Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SMS MFA code not accepted #993

Closed
boredazfcuk opened this issue Nov 9, 2024 · 6 comments
Closed

SMS MFA code not accepted #993

boredazfcuk opened this issue Nov 9, 2024 · 6 comments
Labels
bug

Comments

@boredazfcuk
Copy link
Contributor

boredazfcuk commented Nov 9, 2024
edited
Loading

Overview

Received an MFA code and input it, but authentication failed.

2024-11-09 17:02:49 DEBUG    Authenticating...
2024-11-09 17:02:52 INFO     Two-factor authentication is required (2fa)
  a: ***** ****01
  b: ***** ****02
Please enter two-factor authentication code or device index (a..b) to send SMS with a code: a
Please enter two-factor authentication code that you received over SMS: 060488
2024-11-09 17:03:10 ERROR    Failed to verify two-factor authentication code
2024-11-09 17:03:10 ERROR    Multifactor authentication information missing from cookie. Authentication has failed
2024-11-09 17:03:10 ERROR     - Was the correct password entered?
2024-11-09 17:03:10 ERROR     - Was the multifactor authentication code mistyped?
2024-11-09 17:03:10 ERROR     - Can you log into icloud.com without receiving pop-up notifications?
2024-11-09 17:03:10 INFO     Container initialisation complete

I've definitely entered the code correctly... but I've noticed that the code starts with a 0... was just wondering if it's that bug where it strips leading zeros again? Was thinking it may be worth checking... if it's not a reoccurrence of that issue, then just close the issue.
@boredazfcuk boredazfcuk added the bug label Nov 9, 2024
@AndreyNikiforov
Copy link
Collaborator

Multifactor authentication information missing from cookie is not part of the codebase in this project. Do you mind posting output from icloudpd itself (binary/docker preferable over src) to reduce the number of variables.

@boredazfcuk
Copy link
Contributor Author

boredazfcuk commented Nov 10, 2024
edited
Loading

The output from the icloudpd binary was just this bit at the top:

2024-11-09 17:02:49 DEBUG    Authenticating...
2024-11-09 17:02:52 INFO     Two-factor authentication is required (2fa)
  a: ***** ****01
  b: ***** ****02
Please enter two-factor authentication code or device index (a..b) to send SMS with a code: a
Please enter two-factor authentication code that you received over SMS: 060488
2024-11-09 17:03:10 ERROR    Failed to verify two-factor authentication code

The bit beneath is just a check to make sure the cookie is MFA capable. When MFA authentication is successful 'X-APPLE-WEBAUTH-HSA-TRUST' gets added to the cookie, so I just check it's present... basically just:

      if [ "$(grep -c "X-APPLE-WEBAUTH-HSA-TRUST" "/config/${cookie_file}")" -eq 1 ]; then
         LogInfo "Multifactor authentication cookie generated. Sync should now be successful"
      else
         LogError "Multifactor authentication information missing from cookie. Authentication has failed"
         LogError " - Was the correct password entered?"
         LogError " - Was the multifactor authentication code mistyped?"
         LogError " - Can you log into ${icloud_domain} without receiving pop-up notifications?"
      fi

@AndreyNikiforov
Copy link
Collaborator

Your suspicion on dropping leading zeros for sms code was right.

@AndreyNikiforov
Copy link
Collaborator

#995

@boredazfcuk
Copy link
Contributor Author

Great stuff

@AndreyNikiforov
Copy link
Collaborator

v1.24.4+

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AndreyNikiforov @boredazfcuk