Steam Authentication & Integration

Steam Authentication & Integration 1.6.3

No permission to download
Overview FAQ Updates (29) Reviews (45) History Discussion
Stuart Wright said:
Any examples of this working? The website in your description @HowIChrgeLazer - http://ragecagegaming.com/ - does not exist.

I have installed it on AVForums and I associated my account ok.
The Steam page CSS looks screwed up, though.

View attachment 90697
Click to expand...

Ah, yes. This is because of the issue you stated later on, the footer is not being applied.

Fiala06 said:
Is it possible to change the sign in though steam button to its bigger brother:

sits_large_noborder.png


I've tried replacing it in the /styles/default/steamauth/ dir and it didn't matter if I replaced or completely removed it, it was still there. Even flushed all my cache and different computer that I've never looked at my site before.

Thanks for the awesome plugin btw!
Click to expand...

I see that you have this on your site now. Did you get it the way you wanted to, or do you still need help?

Stuart Wright said:
@HowIChrgeLazer I have installed this on AVForums and there are three issues which I hope you will address, please. One is minor, two are not and break the addon.
The minor one is that your footer template modification relies on the presence of
Code: 
<ul class="footerLinks">
which doesn't exist in our footer. It means the css and js includes fail. I manually added them, but you might want to use an alternative method of getting this done.
Click to expand...

I'll have to think about how to best implement this. <ul class="footerLinks"> should be in most skins and is part of the default so it's a good thing to check for. Your skin is highly customized so it's a bit out of the norm. I try to use template modifications because template hooks are deprecated.

But yes a temporary workaround is to just add this to your footer link section:

Code: 
<xen:include template="steam_footer" />

I'll see if I can find any better similarities between your skin and the default for that footer section. Just on first glance though, I didn't see anything yet. I'll do another look over of your footer compared to the default.

Stuart Wright said:
The first major issue is that the cron fails because our server is set up with sensibly tight security.
In your code you have
Code: 
//Check for cURL. If it can be used, use it!
        if((function_exists('curl_version')) && !ini_get('safe_mode') && !ini_get('open_basedir'))
This fails because open_basedir is enabled.
And allow_url_fopen=0 so the cron crashes.

Our host (Tim at Nimbus) *strongly* advises against allowing allow_url_fopen=1 and allowing open_basedir.
May I request that you reconsider your checks, here? Why do you need !ini_get('open_basedir') ?
Click to expand...

I believe open_basedir was a holdover from when this addon used XML instead of JSON. It was the only way to gather it properly. I'm removing those two instances and I'll give it a few tests and get back to you. As for the allow_url_fopen, I've pretty much consolidated the code so that it's a fallback to cURL (and as you pointed out, the checks disqualified you from using cURL and it jumped to file_get_contents). There is one instance I still need to fix in the registration where it still uses file_get_contents and has no alternative. This was reported by @Sheratan and I need to get this fixed sooner rather than later.

As I'm typing this I've already coded out the open_basedir check, I just need to see if it breaks anything. Next will be fixing that registration issue.

Stuart Wright said:
The second major issue is that your addon does not cater for sites with a secure socket layer configured. I.e. all calls for external resources must have https.
This is going to be an issue for you on more and more sites as Google has indicated that it favours secure sites and more people use them.
For example, in the external account association page you bring in the Steam Avatar using http rather than https.
If you look in the Xenforo code for bringing in the Gravatar, you will see how they do it.
Please consider fixing these issues to make your addon as great as it could be.
Thanks.
Click to expand...

So the problem with the Steam Community CDN is that there is no HTTPS support.

My steam avatar:
http://cdn.akamai.steamstatic.com/s.../b3cea64d824a49a83fa7e3e5c30eba6ed501d94d.jpg

Attempt to access it with HTTPS
https://cdn.akamai.steamstatic.com/.../b3cea64d824a49a83fa7e3e5c30eba6ed501d94d.jpg

The nicest way I could get around this, was utilizing XenForo's built-in feature Image Proxy. It is located in ACP -> Options -> Messages. The one thing I do want to mention though, is that this option enables image proxy for your entire forum, not just Steam Authentication. You can see the full HTTPS support in action on my website:

https://ragecagegaming.com/forum/

EDIT: After I typed this, I found a new CDN link that does support HTTPS. I'll have to fix this up.

https://steamcdn-a.akamaihd.net/ste.../b3cea64d824a49a83fa7e3e5c30eba6ed501d94d.jpg

TheSabreSlicer said:
I unchecked "Display alternative login bar for Steam" and it is still showing? What gives?
Click to expand...

