qwexvf · October 17, 2017 07:17
diff --git a/app.py b/app.py
 from flask import Flask, redirect
 from urllib import parse
 import requests
 import json
    
 app = Flask(__name__)

 @app.route('/')
 def hello_world():
    steam_openid_url = 'https://steamcommunity.com/openid/login'
    u = {
        'openid.ns': "http://specs.openid.net/auth/2.0",
        'openid.identity': "http://specs.openid.net/auth/2.0/identifier_select",
        'openid.claimed_id': "http://specs.openid.net/auth/2.0/identifier_select",
        'openid.mode': 'checkid_setup',
        'openid.return_to': 'http://192.168.33.10:8081/setup',
        'openid.realm': 'http://192.168.33.10:8081'
    }
    query_string = parse.urlencode(u)
    auth_url = steam_openid_url + "?" + query_string
    return redirect(auth_url)

 @app.route('/setup', methods=['GET']) 
 def setup(request):
    valid = validate(request.args)
    return valid

 def validate(signed_params):

    steam_login_url_base = "https://steamcommunity.com/openid/login"

    params = {
        "openid.assoc_handle": signed_params["openid.assoc_handle"],
        "openid.sig": signed_params["openid.sig"],
        "openid.ns": signed_params["openid.ns"],
        "openid.mode": "check_authentication"
    }

    signed_params.update(params)

    signed_params["openid.mode"] = "check_authentication"
    signed_params["openid.signed"] = signed_params["openid.signed"]

    r = requests.post(steam_login_url_base, data=signed_params)

    if "is_valid:true" in r.text:
        return True

    # this fucntion should always return false if the payload is not valid
    return False
	from flask import Flask, redirect
	from urllib import parse
	import requests
	import json

	app = Flask(__name__)

	@app.route('/')
	def hello_world():
	steam_openid_url = 'https://steamcommunity.com/openid/login'
	u = {
	'openid.ns': "http://specs.openid.net/auth/2.0",
	'openid.identity': "http://specs.openid.net/auth/2.0/identifier_select",
	'openid.claimed_id': "http://specs.openid.net/auth/2.0/identifier_select",
	'openid.mode': 'checkid_setup',
	'openid.return_to': 'http://192.168.33.10:8081/setup',
	'openid.realm': 'http://192.168.33.10:8081'
	}
	query_string = parse.urlencode(u)
	auth_url = steam_openid_url + "?" + query_string
	return redirect(auth_url)

	@app.route('/setup', methods=['GET'])
	def setup(request):
	valid = validate(request.args)
	return valid

	def validate(signed_params):

	steam_login_url_base = "https://steamcommunity.com/openid/login"

	params = {
	"openid.assoc_handle": signed_params["openid.assoc_handle"],
	"openid.sig": signed_params["openid.sig"],
	"openid.ns": signed_params["openid.ns"],
	"openid.mode": "check_authentication"
	}

	signed_params.update(params)

	signed_params["openid.mode"] = "check_authentication"
	signed_params["openid.signed"] = signed_params["openid.signed"]

	r = requests.post(steam_login_url_base, data=signed_params)

	if "is_valid:true" in r.text:
	return True

	# this fucntion should always return false if the payload is not valid
	return False