CliSignIn failed with: please update your client application.

Question

CliSignIn failed with: please update your client application.

twopwood opened this issue 2 years ago · 8 comments

I'm using sn version [0.2.4-acc74a5] 2022-02-27T13:06:40Z on macOS 11.7. When I run sn --debug session --add and enter my credentials I get this output:

2022/10/14 19:20:48 gosn-v2 | attempting cli sign-in with email: ... and server 'https://api.standardnotes.com'
2022/10/14 19:20:51 gosn-v2 | sign-in url: https://api.standardnotes.com/v1/login
2022/10/14 19:20:51 gosn-v2 | requestToken | request took: 118.326734ms
2022/10/14 19:20:51 gosn-v2 | CliSignIn failed with: please update your client application.

I assume this is due to an update to the API? Thanks.

Answer 1 · 2022-10-29T13:12:34.000Z

I've not had time to maintain this recently and I believe it is, as you suggest, an update in the API. That's triggering this.
I'll try and take a look in the next couple of weeks.

Answer 2 · 2023-03-06T15:22:58.000Z

Is there any interest in updating to call the new endpoints with the code_challenge and then code_verifier ?
Mikescher/AlephNote#210 (comment)

In bash and curl if you know the server password and email you can get a session token in two steps like this.

server_password=''
STANDARDNOTES_USER=''
STANDARDNOTES_HOST='http://localhost:3000'
echo "Generating codeVerifier and codeChallenge"
hexSeed=$(openssl rand -hex 64)
codeVerifier="${hexSeed:0:64}"
codeChallenge=$(echo -n "${codeVerifier}"| sha256sum | cut -d " " -f1 | base64 -w0)
codeChallenge=${codeChallenge:0:86}
loginParamsJson=$(curl --retry 5 --retry-connrefused -sS  "$STANDARDNOTES_HOST/v2/login-params" \
-H 'Content-Type: application/json' \
--data-raw '{"email":"'$STANDARDNOTES_USER'","code_challenge":"'$codeChallenge'","api":"20200115"}' \
--compressed)
pw_nonce=$(echo $loginParamsJson| python3 -c "import sys, json; print(json.load(sys.stdin)['data']['pw_nonce'])")
loginJson=$(curl --retry pw_nonce=$(echo $loginParamsJson| python3 -c "import sys, json; print(json.load(sys.stdin)['data']['pw_nonce'])")
5 --retry-connrefused -sS "$STANDARDNOTES_HOST/v2/login" \
-H 'Content-Type: application/json' \
--data-raw '{"email":"'$STANDARDNOTES_USER'","code_verifier":"'$codeVerifier'","api":"20200115","password":"'$server_password'"}' \
--compressed)
session_token=$(echo $loginJson| python3 -c "import sys, json; print(json.load(sys.stdin)['data']['session']['access_token'])")

Answer 3 · 2023-03-06T20:21:25.000Z

I was able to make a function and validate it generates valid codeVerifier and challenge in golang

type generateLoginChallengeCodeVerifier struct {
	codeVerifier  string
	codeChallenge string
}

func generateChallengeAndVerifierForLogin() (loginCodeVerifier generateLoginChallengeCodeVerifier) {

	// generate salt seed (password nonce)
	var src cryptoSource
	rnd := rand.New(src)

	letterRunes := []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")

	b := make([]rune, 65)
	for i := range b {
		b[i] = letterRunes[rnd.Intn(len(letterRunes))]
	}

	loginCodeVerifier.codeVerifier = string(b)[:64]
	sha25Hash := fmt.Sprintf("%x", sha256.Sum256([]byte(loginCodeVerifier.codeVerifier)))
	loginCodeVerifier.codeChallenge = string(base64.URLEncoding.EncodeToString([]byte(sha25Hash[:])))[:86]

	return loginCodeVerifier
}

It looks like we would need this added to the
https://github.com/jonhadfield/gosn-v2/blob/master/authentication.go

and a 2step post to the /v2/login-params with "code_challenge" and then add the "code_verifier" key to the reqbody when hitting the /v2/login endpoint.

Tried to make updates to the gosn-v2 and compile but was pretty messy so hoping author here can possibly test and add it

Answer 4 · 2023-03-12T04:28:49.000Z

I've opened a PR to github.com/jonhadfield/gosn-v2 which resolves this here: jonhadfield/gosn-v2#8

Thanks for the code and for pointing me in the right direction @meramsey!

Answer 5 · 2023-08-19T22:38:22.000Z

Hi, @jonhadfield ! 👋🏾

Any chance @joegoldin 's PR above can be accepted here to unblock those of us encountering this error? Sad to say I'm not proficient enough to make a meaningful contribution, but I really look forward to using this tool when you can get around to resolving this.

Thank you for your hard work!

SL

Answer 6 · 2023-08-20T10:07:48.000Z

Hi @sethlewis93, I did merge the PR and then found additional, not authentication issues, and haven't had time to work those through yet.

Answer 7 · 2023-08-22T21:43:59.000Z

I've taken another look and it might not be as much work as first thought.
Thanks to @joegoldin's contribution, it seems authentication is now sorted. The next change I wasn't expecting is to how syncing of items (notes, tags, etc.) is now done, i.e. saving an item used to result in the SN endpoint returning the data saved (with updated timestamp) but that no longer includes the content that my code relied upon. I've started work on refactoring that code and will update asap.

Answer 8 · 2023-08-27T12:36:23.000Z

I've just pushed https://github.com/jonhadfield/sn-cli/releases/tag/0.2.6 that should address this issue.
Please shout if you're still seeing issues.