Add support for 2FA accounts using SMS #107
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds support for 2FA accounts that use SMS instead of trusted devices for delivery. This should close #96, but I'll need to get confirmation with the folks that reported that issue.
There are a couple 2FA flows that are now supported:
I'm deliberately not supporting the earlier two-step authentication because upgrading the account to 2FA seems like a reasonable workaround.
Some tests have been added that verify the flow handles different situations correctly, and prints the correct copy to the terminal.
Testing
I've tested this myself with:
The latter case was able to validate the selection flow in case 2 above by opting out of the trusted device code by entering
sms
, although there was only one phone number to choose from.First, clone this repo if necessary and check out the PR branch:
You can test this new behaviour with your own account using a command like:
If you need to change to use a different account than one that was already signed in, you can set the XCODES_USERNAME environment variable first:
If you already had a valid session in xcodes then you'll need to reset the cookies, cache, etc. in order to test this flow. You can add the following snippet in main.swift at line 15. (We may want to add a flag for this later, for edge cases or just debug/testing.)
With all that said, what I'd expect to happen when you test this is for SMS 2FA to "just work" now. If it doesn't, or if you think some of the instructional copy that's shown during the flow could be improved, please let me know.
The Paw file has been updated to support testing the SMS flow.
In order to make it a bit easier (or at least familiar) to test the AppleAPI code I changed it to use the same Environment struct that XcodesKit does. I'd started out development using OHHTTPStubs but wanted a bit more, and this also allows testing other things like the log output more easily which is useful for validating longer interactions.
Updates to Swift 5.3 and Xcode 12, which allowed transitioning to use SPM resources for test fixtures.