Improve Apple 2FA login by checking for actual phoneNumber id #125
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I tried to setup macless haystack myself but ran into an issue loggin in with my apple id. I have changed my trusted phone number once and therefore my current number has id 2 not 1. The code currently expects the phoneNumber id to be 1. I then build a check, according to the comments surrounding this code, which reads the phoneNumber id from the boot_args json object sent from https://gsa.apple.com/auth.
But then I noticed I got two sms every time I logged in. So it seems calling GET on https://gsa.apple.com/auth already sends an sms to the trusted phoneNumber. Can someone please verify this? In that case calling GET on https://gsa.apple.com/auth would be sufficient and reading the phone id and calling https://gsa.apple.com/auth/verify/phone/ would not be necessary. If this is not the case, I would uncommet the put request.