Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for App-Specific Passwords #948

Open
gheydon opened this issue Sep 6, 2024 · 5 comments
Open

Support for App-Specific Passwords #948

gheydon opened this issue Sep 6, 2024 · 5 comments
Labels
enhancement

Comments

@gheydon
Copy link

gheydon commented Sep 6, 2024

Summary

Add support for Apple's App-Specific Password to allow safer access to the photos in the cloud. Also it allows for better management of the cloudpd accessing the someones icloud. The access can be revoked and also do not have to deal with the 2FA or having to re-authenticate the application.

https://support.apple.com/en-gb/102654

Context

I use a hardware key to protect my apple account, something that cloudpd doesn't support. However by using App Specific Passwords I can set a single login with all the access that is needed and can be easily revoked.
@boredazfcuk
Copy link
Contributor

#42

boredazfcuk/docker-icloudpd#288

boredazfcuk/docker-icloudpd#118

@AndreyNikiforov
Copy link
Collaborator

@gheydon please create app-specific password for your account and access icloud.com photos with it. If it works, then your suggestion will be considered. Last time i checked a number of years back app-specific passwords did not for icloud.com photos

@mveplus
Copy link

mveplus commented Oct 13, 2024

Just discovered icloud_photos_downloader and while testing it I was wondering the same thing? as I'm using hardware security keys as second FA which seems to override the device code prompts - device still gets a notification about the new login but there is no code shown after "OK | That was not Me" prompt.
As @AndreyNikiforov mentions I'm unable to login to the icloud.com with App-Specific Password only with the primary apple account pass and FIDO2 device. Apple is unclear if icloud web is supported when using App-Specific Password and third party apps.
The next best thing would be potentially adding FIDO2 support and use the main id pass.

@lebenitza
Copy link

lebenitza commented Oct 28, 2024
edited
Loading

@mveplus I am in the same boat as you.

Does anyone know if it would be possible to implement this with something like WebAuthn while using icloudpd with the webui?

@AndreyNikiforov
Copy link
Collaborator

Does anyone know if this would be possible to implement this with something like WebAuthn while using icloudpd with the webui?

I have a very vague understanding how FIDO2 flow works with regards to client devices, so I cannot say if it is possible to passthrough "FIDO AUTH" from icloudpd webui to Apple. So far that passthrough capability seems to be the only way we can support FIDO in all use cases (e.g. think of a headless NAS with icloudpd docker)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@gheydon @AndreyNikiforov @mveplus @lebenitza @boredazfcuk