fix: resolve login authentication endpoint redirects and redundant bag requests#502
Open
yunusemreyazici wants to merge 2 commits into
Open
fix: resolve login authentication endpoint redirects and redundant bag requests#502yunusemreyazici wants to merge 2 commits into
yunusemreyazici wants to merge 2 commits into
Conversation
…orrect plist content type with updated endpoint path
|
just wanted to chime in and say that I applied this diff and login is working properly. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR resolves issues with the auth login command failing due to changes in Apple's authentication backend and an inefficient retry mechanism.
Problem: The AppStore.Bag() call was placed inside the retry.Do loop in cmd/auth.go. When a user was prompted for a 2FA code, the block retried and triggered a second request to https://init.itunes.apple.com/bag.xml, causing rate-limiting/timeouts (read: operation timed out).
Fix: Moved the AppStore.Bag() retrieval outside/before the retry.Do loop so it only requests the API bag configuration once.
Problem: The bag configuration returns https://auth.itunes.apple.com/auth/v1/native for authentication. Sending a POST directly to this URL returns a 200 OK with Content-Length: 0 because it redirects the request, stripping the POST body.
Fix: Programmatically check the endpoint and append /fast/ (with a trailing slash) to native endpoints so it targets https://auth.itunes.apple.com/auth/v1/native/fast/. This allows Apple's servers to successfully process the credentials.
Problem: The authentication request sent plist data but used "Content-Type": "application/x-www-form-urlencoded".
Fix: Changed the header to "Content-Type": "application/x-apple-plist" to match the actual XML/plist format of XMLPayload sent to Apple.
Summary by cubic
Fixes login failures by handling Apple’s native auth redirect and preventing duplicate bag requests. Login is now reliable during 2FA and avoids rate limits/timeouts.
AppStore.Bag()outside the retry loop to stop redundant bag requests during 2FA./auth/v1/native/fast/(ensure trailing slash) to avoid redirect that drops the POST body.Content-Type: application/x-apple-plistto match the plist payload.Written for commit ee99c76. Summary will update on new commits.