无法使CloudKit进行身份验证(使用Javascript和服务器到服务器密钥) [英] Can't Get CloudKit to Authenticate (Using Javascript and a Server-to-Server Key)
问题描述
我正在尝试使用Apple的 cloudkit.js 文件与CloudKit建立服务器到服务器的连接。但是,尽管弄乱了配置几个小时,但我似乎无法让CloudKit认为我的请求有效。
我的配置逻辑非常简单:
const privateKeyFile =`$ {__ dirname} / eckey.pem`;
const keyID ='*某些密钥ID *';
const config = {
container:[
{
containerIdentifier:'iCloud.com。* someNameSpace.someProject *',
环境:'development ',
serverToServerKeyAuth:{keyID,privateKeyFile},
},
],
服务:{
提取,
},
} ;
CloudKit.configure(config);
const容器= CloudKit.getDefaultContainer();
container.setUpAuth();
但是,最后一个 container.setUpAuth(); 始终导致 { uuid: *一些UUID *, serverErrorCode: AUTHENTICATION_FAILED,原因:未找到身份验证方法 。 / p>
我什至尝试在 cloudkit.js console.log 行c $ c>本身来记录发送到CloudKit的内容,它确实具有正确的标头:
_host:' https://api.apple-cloudkit.com',
_path:'',
_params:{ckjsBuildVersion:'17AProjectDev77',ckjsVersion:'1.2.0'},
_headers:
{'content-type':'text / plain',
'X-Apple-CloudKit-Request-ISO8601Date':'2017-03-03T00:52:48Z',
' X-Apple-CloudKit-Request-KeyID':'*我的密钥*',
'X-Apple-CloudKit-Request-SignatureV1':'*看起来像有效签名*'},
_body:未定义,
_方法:'GET',
_wsApiVersion:1,
_containerIdentifier:'*我的容器标识符*',
_containerEnvironment:'develop ment,
_databaseName:公共,
_apiModuleName:数据库,
_responseClass:[功能:a],
_apiEntityName:用户,
_apiAction :'current'}
我已经花了很多时间来尝试(缩小)的 cloudkit.js 文件,我仍然不知道为什么事情不起作用。任何帮助,甚至只是调试想法,都将不胜感激。
P.S。我确定我可以访问CloudKit容器,因为当我访问 https://icloud.developer.apple.com/dashboard/ 时,它位于URL <$中c $ c> https://icloud.developer.apple.com/dashboard/#*myContainerId* 。
显然, cloudkit.js 有两个(或更多?)版本。因为Apple竭尽全力不像地球上其他所有公司一样使用NPM(即使他们在CloudKit指令中使用了NPM),并且因为服务器到服务器CloudKit连接的文档是有点事后思考,当您真正想要Node版本时,结束Web版本非常容易。而且(除非您真的非常擅长阅读缩略代码),没有办法只看一眼就能知道。
事实证明我以某种方式获得了 cloudkit.js 的Web版本,而我需要Node版本。在我重复此处列出的过程后,我明白了版本,终于能够使我的CloudKit代码正常工作。
故事的寓意:如果提供您的API库的公司太愚蠢/自大/不管用什么方式来使用 npm 像其他所有人一样,您必须非常小心,不要朝自己的脚开枪。确保您遵循上面链接的特定于节点的说明。
I'm trying to use Apple's cloudkit.js file to make a server-to-server connection to CloudKit. However, despite messing with the config for several hours, I can't seem to get CloudKit to consider my request valid.
My config logic is pretty straightforward:
const privateKeyFile = `${__dirname}/eckey.pem`;
const keyID = '*some key ID*';
const config = {
containers: [
{
containerIdentifier: 'iCloud.com.*someNameSpace.someProject*',
environment: 'development',
serverToServerKeyAuth: { keyID, privateKeyFile },
},
],
services: {
fetch,
},
};
CloudKit.configure(config);
const container = CloudKit.getDefaultContainer();
container.setUpAuth();
However, that final container.setUpAuth(); always results in {"uuid":"*some UUID*","serverErrorCode":"AUTHENTICATION_FAILED","reason":"no auth method found".
I've even tried adding console.log lines inside cloudkit.js itself to log what gets sent to CloudKit, and it does appear to have the correct headers:
_host: 'https://api.apple-cloudkit.com',
_path: '',
_params: { ckjsBuildVersion: '17AProjectDev77', ckjsVersion: '1.2.0' },
_headers:
{ 'content-type': 'text/plain',
'X-Apple-CloudKit-Request-ISO8601Date': '2017-03-03T00:52:48Z',
'X-Apple-CloudKit-Request-KeyID': '*my key*',
'X-Apple-CloudKit-Request-SignatureV1': '*what looks like a valid signature*' },
_body: undefined,
_method: 'GET',
_wsApiVersion: 1,
_containerIdentifier: '*my container identifier*',
_containerEnvironment: 'development',
_databaseName: 'public',
_apiModuleName: 'database',
_responseClass: [Function: a],
_apiEntityName: 'users',
_apiAction: 'current' }
I've lost hours to trying to grok the (minnified) cloudkit.js file, and I still have no idea why things aren't working. Any help at all, even just debugging ideas, would be greatly appreciated.
P.S. I'm sure I have access to the CloudKit container because when I go to https://icloud.developer.apple.com/dashboard/ it's there in the URL https://icloud.developer.apple.com/dashboard/#*myContainerId*.
Apparently there are two (or more?) versions of cloudkit.js. Because Apple goes out of their way not to use NPM like every other company on the planet (even though they use it in their CloudKit instructions), and because the documentation for server-to-server CloudKit connections is sort of an afterthought, it's very easy to wind up with the web version when you really want the Node one. And (unless you're really good at reading minified code) there's no way to tell just by looking at it.
It turns out I had somehow gotten the web-focused version of cloudkit.js, and I needed the Node-focused version. After I repeated the process listed here I got that version and was finally able to get my CloudKit code working.
Moral of the story: if the company providing your API libraries is too stupid/arrogant/whatever to use npm like everyone else, you have to be very careful not to shoot yourself in the foot. Be certain you're following the Node-specific instructions linked above.
这篇关于无法使CloudKit进行身份验证(使用Javascript和服务器到服务器密钥)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
