fine, but this appers to day in my profile:

Invalid profile data

http://i.minus.com/jbaPZ6uerIHIxM.png

My profile:
http://foros.tecnogaming.com/members/010101.83/

Any ideas?
Click to expand...


There seems to be times when Steam fails to provide the data and you get the "invalid profile data". I'm not entirely certain what will need to be done to fix it given that I didn't write the steam cards themselves. Does it happen consistently?


Gurrazor said:
Is there a possibility to require people to associate their steam accounts when they register?
Click to expand...

descoteaux said:
Have you investigated using Steam only for authorization when signing up for forums?
Click to expand...


Looks like I need to jump back into this and actually get working on this! Sorry but life has distracted me too easily from my todo list.

Bios Element said:
Well yes, I did. I simply stripped the actual domain out, but it's currently live at www.bioshub.com and doesn't appear to like me very much.
Click to expand...

That is really wonky. Looking at your URL redirects...I'm noticing that your openid realm is set to "openid.realm=https://bioshub.com" however we are returning to "openid.return_to=http://bioshub.com/register/steam?redirect=http://bioshub.com/" (Sorry for being too lazy to fully decode the url to ascii, it really isn't too necessary). As you notice we're seeing a difference between http and https. So...why is that happening for you? You can look into the _genUrl() function I use for the Controller Public (its a private function for that class):
PHP: 
    /**
    * Generates URI to be used
    */
    private function _genUrl() {
        $callbackUri = XenForo_Link::buildPublicLink('full:register/steam', false, array(
            'redirect' => $this->getDynamicRedirect()
        ));
 
        $params = array(
            'openid.ns'        => 'http://specs.openid.net/auth/2.0',
            'openid.mode'      => 'checkid_setup',
            'openid.return_to'  => $callbackUri,
            'openid.realm'      => (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'],
            'openid.identity'  => 'http://specs.openid.net/auth/2.0/identifier_select',
            'openid.claimed_id' => 'http://specs.openid.net/auth/2.0/identifier_select'
        );
 
        return self::STEAM_LOGIN . '?' . http_build_query($params, '', '&');
    }

You will notice that I am checking if the request was done via HTTPS. However it wasn't. I've cleared up the logic on the openid.realm line just for clarity, and regardless what your seeing "shouldn't" happen. Looking at your server I noticed your running Cherokee/1.2.101 which I assume is fine but to debug this could you throw the following php file somewhere that it can be run on your site to see what the output is?
PHP: 
<?php
    print_r($_SERVER['HTTPS']);
 
Morgan said:
There seems to be times when Steam fails to provide the data and you get the "invalid profile data". I'm not entirely certain what will need to be done to fix it given that I didn't write the steam cards themselves. Does it happen consistently?
Click to expand...

No.. only one time, in my forum...
 
Morgan said:
You will notice that I am checking if the request was done via HTTPS. However it wasn't. I've cleared up the logic on the openid.realm line just for clarity, and regardless what your seeing "shouldn't" happen. Looking at your server I noticed your running Cherokee/1.2.101 which I assume is fine but to debug this could you throw the following php file somewhere that it can be run on your site to see what the output is?
PHP: 
<?php
    print_r($_SERVER['HTTPS']);
Click to expand...

http://bioshub.com/test.php

I'll go ahead and double check on the Cherokee side of things, but in concept it shouldn't be touching HTTPS anywhere as I never quite got around to configuring that. (Although perhaps this is a good time to do so...)
 
I have a quick question - is there a conditional I can use in templates for whether or not their steam is associated? Since I'm using Dark's currently I can do this by checking if their Steam user field has anything in it or not (<xen:if is="!{$visitor.customFields.Steam}">). I noticed this addon has something for notices, but I need a conditional I can use in certain templates, does one exist?

Thanks, just trying to square some site integration away before potentially switching over to this one.
 
Some of my new users have had problems when using Steam Login directly to register for my forum. Once registered, they can sign in through Steam, but they can't sign in through Xenforo's normal login method because they don't have a forum password. Obviously you can't copy their Steam password so is it possible to add a requirement for them create a forum password during the Steam Login registration process? If I'm missing something here, I apologize.

