From 35ea1c9d79f8e29b6abdf1d3ac98dd6b50e105f8 Mon Sep 17 00:00:00 2001 From: James Ruskin Date: Mon, 30 Apr 2018 11:49:04 +0100 Subject: [PATCH] Update Steam OpenID Regex to handle HTTPS Steam have updated their implementation to return https URIs in claimedID (please see [this thread](https://www.reddit.com/r/Steam/comments/8a7gsu/steam_openid_broken_for_many_websites_fix_inside/)). The current version of the `_accountIDRegex` does not handle this. This change should fix this. Arguably, we should not include the option to accept http, as Steam have (seemingly) irrevocably changed this. This should solve [Issue #234](https://github.com/TerribleDev/OwinOAuthProviders/issues/234). --- src/Owin.Security.Providers.Steam/SteamAuthenticationHandler.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Owin.Security.Providers.Steam/SteamAuthenticationHandler.cs b/src/Owin.Security.Providers.Steam/SteamAuthenticationHandler.cs index 3a89d695..2c50214d 100644 --- a/src/Owin.Security.Providers.Steam/SteamAuthenticationHandler.cs +++ b/src/Owin.Security.Providers.Steam/SteamAuthenticationHandler.cs @@ -10,7 +10,7 @@ namespace Owin.Security.Providers.Steam { internal sealed class SteamAuthenticationHandler : OpenIDAuthenticationHandlerBase { - private readonly Regex _accountIDRegex = new Regex(@"^http://steamcommunity\.com/openid/id/(7[0-9]{15,25})$", RegexOptions.Compiled); + private readonly Regex _accountIDRegex = new Regex(@"^https?://steamcommunity\.com/openid/id/(7[0-9]{15,25})$", RegexOptions.Compiled); private const string UserInfoUri = "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key={0}&steamids={1}";