sebsto / xcodeinstall

A command line tool to download and install Apple's Xcode
Apache License 2.0
42 stars 1 forks source link

Authentication is not working #40

Open sebsto opened 3 days ago

sebsto commented 3 days ago

Apple changed the return value fo rit's authentication service, causing CLI tools to fail.

➜  ~ xcodeinstall authenticate -s us-east-1 --verbose
2024-10-26T09:19:44+0200 debug xcodeinstall : [xcodeinstall] Updating secret appleSessionToken with AppleSessionSecret(rawCookies: nil, session: nil)
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] xcodeinstall-apple-session-token has version 77EC2E81-BCB8-4E37-A906-89F4077E7A96
Retrieving Apple Developer Portal credentials...
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Retrieving secret appleCredentials
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Secret xcodeinstall-apple-credentials retrieved
Authenticating...
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Retrieving secret appleSessionToken
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Secret xcodeinstall-apple-session-token retrieved
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] ⚠️ I could not load session (this is normal the first time you authenticate)
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Retrieving secret appleSessionToken
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Secret xcodeinstall-apple-session-token retrieved
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] 
 - - - - - - - - - - OUTGOING - - - - - - - - - - 

2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] https://appstoreconnect.apple.com/olympus/v1/app/config?hostname=itunesconnect.apple.com 

GET /olympus/v1/app/config?hostname=itunesconnect.apple.com HTTP/1.1 

HOST: appstoreconnect.apple.com
Content-Type: application/json
User-Agent: curl/7.79.1
X-Requested-With: XMLHttpRequest
Accept: application/json, text/javascript

2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] 
 - - - - - - - - - -  END - - - - - - - - - - 

2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] 
 - - - - - - - - - - INCOMMING - - - - - - - - - - 

2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] https://appstoreconnect.apple.com/olympus/v1/app/config?hostname=itunesconnect.apple.com

HTTP 200 /olympus/v1/app/config?hostname=itunesconnect.apple.com
Host: appstoreconnect.apple.com
x-xss-protection: 1; mode=block
x-daiquiri-instance: daiquiri:35751002:pv50p00it-hyhk10034101:7987:24RELEASE221:daiquiri-amp-dsce-asc-int-002-pv, daiquiri:38493002:pv50p00it-hyhk10063901:7987:24RELEASE221:daiquiri-amp-all-shared-ext-001-pv
apple-originating-system: UnknownOriginatingSystem
Date: Sat, 26 Oct 2024 07:19:49 GMT
x-b3-spanid: bd33c14d3238a44b
Server: daiquiri/5
x-apple-jingle-correlation-key: X6PNKC5IZYISK7WH2VO4TUDPIU
Content-Length: 142
x-b3-traceid: bf9ed50ba8ce11257ec7d55dc9d06f45
x-responding-instance: olympus-rest:40093:pv50p00it-qugc18133801:9011:24N21
x-content-security-policy: script-src 'self' *.apple.com
Vary: Accept-Encoding
b3: bf9ed50ba8ce11257ec7d55dc9d06f45-bd33c14d3238a44b
Cache-Control: private, no-transform, max-age=0
Content-Encoding: gzip
Content-Type: application/json
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-apple-request-uuid: bf9ed50b-a8ce-1125-7ec7-d55dc9d06f45
apple-tk: false
apple-seq: 0.0
x-content-type-options: nosniff

{
  "authServiceUrl" : "https://idmsa.apple.com/appleauth",
  "authServiceKey" : "e0b80c3bf78523bfe80974d320935bfa30add02e1bff88ec2166c6bd5a706c42"
}

2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] 
 - - - - - - - - - -  END - - - - - - - - - - 

2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Got an Apple Service key : Optional(xcodeinstall.AppleServiceKey(authServiceUrl: "https://idmsa.apple.com/appleauth", authServiceKey: "e0b80c3bf78523bfe80974d320935bfa30add02e1bff88ec2166c6bd5a706c42"))
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Retrieving secret appleSessionToken
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Secret xcodeinstall-apple-session-token retrieved
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] ⚠️ I could not load session (this is normal the first time you authenticate)
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Retrieving secret appleSessionToken
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] Secret xcodeinstall-apple-session-token retrieved
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] 
 - - - - - - - - - - OUTGOING - - - - - - - - - - 

2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] https://idmsa.apple.com/appleauth/auth/signin 

POST /appleauth/auth/signin? HTTP/1.1 

HOST: idmsa.apple.com
X-Apple-Widget-Key: e0b80c3bf78523bfe80974d320935bfa30add02e1bff88ec2166c6bd5a706c42
User-Agent: curl/7.79.1
Accept: application/json, text/javascript
Content-Type: application/json
X-Requested-With: XMLHttpRequest

 {"rememberMe":false,"password":"*****"}
2024-10-26T09:19:49+0200 debug xcodeinstall : [xcodeinstall] 
 - - - - - - - - - -  END - - - - - - - - - - 

2024-10-26T09:19:50+0200 error xcodeinstall : [xcodeinstall] === HTTP ERROR. Status code 503 not in range range(Range(0..<500)) ===
2024-10-26T09:19:50+0200 debug xcodeinstall : [xcodeinstall] URLResponse : <NSHTTPURLResponse: 0x600000c62260> { URL: https://idmsa.apple.com/appleauth/auth/signin } { Status Code: 503, Headers {
    Connection =     (
        "keep-alive"
    );
    "Content-Length" =     (
        190
    );
    "Content-Type" =     (
        "text/html"
    );
    Date =     (
        "Sat, 26 Oct 2024 07:19:50 GMT"
    );
    Server =     (
        Apple
    );
} }
🛑 Unexpected Error : Error Domain=NSURLErrorDomain Code=-1011 "(null)"

Others CLI tools are impacted as well

fastlane : https://github.com/fastlane/fastlane/pull/26415 xcodes : https://github.com/XcodesOrg/xcodes/issues/388

sebsto commented 3 days ago

https://blog.uniauth.com/what-is-secure-remote-password

https://github.com/fastlane/fastlane/pull/26415

https://github.com/adam-fowler/swift-srp

ugenlik commented 8 hours ago

https://blog.uniauth.com/what-is-secure-remote-password

fastlane/fastlane#26415

https://github.com/adam-fowler/swift-srp

@sebsto so do we need to merge https://github.com/fastlane/fastlane/pull/26415 to this repo? auth is broken for me as well I get exact same error as your post

sebsto commented 3 hours ago

@ugenlik Fastlane is written in Ruby. Their code can not be reused here. I found the solution. I still need to cleanup a bit my code, do more tests and I will be able to release a fix this week