Could I get a link to your website or a screenshot? I'd like to see what's going on. I can't replicate that issue.
 
Last edited:
Thanks for the reply. I'm glad you found an https version. It would be a pretty big omission on the part of steam not to provide it.
We have a fairly sizeable gaming community with plenty of Steam users and aside from the handy Steam login, I would love to do more with the data from the API.
For example, is it possible to get member rankings of scores or achievements for the individual games?
 
Phew, half of the day coding session and I've added these following options:

aP2EcP8.jpg


This will give the end user more flexibility, especially if a CDN goes down. While adding this it also helped me consolidate code that I was using to build API and Image links, so good on that.

Stuart Wright said:
Thanks for the reply. I'm glad you found an https version. It would be a pretty big omission on the part of steam not to provide it.
We have a fairly sizeable gaming community with plenty of Steam users and aside from the handy Steam login, I would love to do more with the data from the API.
For example, is it possible to get member rankings of scores or achievements for the individual games?
Click to expand...

Okay, so two things down but I haven't extensively tested every corner of my site yet. You're welcome to register and try all the features:

https://ragecagegaming.com/forum/

I've addressed your HTTPS request as well as your open_basedir request. I still have to work with the OpenID registration to get rid of that last use of allow_url_fopen. As you see on my site, all my images are using protocol relative links for the steam CDN (as chosen in the options above). My JSON requests are also over HTTPS (even though it doesn't cause an error on the address bar with HTTP, it's additional peace of mind).

As for the achievements that's a little bit more of a hurdle. The API requests for that would be massive. I mentioned it early in the thread, you have to do an achievement call by game. So it would be 1 API call for every game a user owns times the amount of games they have plus the same calls with every other user that's authed.

If steam were to change this API I would consider it, but right now with the daily 100,000 call limit, it's too much of a load.

Fiala06 said:
Yeah, I would like if possible to replace the one under the sign up now button to the bigger version. Haven't been able to figure it out. Thanks

d151053971.png
Click to expand...

Disable Display alternative login bar for Steam in the options then edit the following template: steam_sidebar_visitor

Find:

Code: 
<img src="styles/default/steamauth/steam_signin.png" alt="{xen:phrase login_with_steam}" style="margin:0 14px;"/>

Replace with (for HTTP support)

Code: 
<img src="http://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_large_noborder.png" alt="{xen:phrase login_with_steam}" style="margin:0 14px;"/>

OR Replace with (for HTTPS support)

Code: 
<img src="https://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_large_noborder.png" alt="{xen:phrase login_with_steam}" style="margin:0 14px;"/>

This manual change may be overwritten each time you update this addon.
 
Last edited:
Okay so, I did some searching around the registration code and @Sheratan it looks like the code threw that error because it didn't use cURL first. This could be a cURL configuration issue on your host. To test, I've disabled allow_url_fopen on my host and I did not receive this error.

In speaking of the registration code I made a slight adjustment to the way the referrer link is sent when using OpenID based on a little snippet of code from LightOpenID. This will use the hostname from the board URL option in XenForo. It'll do away with trying to get the host from _SERVER["HTTP_HOST"] (which is discouraged). I also changed the way HTTP and HTTPS is chosen as the OpenID realm which should work for all cases. Not sure if this will help @mauzao9 but, we'll see. In either event, this is better practice.

Because of the question from @Fiala06, I have added the ability to change the style of the visitor button in the options in the upcoming version.

All that I need now is a little bit of feedback from some volunteers. I've tested things on my setup and it seems to be working well. I can register and disassociate, run crons, and view stats with allow_url_fopen disabled. However, I would like some people to try out 1.5.0-RC1 on their development forums. It should be completely stable as far as my testing has shown, but I want to err on the side of caution. Maybe @Stuart Wright would like to give it a go? ;)

EDIT: Gave it a go with open_basedir set myself and it seems to be working great. I'll still let it sit for a little bit so if anybody would like to test, they can. Feedback is good as a lot of items have changed with this update.

