New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[spaceship] Fix Apple ID 2FA with SMS #21072
Conversation
@@ -61,9 +61,17 @@ def handle_two_step_for_device(device_id) | |||
|
|||
# Send token to server to get a valid session | |||
r = request(:post) do |req| | |||
req.url("https://idmsa.apple.com/appleauth/auth/verify/device/#{device_id}/securitycode") | |||
req.url("https://idmsa.apple.com/appleauth/auth/verify/phone/securitycode") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So i think the original url was correct, but your body was wrong.
Depending on if it's sms
or device
it'll send different bodies.
for SMS: verify/phone/securitycode
req.body = {
"phoneNumber": {
"id": device_id
},
"securityCode": {
"code" => code.to_s
},
"mode": "sms"
for trusted device: ``verify/trusteddevice/securitycode`
req.body = {
"securityCode": {
"code" => code.to_s
}
That hasn't changed for a while and has been working, but maybe that has changed now 🤷
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah yeah yeah, we have a separate path for trusted devices that uses that URL and body already 😊
Punting on the fix for trusted devices because it seems like that might be an issue on Apple and its not reproducible anymore for me 😔 |
If I update fastlane using gem "fastlane", :git => "https://github.com/fastlane/fastlane.git", :branch => "joshdholtz-fix-apple-id-2fa" is spaceauth cli to generate session supposed to work now because I get the same errors. |
@joshdholtz - You'll love this, its now magically working again and I'm running 2.210.1 |
Motivation and Context
Fixes #21071
Description
Looks like Apple changed the endpoint for submitting 2FA codes
Any previous sessions that attempted to be used were causing lockout (Don't ask verification code and access forbiden and apple account block #21071 (comment))
Fix for SMS
Fix for Apple device code
More info coming soon
Testing Steps
Update
Gemfile
and runbundle install
,bundle update fastlane
, orbundle update