Please add support for 2FA

Question

Please add support for 2FA

Opened this issue 7 years ago · 6 comments

The current code doesn't seem to support two-factor authentication. Apple sends me a code, but there's no way to then authenticate through the app.

I'm not sure I'm smart enough to add it myself, but the following snippets from pyicloud might be useful?

Detecting if 2FA is required

    def requires_2fa(self):
        """ Returns True if two-factor authentication is required."""
        return self.data.get('hsaChallengeRequired', False)

Validating a code provided by the user

    def validate_verification_code(self, device, code):
        """ Verifies a verification code received on a two-factor device"""
        device.update({
            'verificationCode': code,
            'trustBrowser': True
        })
        data = json.dumps(device)

        try:
            request = self.session.post(
                '%s/validateVerificationCode' % self._setup_endpoint,
                params=self.params,
                data=data
            )
        except PyiCloudAPIResponseError as error:
            if error.code == -21669:
                # Wrong verification code
                return False
            raise

        # Re-authenticate, which will both update the 2FA data, and
        # ensure that we save the X-APPLE-WEBAUTH-HSA-TRUST cookie.
        self.authenticate()

        return not self.requires_2fa

Answer 1 · 2017-05-27T11:37:07.000Z

Should it not be possible to create an app-specific-password through https://appleid.apple.com/ ?

If I enter a generated app-specific-password in config.js I get this error:

marcoroth$ node ./cli.js
/setup/ws/1/login?clientBuildNumber=1P24&clientId=00000000-0000-0000-0000-000000000000
request
instance { error: 1 }
/Users/marcoroth/stalk-my-friends/lib/icloud.js:75
        var dsid = me.instance.dsInfo.dsid;
                                     ^

TypeError: Cannot read property 'dsid' of undefined
    at IncomingMessage.<anonymous> (/Users/marcoroth/stalk-my-friends/lib/icloud.js:75:38)
    at emitNone (events.js:72:20)
    at IncomingMessage.emit (events.js:166:7)
    at endReadableNT (_stream_readable.js:905:12)
    at doNTCallback2 (node.js:441:9)
    at process._tickCallback (node.js:355:17)

Answer 2 · 2017-06-11T20:29:53.000Z

Same issue here. Did you get any further with this?

The response from the iCloud API is clearly expecting the 2FA process to be undertaken:

'1': { reason: 'Missing X-APPLE-WEBAUTH-TOKEN cookie', error: 1 }

I also got the error marcoroth described above when attempting to use an app-specific password.

Answer 3 · 2017-06-13T19:02:25.000Z

I haven't unfortunately; would be great to see this project improved!

Answer 4 · 2019-06-11T17:10:28.000Z

@bryanrossUK @marcoroth @rmayer I got mine working at some point within my script to spoof location. But now I am having trouble with it throwing me an HTTP Error 421: Misdirected Request error

Answer 5 · 2019-10-06T05:18:21.000Z

I Accidentally deleted my iCloud from my contacts and cannot get it back for nothing.

Answer 6 · 2019-10-06T05:20:21.000Z

Clint Dunn @dunnclint1@icloud.com