问题
I'm trying to use Apple's cloudkit.js file to make a server-to-server connection to CloudKit. However, despite messing with the config for several hours, I can't seem to get CloudKit to consider my request valid.
My config logic is pretty straightforward:
const privateKeyFile = `${__dirname}/eckey.pem`;
const keyID = '*some key ID*';
const config = {
containers: [
{
containerIdentifier: 'iCloud.com.*someNameSpace.someProject*',
environment: 'development',
serverToServerKeyAuth: { keyID, privateKeyFile },
},
],
services: {
fetch,
},
};
CloudKit.configure(config);
const container = CloudKit.getDefaultContainer();
container.setUpAuth();
However, that final container.setUpAuth(); always results in {"uuid":"*some UUID*","serverErrorCode":"AUTHENTICATION_FAILED","reason":"no auth method found".
I've even tried adding console.log lines inside cloudkit.js itself to log what gets sent to CloudKit, and it does appear to have the correct headers:
_host: 'https://api.apple-cloudkit.com',
_path: '',
_params: { ckjsBuildVersion: '17AProjectDev77', ckjsVersion: '1.2.0' },
_headers:
{ 'content-type': 'text/plain',
'X-Apple-CloudKit-Request-ISO8601Date': '2017-03-03T00:52:48Z',
'X-Apple-CloudKit-Request-KeyID': '*my key*',
'X-Apple-CloudKit-Request-SignatureV1': '*what looks like a valid signature*' },
_body: undefined,
_method: 'GET',
_wsApiVersion: 1,
_containerIdentifier: '*my container identifier*',
_containerEnvironment: 'development',
_databaseName: 'public',
_apiModuleName: 'database',
_responseClass: [Function: a],
_apiEntityName: 'users',
_apiAction: 'current' }
I've lost hours to trying to grok the (minnified) cloudkit.js file, and I still have no idea why things aren't working. Any help at all, even just debugging ideas, would be greatly appreciated.
P.S. I'm sure I have access to the CloudKit container because when I go to https://icloud.developer.apple.com/dashboard/ it's there in the URL https://icloud.developer.apple.com/dashboard/#*myContainerId*.
回答1:
Apparently there are two (or more?) versions of cloudkit.js. Because Apple goes out of their way not to use NPM like every other company on the planet (even though they use it in their CloudKit instructions), and because the documentation for server-to-server CloudKit connections is sort of an afterthought, it's very easy to wind up with the web version when you really want the Node one. And (unless you're really good at reading minified code) there's no way to tell just by looking at it.
It turns out I had somehow gotten the web-focused version of cloudkit.js, and I needed the Node-focused version. After I repeated the process listed here I got that version and was finally able to get my CloudKit code working.
Moral of the story: if the company providing your API libraries is too stupid/arrogant/whatever to use npm like everyone else, you have to be very careful not to shoot yourself in the foot. Be certain you're following the Node-specific instructions linked above.
来源:https://stackoverflow.com/questions/42568772/cant-get-cloudkit-to-authenticate-using-javascript-and-a-server-to-server-key