I have tested HTTP and HTTPS myself and both seem to redirect from steam community beautifully. Image links are also correct as well.

I have Steam Auth 1.5.0-RC1 up on the development branch of GitHub and it can be downloaded here. I'll cease pushing things to the development branch until I hear some feedback to keep the version the same for anybody who wishes to test.

On a side note for @csgofrance I noticed something during my tests. One of my users fell out of the Steam Group that was managed by User Group Promotions. However, upon logging in with that account, it was immediately put back in place. I've made a change to the conditions and told it to apply when the User state is "Vaild" and the user is Associated with Steam. This promotion could have changed because I was messing around with associating and disassociating that user, but just wanted to let you know that I'm going to keep checking to see if it sticks. I have a feeling that it should.
 
Last edited:
HowIChrgeLazer said:
On a side note for @csgofrance I noticed something during my tests. One of my users fell out of the Steam Group that was managed by User Group Promotions. However, upon logging in with that account, it was immediately put back in place. I've made a change to the conditions and told it to apply when the User state is "Vaild" and the user is Associated with Steam. This promotion could have changed because I was messing around with associating and disassociating that user, but just wanted to let you know that I'm going to keep checking to see if it sticks. I have a feeling that it should.
Click to expand...
Thanks for your interest and motivation !!
I'll give a try to the 1.5RC1 so :)

I'll let back a comment here soon ;)
 
HowIChrgeLazer updated Steam Authentication & Integration with a new update entry:

Version 1.5.0 Changelog

* Consolidated jsonproxy.php and removed jsonproxystats.php
* Cleaned up code and added documentation
* Fixed span tags (Thanks, Skiphs!)
* Added Steam ID 32-bit helper {xen:helper steamid3, $value}
* Added Steam CDN options for additional HTTPS support
* Added Steam as an External Account to User's Extra tab in ACP
* Added additional visitor panel button options
* Added an option to force the cron to update game image links
* Improve template conditionals (Thanks, jenky!)
* Update template...
Click to expand...

Read the rest of this update entry...
 
Thanks for the update! I tried changing to the large button and large button with border and nothing changed. Is there something else I'm suppose to do?

I even switched to the default theme making sure it wasn't a theme issue. Thanks
 
Fiala06 said:
Display alternative login bar for Steam is checked.
Click to expand...

Uncheck it. It's overwriting the official Steam button. "Display alternative login bar for Steam" is only if you really want a XenForo style login button instead of Valve's. ;)

e: I'll update the phrases for the next version to make that more clear.
 
Thanks that worked on the default theme!!! Now I just need to figure out how to get it to work with my theme I installed!

Yeah sorry, I'm new to XenForo still figuring stuff out ;) Thanks again
 
Should work on mostly any theme as long as they stay somewhat true to the original XenForo design. Works for mine without any edits:

https://ragecagegaming.com/forum/

It looks for this code in the sidebar panel and places it underneath:

Code: 
<label for="LoginControl" id="SignupButton"><a href="{xen:link login}" class="inner">{xen:if $xenOptions.registrationSetup.enabled, {xen:phrase sign_up_now}, {xen:phrase log_in}}</a></label>

I may have to find a better check if you're still seeing problems. Do you have any manual template edits?
 
Fiala06 said:
Looks like you have a theme from PixelExit also. I had the same problem and had to submit a ticket to them. If you switch your theme to the default it does show up right?
Click to expand...
Yup, works fine on default, just not pixel exit. You can tell them I'm having the same problem. Let me know if they get back to you please.
 
You must log in or register to reply here.

Similar threads

Falkio
French translation of [S70] Steam Authentication and Integration
Replies
0
Views
1K
Falkio
Falkio
TACTICS
Steam Authentication [Deleted]
2
Replies
25
Views
4K
TACTICS
TACTICS
Assadi
XF2 [S70] Steam Authentication and Integration (Connected Accounts) - NEW: ANALYTICS, XF1...
12 13 14
Replies
270
Views
48K
Nicolas FR
N
zombiekiller804
Add-on Update Steam Authentication Addon to work with [Xenforo 2.0.1]
Replies
2
Views
2K
Nirjonadda
Nirjonadda
xerhik
  • Question Question
XF 1.5 Inserting custom External Auth data (Steam Authentication)
Replies
0
Views
566
xerhik
xerhik
Top Bottom