Closed JJTech0130 closed 2 years ago
Ah, thanks a lot for that hint, that'd be cool if it was that easy. I will try to implement that and see if it works. Do you have your Rust version available somewhere? I found your "adept-rs" repo but that seems to be a placeholder / doesn't contain any data yet.
Yeah... I'm still in the early stages (just getting activation working) so I didn't publish it yet.
RustCrypto is very annoying, so I'm thinking about rewriting it with libsodium, but worried about cross-platform compatibility- I wonder if you can embed it into the binary?
Embed libsodium into a Rust binary? I'm afraid I have absolutely no Rust experience so I'm unable to help with that.
I did just test this anonymous activation method and it's working just fine - anonymous authorization and fulfillment with such an anonymous account is working just fine, so I will definitely add that to the next version. Thanks a lot.
Did you also test any of the other AdobeID providers? Given that an anonymous auth and an AdobeID auth seem to work exactly the same way, the other ID providers probably do, too, right? So I should also be able to add that AdobeID provider dropdown menu that ADE has, too, so people can use other providers for their AdobeID.
Yeah- just found out that sodiumoxide is deprecated (rust bindings for libsodium)... why is it so hard to find a good rust library with documentation other than openssl... Anyway I haven't tested anything else, as I was simply using anonymous because I kept running out of activations when testing :) I just figured it out because of the list in the auth response and then tried with no username and password... Not sure what those node ids that the other provider have is? Anonymous and AdobeID didnt have it...
Looking at the /AuthenticationServiceInfo
response, all the methods other than AdobeID and anonymous also have a "nodeId" included, so they do seem to work differently than the official ones. So I guess I'm just going to add anonymous authorization for now, until I get a proper account somehow to test the other methods.
Yeah. If you need another provider to test, you could use overdrive and register with your local library. I'll mitm ADE when I have time
Yeah, I guess MITMing ADE could work. I tried doing that in the past to figure out how anonymous auth works, but given that that is encrypted with some auth cert, I was too lazy to try to figure out how to decrypt that stuff in ADE.
Well it looks the same except for the method I would try it and see what the error from adobe is
Here's a throwaway Overdrive account: pemeh80308@ningame.com The password is the email
That ... just worked. Authorization and fulfillment. That means with the next version I'll be able to support all the different methods. Thanks a lot.
Well then... didn't expect it to be that easy :) Guess it's less complicated than we thought
Closing this issue.
Support for anonymous authorizations and for other ID providers is now included with cc375067629593a2bfb7702f1c6ff8eae1f0ef7a and will be available in the next release.
Support is now included in the new v0.0.15 release.
I think that anonymous activation simply require you to set the type to "anonymous" and provide a zero length username and password. I'm working on the feature in my rust version and it seems to work, but I can't properly test because my crypto code seems to be broken, causing Adobe to complain about "invalid auth key format" - I think I accidentally exported and encrypted the public key, not the private key 😅