mirrors/steam-openid-connect-provider
1
0
Fork 0
mirror of https://github.com/byo-software/steam-openid-connect-provider.git synced 2025-01-09 18:06:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
Steam OpenID Connect Identity Provider (IdP)
45 commits 1 branch 0 tags 146 KiB
C# 93.1%
Dockerfile 5.8%
Shell 1.1%
Find a file
Enes Sadık Özbek dcf54caf9f
Merge pull request #7 from SunriseM/feature/fetch-aditional-claims 
Use ISteamUser/GetPlayersSummaries to fetch additional claims #6
2020-10-03 23:58:24 +03:00
src Add ProfileService to Startup services 2020-10-03 12:38:01 -04:00
.dockerignore Initial code commit 2019-05-02 00:41:28 +03:00
.gitattributes Add gitattributes 2019-05-02 00:58:57 +03:00
.gitignore Add AddDeveloperSigningCredential 2019-05-02 01:09:56 +03:00
Dockerfile Add expose 2019-11-15 03:22:21 +03:00
LICENSE Initial commit 2019-05-02 00:28:11 +03:00
README.md Update README.md 2020-07-12 15:02:47 +03:00
SteamOpenIdConnectProvider.sln Rename to steam-openid-connect-provider; add health checks 2019-10-13 17:18:29 +03:00

README.md

Steam OpenId Connect Provider

Steam OpenID 2.0 -> OpenID Connect Provider Proxy

About

Steam still uses the old OpenID 2.0 authentication protocol. Since ImperialPlugins.com has migrated to KeyCloak we were unable to migrate our old Steam logins as KeyCloak does not support OpenID 2.0.

This server will act as an OpenID Connect provider which will provide Steam authentication for you. This way you can use Steam logins in KeyCloak or any other OpenID Connect based authentication client.

Note: only "openid" and "profile" scopes are supported due limitations by Valve/Steam.

Setup

Add your Steam API Key as user-secrets like this: dotnet user-secrets set "Authentication:Steam:ApplicationKey" "MySteamApiKey"

Alternatively you can set it up via environment variables: -e Authentication__Steam__ApplicationKey: 'Your Steam ApiKey (Keep in mind that this is easier but more insecure)

After that set up your redirect URI, ClientID and ClientSecret in the appsettings.json.

OpenID Configuration

You can access Authorization and Token endpoint details in http://<Your Host>/.well-known/openid-configuration

HTTPS Support

This server does not support https connections. If you want to use https connections please use a reverse proxy like nginx.

Running behind reverse proxies

Some reverse proxy setups might require additional configuration, like setting the path base or origin.

To set the origin, set Hosting:PublicOrigin in the appsettings.json or the Hosting__PublicOrigin environment variable to your desired origin. If not set, the origin name is inferred from the request.

Similary, you can use the Hosting:PathBase in the appsettings.json or the Hosting__PathBase environment variable to set the path base. If not set, it will default to "/".

Health checks

This service contains a health check endpoint at /health. It checks if the Steam login server is up.

Docker

A docker image is also available.

docker run -it \
    -e OpenID__RedirectUri=http://localhost:8080/auth/realms/master/broker/steam/endpoint \
    -e OpenID__ClientID=steamidp \ 
    -e OpenID__ClientSecret=mysecret \
    -e Authentication__Steam__ApplicationKey=MySteamApiKey \
    --restart unless-stopped \
    --name steamidp \
    imperialplugins/steam-openid-connect-provider

License

MIT