Again, thank you for your work.
 
descoteaux said:
Some of my new users have had problems when using Steam Login directly to register for my forum. Once registered, they can sign in through Steam, but they can't sign in through Xenforo's normal login method because they don't have a forum password. Obviously you can't copy their Steam password so is it possible to add a requirement for them create a forum password during the Steam Login registration process? If I'm missing something here, I apologize.

Again, thank you for your work.
Click to expand...
This is the same case with the other Steam addon by Dark Immortal. If this new one fixed this I'd have even more reason to finally switch over. I just ended up putting up a notice / info in the wiki informing users who created accounts via steam that they'll need to reset their passwords in order to login normally as there isn't any password creation during that process. :confused:
 
descoteaux said:
Some of my new users have had problems when using Steam Login directly to register for my forum. Once registered, they can sign in through Steam, but they can't sign in through Xenforo's normal login method because they don't have a forum password. Obviously you can't copy their Steam password so is it possible to add a requirement for them create a forum password during the Steam Login registration process? If I'm missing something here, I apologize.

Again, thank you for your work.
Click to expand...

I could probably just trigger a password reset on registration if you think that would be advantageous. Though it might confuse people if they didn't ask for it and just signed in via Steam. Might be better to provide a mechanism to inform the user they need to use Steam or reset the password.
 
lasertits said:
I have a quick question - is there a conditional I can use in templates for whether or not their steam is associated? Since I'm using Dark's currently I can do this by checking if their Steam user field has anything in it or not (<xen:if is="!{$visitor.customFields.Steam}">). I noticed this addon has something for notices, but I need a conditional I can use in certain templates, does one exist?

Thanks, just trying to square some site integration away before potentially switching over to this one.
Click to expand...

Code: 
<xen:if is="{$visitor.steam_auth_id}">Your random stuff here</xen:if>

Hope that helps!
 
Binari0 said:
I think the password you put in your account xenforo is the same as that of steam.
Click to expand...
Given that the purpose of this external authentication is to trust other identity providers to perform authentication, the XenForo forum installation never receives this data and is entirely left up to the identity provider. Your XenForo install merely trusts the result of the Identity Provider. As such you must trust the Identity Provider is secure, however for a forum this is less critical than say a bank. Steam Authentication & Integration simply never receives the password and as such we can't make them the same!
 
I think if you just add a password field to the account creation form that users see after being redirected back to XF from SteamCommunity, it would work fine. Users would enter a pass as if it were a regular registration and be able to use said pass when logging in normally.
 
lasertits said:
I think if you just add a password field to the account creation form that users see after being redirected back to XF from SteamCommunity, it would work fine. Users would enter a pass as if it were a regular registration and be able to use said pass when logging in normally.
Click to expand...
Not certain how I feel about that. Given the purpose of Steam Authentication is to remove as many steps (or barriers) to registration as possible. Given that your leaning on Steam to be an identity provider that should be their password. Possibly should just make a custom e-mail to send the user explaining it with a password to use...not certain.
 
Morgan said:
Not certain how I feel about that. Given the purpose of Steam Authentication is to remove as many steps (or barriers) to registration as possible. Given that your leaning on Steam to be an identity provider that should be their password. Possibly should just make a custom e-mail to send the user explaining it with a password to use...not certain.
Click to expand...
Hmm, that might work. I'm sure some users will have old outdated emails attached they no longer really check, but perhaps not with the introduction of the recent Steam Guard which requires you to check your email for a code now and then. Perhaps an email + something on-site would be good, not sure what though... a dismissible notice might be the best bet... :unsure:
 
You must log in or register to reply here.

Similar threads

Falkio
French translation of [S70] Steam Authentication and Integration
Replies
0
Views
1K
Falkio
Falkio
TACTICS
Steam Authentication [Deleted]
2
Replies
25
Views
4K
TACTICS
TACTICS
Assadi
XF2 [S70] Steam Authentication and Integration (Connected Accounts) - NEW: ANALYTICS, XF1...
12 13 14
Replies
270
Views
48K
Nicolas FR
N
zombiekiller804
Add-on Update Steam Authentication Addon to work with [Xenforo 2.0.1]
Replies
2
Views
2K
Nirjonadda
Nirjonadda
xerhik
  • Question Question
XF 1.5 Inserting custom External Auth data (Steam Authentication)
Replies
0
Views
565
xerhik
xerhik
Top Bottom