Steam API Authentication

There is a need for OpenID. That’s the method that Valve uses according to their documentation.

You don’t mention what your application is written in, so I can only guess that you are doing this via a web page. In that case, I recommend using the LightOpenID library. From there, this sample code should be able to get you started.

<?php
require 'includes/lightopenid/openid.php';
$_STEAMAPI = "YOURSTEAMAPIKEY";
try 
{
    $openid = new LightOpenID('http://URL.TO.REDIRECT.TO.AFTER.LOGIN/');
    if(!$openid->mode) 
    {
        if(isset($_GET['login'])) 
        {
            $openid->identity = 'http://steamcommunity.com/openid/?l=english';    // This is forcing english because it has a weird habit of selecting a random language otherwise
            header('Location: ' . $openid->authUrl());
        }
?>
<form action="?login" method="post">
    <input type="image" src="http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_small.png">
</form>
<?php
    } 
    elseif($openid->mode == 'cancel') 
    {
        echo 'User has canceled authentication!';
    } 
    else 
    {
        if($openid->validate()) 
        {
                $id = $openid->identity;
                // identity is something like: http://steamcommunity.com/openid/id/76561197960435530
                // we only care about the unique account ID at the end of the URL.
                $ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
                preg_match($ptn, $id, $matches);
                echo "User is logged in (steamID: $matches[1])\n";

                $url = "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=$_STEAMAPI&steamids=$matches[1]";
                $json_object= file_get_contents($url);
                $json_decoded = json_decode($json_object);

                foreach ($json_decoded->response->players as $player)
                {
                    echo "
                    <br/>Player ID: $player->steamid
                    <br/>Player Name: $player->personaname
                    <br/>Profile URL: $player->profileurl
                    <br/>SmallAvatar: <img src="$player->avatar"/> 
                    <br/>MediumAvatar: <img src="$player->avatarmedium"/> 
                    <br/>LargeAvatar: <img src="$player->avatarfull"/> 
                    ";
                }

        } 
        else 
        {
                echo "User is not logged in.\n";
        }
    }
} 
catch(ErrorException $e) 
{
    echo $e->getMessage();
}
?>

Using this, it will present the user with a Steam Login ID button. When it is clicked it will redirect the user to the Steam Community login page. After they login, the user is redirect back to your page, that you set on the LightOpenID constructor. If the user has been validated, it will pull the unique player ID from the returned value. That returned value looks like http://steamcommunity.com/openid/id/76561197960435530, and you need just the 76561197960435530 part.

At this point you can query Steam to get player information. In the sample provided, the user is queried and basic player information is displayed.

Leave a Comment