tills13/gist:189a913c3c843f5a9d36

## gistfile1.php
class AuthController {
	const STEAM_LOGIN = 'https://steamcommunity.com/openid/login';
	const STEAM_API_FORMAT = "json";

	public static function genUrl($returnTo = false) {
		$returnTo = (empty($_SERVER['HTTPS']) ? "http" : "https") . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'];

		$params = array(
			'openid.ns'		=> 'http://specs.openid.net/auth/2.0',
			'openid.mode'		=> 'checkid_setup',
			'openid.return_to'	=> $returnTo,
			'openid.realm'		=> (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'],
			'openid.identity'	=> 'http://specs.openid.net/auth/2.0/identifier_select',
			'openid.claimed_id'	=> 'http://specs.openid.net/auth/2.0/identifier_select',
		);

		return self::STEAM_LOGIN . '?' . http_build_query($params, '', "&amp;");
	}

	public static function authenticate() {
		if (isset($_SESSION['user_id'])) return true;

		$params = array(
			'openid.assoc_handle'	=> $_GET['openid_assoc_handle'],
			'openid.signed'			=> $_GET['openid_signed'],
			'openid.sig'			=> $_GET['openid_sig'],
			'openid.ns'				=> 'http://specs.openid.net/auth/2.0',
		);

		$signed = explode(',', $_GET['openid_signed']);
		foreach($signed as $item) {
			$val = $_GET['openid_' . str_replace('.', '_', $item)];
			$params['openid.' . $item] = get_magic_quotes_gpc() ? stripslashes($val) : $val;
		}

		$params['openid.mode'] = 'check_authentication'; // Finally, add the all important mode.

		$data =  http_build_query($params);
		$context = stream_context_create(array(
			'http' => array(
				'method'  => 'POST',
				'header'  =>
					"Accept-language: en\r\n".
					"Content-type: application/x-www-form-urlencoded\r\n" .
					"Content-Length: " . strlen($data) . "\r\n",
				'content' => $data,
			),
		));

		$result = file_get_contents(self::STEAM_LOGIN, false, $context);


		preg_match("#^http://steamcommunity.com/openid/id/([0-9]{17,25})#", $_GET['openid_claimed_id'], $matches); // Validate wheather it's true and if we have a good ID
		$steamID64 = is_numeric($matches[1]) ? $matches[1] : 0;

		if (preg_match("#is_valid\s*:\s*true#i", $result) == 1) $profile = self::getProfile($steamID64);
		else {
			error("could not authenticate with Steam...", false);
			return false;
		}

		if ($profile['user_id'] == "") $profile['user_id'] = $profile['steam_id'];
		if ($profile['user_id'] != "") {
			// username not empty - do something here with the username
		}

		$_SESSION['user_id'] = $user['user_id'];
		return true;
	}

	public static function getProfile($steamID64) {
		$context = stream_context_create(array('http' => array('method'  => 'GET')));
		$result = file_get_contents("http://steamcommunity.com/profiles/" . $steamID64 . "?xml=1", false, $context);
		xml_parse_into_struct(xml_parser_create(), $result, $result, $indexes);

		return array('user_id' => $result[$indexes["CUSTOMURL"][0]]['value'], 'steam_id' => $result[$indexes["STEAMID"][0]]['value'], 'steamID64' => $steamID64);
	}
}
	class AuthController {
	const STEAM_LOGIN = 'https://steamcommunity.com/openid/login';
	const STEAM_API_FORMAT = "json";

	public static function genUrl($returnTo = false) {
	$returnTo = (empty($_SERVER['HTTPS']) ? "http" : "https") . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'];

	$params = array(
	'openid.ns' => 'http://specs.openid.net/auth/2.0',
	'openid.mode' => 'checkid_setup',
	'openid.return_to' => $returnTo,
	'openid.realm' => (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'],
	'openid.identity' => 'http://specs.openid.net/auth/2.0/identifier_select',
	'openid.claimed_id' => 'http://specs.openid.net/auth/2.0/identifier_select',
	);

	return self::STEAM_LOGIN . '?' . http_build_query($params, '', "&");
	}

	public static function authenticate() {
	if (isset($_SESSION['user_id'])) return true;

	$params = array(
	'openid.assoc_handle' => $_GET['openid_assoc_handle'],
	'openid.signed' => $_GET['openid_signed'],
	'openid.sig' => $_GET['openid_sig'],
	'openid.ns' => 'http://specs.openid.net/auth/2.0',
	);

	$signed = explode(',', $_GET['openid_signed']);
	foreach($signed as $item) {
	$val = $_GET['openid_' . str_replace('.', '_', $item)];
	$params['openid.' . $item] = get_magic_quotes_gpc() ? stripslashes($val) : $val;
	}

	$params['openid.mode'] = 'check_authentication'; // Finally, add the all important mode.

	$data = http_build_query($params);
	$context = stream_context_create(array(
	'http' => array(
	'method' => 'POST',
	'header' =>
	"Accept-language: en\r\n".
	"Content-type: application/x-www-form-urlencoded\r\n" .
	"Content-Length: " . strlen($data) . "\r\n",
	'content' => $data,
	),
	));

	$result = file_get_contents(self::STEAM_LOGIN, false, $context);


	preg_match("#^http://steamcommunity.com/openid/id/([0-9]{17,25})#", $_GET['openid_claimed_id'], $matches); // Validate wheather it's true and if we have a good ID
	$steamID64 = is_numeric($matches[1]) ? $matches[1] : 0;

	if (preg_match("#is_valid\s:\strue#i", $result) == 1) $profile = self::getProfile($steamID64);
	else {
	error("could not authenticate with Steam...", false);
	return false;
	}

	if ($profile['user_id'] == "") $profile['user_id'] = $profile['steam_id'];
	if ($profile['user_id'] != "") {
	// username not empty - do something here with the username
	}

	$_SESSION['user_id'] = $user['user_id'];
	return true;
	}

	public static function getProfile($steamID64) {
	$context = stream_context_create(array('http' => array('method' => 'GET')));
	$result = file_get_contents("http://steamcommunity.com/profiles/" . $steamID64 . "?xml=1", false, $context);
	xml_parse_into_struct(xml_parser_create(), $result, $result, $indexes);

	return array('user_id' => $result[$indexes["CUSTOMURL"][0]]['value'], 'steam_id' => $result[$indexes["STEAMID"][0]]['value'], 'steamID64' => $steamID64);
	}
	}