OpenID in Perl for Steam API

For my first game (soon to be posted here) !CARDIGAN! I needed to hook into the Steam API, and also give players the option to log in via Steam (in fact it's the only login method I want them to use).

I'm a Perl coder, but only found working examples of logging into OpenID using PHP. Which was a good start, and I even had Perl and PHP talking nicely to each other, but I really didn't want PHP on my server (that's another story for another time).

So, I got my head down and just did it. Perling away like a little .... erm .... Perl coding person. (yeah that's the perfect analogy!)

I went with Net::OpenID::Consumer in the end, because it looked easy to implement.

Nek minit! (soz) Actually more like nek day.

After a day of fiddling around, with little online documentation and no real examples to implement OpenID with Steam (in Perl), I got it working.

The last thing that I did that finally got things rolling' was to force upgrade the module, so it currently stands as :

Net::OpenID::Consumer::VERSION 1.18

I was having issues with an earlier version 1.03.

Oh BTW this is on 64bit CentOS 6.7 with Perl v5.10.1

Make sure you have all the dependencies with latest versions installed.

#!perl # yeah IKR! i use set perl as a symlink to the actual executable, my code can be directly copied between environments :)
use CGI::Carp qw(fatalsToBrowser);# add your own stricts and stuff up here
use Net::OpenID::Consumer;
use LWPx::ParanoidAgent;
use Cache::File;
use CGI;
my$steamlogin="https://steamcommunity.com/openid/?l=english"; # this is the URL that sends you to the Steam Community login - use this, don't change it
my$dns=$ENV{SERVER_NAME}; # feel free to hard-code your domain here (using server envs make the code more adaptable)
my$cgi=CGI->new();
my$csr=Net::OpenID::Consumer->new(
 ua=>LWPx::ParanoidAgent->new,
 cache=>Cache::File->new(cache_root=>"/tmp/mycache"),
 args=>$cgi,
 consumer_secret=>$key, # put your Steam API key here (in quotes)
 required_root=>"http://$dns/", # this is the root of your site that is doing the OpenID call ( i.e. # http://mywebsite.co.nz/ )
 =>[max_encrypt=>1,session_no_encrypt_https=>1,], # if you get an error complaining about no option assoc_options, then update your modules
);
if($cgi->param("openid.mode")){# this is just a test to see if the cipt has come from the Steam login page (i.e. the response)
print $cgi->header();# it's very unlinke me to use CGI but this is rushed code
 $csr->handle_server_response(
  not_openid=>sub{
   print"Invalid OpenID message";
  },
  setup_required=>sub{
   my$setup_url=shift;
   print"User not set up correctly";
  },
  cancelled=>sub {
   print"Login canceled";
  },
  verified=>sub{
   my$vident=shift;
   my$url=$vident->url;
   print"Your verification URL : $url";
  },
  error => sub {
   print $csr->err;
  }
 );
 exit;
}else{
 my$claimed_identity=$csr->claimed_identity($steamlogin);
 unless($claimed_identity){print "Invalid OpenID?".$csr->err;}
 my$check_url=$claimed_identity->check_url(
  delayed_return=>1,
  return_to=>"http://${dns}$ENV{SCRIPT_NAME}",#this is the URL of this script (hardcode it if you must)
  trust_root=>"http://$dns/", # same as "required_root"
 );
 print"Status: 302 Found\nContent-type: text/html\nLocation: $check_url\n\n<a href='$check_url'>$check_url</a>";#this sends off the deets to the steam login page
} 

This is a first draft (but working prototype).

Once verified you can use one of the many Perl web Steam APIs to get the user data,

and create a session file, cookie session or whatever.

Also don't forget to link to your script with an official Steam API button. ( see https://steamcommunity.com/dev )

So, yeah. I hope someone finds this code useful as I had next to no help online.