Unable to login, ADP is off and WebUI access works

Question

Unable to login, ADP is off and WebUI access works

Closed this issue a year ago · 5 comments

Checklist before opening an issue

[ X ] Tried the sync a couple of times and the issue is persisting
[ X ] Checked out known issues
[ X ] Enabled crash and error reporting

Describe the bug

Hello! I have just put together a docker instance of the app and can't seem to authenticate. The exact error message isn't covered in any other issues, so I figured I'd post here.

I have Access iCloud Data on the Web turned on (I enabled this earlier today using Settings on my Mac) and have Advanced Data Protection turned off. I am able to log into icloud.com using Chrome: when I type in my email address and password, I get a push notification on my devices that I accept and then see an MFA code.

Using this app, I get the following error and am never prompted to accept a login attempt on any of my devices. My Apple ID user and password entries in the environment variables are correct, they are exactly the same as I input them into Chrome which got me into the WebUI successfully.

Here is my docker-compose.yml file:

version: '2'
services:
  icloud-photos-sync:
    image: 'steilerdev/icloud-photos-sync:latest'
    container_name: icloud-photos-sync
    user: '1000:1000'
    environment:
      APPLE_ID_USER: 'email@domain.com'
      APPLE_ID_PWD: 'password'
      TZ: 'America/Chicago'
      SCHEDULE: '* 16 * * *'
      ENABLE_CRASH_REPORTING: true
    volumes:
      - '/media/internal/streaming/Files/iCloud-Photos:/opt/icloud-photos-library'

Error code

---------------------------------------------------------------------------------------------------------------------------
Welcome to icloud-photos-sync, v.1.1.0!
Made with <3 by steilerDev
---------------------------------------------------------------------------------------------------------------------------
Authenticating user...
---------------------------------------------------------------------------------------------------------------------------
Experienced fatal error at 6/28/2023, 3:11:45 PM: APP_TOKEN (FATAL): Unable to acquire trust token caused by AUTH_FAILED (FATAL): iCloud Authentication failed caused by AUTH_UNAUTHORIZED (FATAL): Username/Password does not seem to match caused by Request failed with status code 401 (Error Code: 0c717c88-4b15-4ccf-bc42-cb6896438d36)
---------------------------------------------------------------------------------------------------------------------------

Logs

Please paste the log file (preferably with LOG_LEVEL=debug), located in .icloud-photos-sync.log, stored in the DATA_DIR.

[2023-06-28T20:11:44.406Z] INFO i-Cloud: Initiating iCloud connection
[2023-06-28T20:11:44.504Z] INFO i-Cloud: Authenticating user
[2023-06-28T20:11:45.614Z] ERROR Error-Handler: APP_TOKEN (FATAL): Unable to acquire trust token caused by AUTH_FAILED (FATAL): iCloud Authentication failed caused by AUTH_UNAUTHORIZED (FATAL): Username/Password does not seem to match caused by Request failed with status code 401 (Error Code: 0c717c88-4b15-4ccf-bc42-cb6896438d36)

Operating environment

OS: Ubuntu 22.04
Version: v.1.1.0
Execution environment: Docker

Answer 1 · 2023-07-04T14:10:48.000Z

Are you 100% certain that the password you entered into Chrome matches the one in the docker-compose.yml?

Could you go into the container docker exec -it icloud-photos-sync /bin/bash and check if the environment variable is available (echo $APPLE_ID_PWD)

Because 401 sounds a lot like there is something wrong with your username and password.

If all of this checks out, try again with the latest beta please (by specifying image: steilerdev/icloud-photos-sync:beta in your docker-compose.yml.

Answer 2 · 2023-07-04T17:04:31.000Z

Ah, checking the environment variable was helpful. The second character in my password is $ and for some reason the environment variable is getting only the one character before it, not that character, and nothing behind it.

So, yes, there is an issue with auth and my password, but after some brief searching, I can't seem to figure out how to get my password (with $) to accurately pass as an environment variable.

Additionally, I have tried: icloud-photos-sync token -u email@domain.com -p pas$$word and get the same 401 error.

Does this mean I need to change my password to not include $?

Answer 3 · 2023-07-04T17:11:40.000Z

Give double-dollar-sign a try - so in your example pa$$$$word instead of pa$$word (however this might be a bad example 😃 )

When running from the cli try to wrap the password in single quotes.

Answer 4 · 2023-07-05T13:18:57.000Z

This issue should be resolved with version v1.1.1-beta.2, please confirm.

Answer 5 · 2023-07-05T14:07:50.000Z

I was able to sign in now using v1.1.1-beta.2 and $$ in the password environment variable. Thank you!