Getting Started

Minimal Steps

Installation
```
composer require knojector/steam-authentication-bundle
```
Run the Flex recipe to auto-configure the bundle.

Environment Setup Add your Steam API key to .env:

STEAM_API_KEY=your_api_key_here

Configure required routes and user class:

STEAM_LOGIN_ROUTE=steam_login
STEAM_LOGIN_REDIRECT=home
STEAM_USER_CLASS=App\Entity\User

User Entity Extend AbstractSteamUser in your User entity:

use Knojector\SteamAuthenticationBundle\User\AbstractSteamUser;

class User extends AbstractSteamUser { ... }

Routing Add a route for Steam login (e.g., steam_login):

# config/routes.yaml
steam_login:
    path: /steam/login
    controller: Knojector\SteamAuthenticationBundle\Controller\SteamAuthController::login

First Use Case Trigger Steam login via a button/link:

<a href="{{ path('steam_login') }}">Login with Steam</a>

Implementation Patterns

Workflows

Login Flow
- User clicks Steam login link → redirected to Steam’s OAuth page.
- After authentication, Steam redirects back to your app with an openid token.
- Bundle validates the token, fetches Steam profile data, and creates/updates the user.
User Management
- Extend AbstractSteamUser to add custom fields (e.g., steamId, personaName).
- Override methods like loadUserBySteamId() to customize user loading logic.

Role Assignment Assign roles dynamically in AbstractSteamUser:

public function getRoles(): array
{
    return ['ROLE_STEAM_USER', ...parent::getRoles()];
}

Profile Data Access Steam profile data via getSteamData():

$user->getSteamData()['personaname']; // e.g., "Player123"

Integration Tips

Security Use Symfony’s security system to protect routes:

# config/routes.yaml
home:
    path: /
    controller: App\Controller\HomeController::index
    roles: ROLE_STEAM_USER

Custom Validation Implement RequestValidatorInterface to validate Steam responses:

class CustomValidator implements RequestValidatorInterface {
    public function validate(array $data): bool { ... }
}

Configure in .env:

STEAM_REQUEST_VALIDATOR_CLASS=App\Security\CustomValidator

Profile Picture Fetch avatar URL from Steam data:

$avatarUrl = $user->getSteamData()['avatarfull'];

Gotchas and Tips

Pitfalls

API Key Limits

Steam API keys have rate limits. Cache profile data to avoid hitting limits:

$cache = $this->container->get('steam_auth.cache');
$data = $cache->get('steam_'.$user->getSteamId());

Token Validation
- Always validate the openid token. Use the default RequestValidator or extend it.
User Entity Mismatch
- Ensure your User class exactly extends AbstractSteamUser. Missing this causes runtime errors.
Route Configuration
- login_route and login_redirect in .env must match existing routes. Typos here break the flow.

Debugging

Enable Debugging Add to config/packages/dev/steam_auth.yaml:
```
steam_auth:
    debug: true
```
Logs Steam responses to var/log/dev.log.
Common Errors
- ClassNotFoundException: Verify STEAM_USER_CLASS in .env matches your entity namespace.
- InvalidArgumentException: Check if the openid token is malformed (e.g., missing or expired).

Extension Points

Custom Fields Add fields to AbstractSteamUser:

/**
 * @ORM\Column(type="string", nullable=true)
 */
private $steamLevel;

Post-Auth Actions Override postAuthenticate() in your User class:

public function postAuthenticate(UserInterface $user, TokenInterface $token)
{
    // Send welcome email, etc.
}

Steam Data Mapping Customize how Steam data maps to your user entity:

public function setSteamData(array $data)
{
    $this->steamLevel = $data['steam_level'] ?? null;
    parent::setSteamData($data);
}

Logout Handling Extend the logout flow by adding a listener:

// src/EventListener/SteamLogoutListener.php
public function onKernelRequest(GetResponseEvent $event)
{
    if ($event->isMainRequest() && $this->request->attributes->get('_route') === 'logout') {
        // Custom logic (e.g., invalidate Steam session)
    }
}

Steam Authentication Bundle Custome Laravel Package