fastlane 2.115.0.beta.20190119200019 → 2.115.0.beta.20190120200101

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 405a7ac48ad02e28a6b26a3dda7458028411060b
-  data.tar.gz: c1df6b742f5a232012d94e42d2e04c935a3ec201
+  metadata.gz: ca7d2255218f2b7f48d1b95b3d48abee6957abd2
+  data.tar.gz: a61e4ceef9c859240a85d52a4046c8aab11ad10b
 SHA512:
-  metadata.gz: e072c405cda86946bac1343f0a8d9de9ac72ee822385443633ed550022f6fdfd331d78d9d50c632fb7afdc30d8d5d348d837e8df632ca5645b79ce1769e87ced
-  data.tar.gz: 8a939edd7c093b7c4a291ac5651fcaafa77910279fdf13bb65a1c6d629458bd5f98b42701bb2ffc34698f7d201a3990043ace5cf8c25865e95b9264f4d54adaf
+  metadata.gz: 3e69aacb4427d3d84b4f348ecf78cb0eb83e3944e770f9d17673e25765b0ae4cfebb71ef258efd9cee63f79057fb0a88bb1de1aadc5efd5e3470606f03791226
+  data.tar.gz: 3a43f626ddbf582c1b5666c544a103d2ffead5b9879db53194de284033323d75a08f082ae51afc264968754ceb282a146a82238610a995caad73d92ceb739a88

data/fastlane/lib/fastlane/fast_file.rb

@@ -254,7 +254,9 @@ module Fastlane
           branch_option = "--branch #{branch}" if branch != 'HEAD'
 
           UI.message("Cloning remote git repo...")
-          Actions.sh("GIT_TERMINAL_PROMPT=0 git clone '#{url}' '#{clone_folder}' --depth 1 -n #{branch_option}")
+          Helper.with_env_values('GIT_TERMINAL_PROMPT' => '0') do
+            Actions.sh("git clone #{url.shellescape} #{clone_folder.shellescape} --depth 1 -n #{branch_option}")
+          end
 
           unless version.nil?
             req = Gem::Requirement.new(version)
@@ -263,14 +265,14 @@ module Fastlane
             UI.user_error!("No tag found matching #{version.inspect}") if checkout_param.nil?
           end
 
-          Actions.sh("cd '#{clone_folder}' && git checkout #{checkout_param} '#{path}'")
+          Actions.sh("cd #{clone_folder.shellescape} && git checkout #{checkout_param.shellescape} #{path.shellescape}")
 
           # We also want to check out all the local actions of this fastlane setup
           containing = path.split(File::SEPARATOR)[0..-2]
           containing = "." if containing.count == 0
           actions_folder = File.join(containing, "actions")
           begin
-            Actions.sh("cd '#{clone_folder}' && git checkout #{checkout_param} '#{actions_folder}'")
+            Actions.sh("cd #{clone_folder.shellescape} && git checkout #{checkout_param.shellescape} #{actions_folder.shellescape}")
           rescue
             # We don't care about a failure here, as local actions are optional
           end
@@ -290,10 +292,12 @@ module Fastlane
 
     def fetch_remote_tags(folder: nil)
       UI.message("Fetching remote git tags...")
-      Actions.sh("cd '#{folder}' && GIT_TERMINAL_PROMPT=0 git fetch --all --tags -q")
+      Helper.with_env_values('GIT_TERMINAL_PROMPT' => '0') do
+        Actions.sh("cd #{folder.shellescape} && git fetch --all --tags -q")
+      end
 
       # Fetch all possible tags
-      git_tags_string = Actions.sh("cd '#{folder}' && git tag -l")
+      git_tags_string = Actions.sh("cd #{folder.shellescape} && git tag -l")
       git_tags = git_tags_string.split("\n")
 
       # Sort tags based on their version number

data/fastlane/lib/fastlane/version.rb

@@ -1,5 +1,5 @@
 module Fastlane
-  VERSION = '2.115.0.beta.20190119200019'.freeze
+  VERSION = '2.115.0.beta.20190120200101'.freeze
   DESCRIPTION = "The easiest way to automate beta deployments and releases for your iOS and Android apps".freeze
   MINIMUM_XCODE_RELEASE = "7.0".freeze
   RUBOCOP_REQUIREMENT = '0.49.1'.freeze

data/fastlane_core/lib/fastlane_core/helper.rb

@@ -299,6 +299,22 @@ module FastlaneCore
       Helper.backticks(command, print: print)
     end
 
+    # Executes the provided block after adjusting the ENV to have the
+    # provided keys and values set as defined in hash. After the block
+    # completes, restores the ENV to its previous state.
+    def self.with_env_values(hash, &block)
+      old_vals = ENV.select { |k, v| hash.include?(k) }
+      hash.each do |k, v|
+        ENV[k] = hash[k]
+      end
+      yield
+    ensure
+      hash.each do |k, v|
+        ENV.delete(k) unless old_vals.include?(k)
+        ENV[k] = old_vals[k]
+      end
+    end
+
     # loading indicator
     #
 

data/fastlane_core/lib/fastlane_core/provisioning_profile.rb

@@ -91,10 +91,16 @@ module FastlaneCore
           err = "#{dir}/cms.err"
           # we want to prevent the error output to mix up with the standard output because of
           # /dev/null: https://github.com/fastlane/fastlane/issues/6387
-          if keychain_path.nil?
-            decoded = `security cms -D -i "#{path}" 2> #{err}`
+          if Helper.mac?
+            if keychain_path.nil?
+              decoded = `security cms -D -i "#{path}" 2> #{err}`
+            else
+              decoded = `security cms -D -i "#{path}" -k "#{keychain_path.shellescape}" 2> #{err}`
+            end
           else
-            decoded = `security cms -D -i "#{path}" -k "#{keychain_path.shellescape}" 2> #{err}`
+            # `security` only works on Mac, fallback to `openssl`
+            # via https://stackoverflow.com/a/14379814/252627
+            decoded = `openssl smime -inform der -verify -noverify -in #{path} 2> #{err}`
           end
           UI.error("Failure to decode #{path}. Exit: #{$?.exitstatus}: #{File.read(err)}") if $?.exitstatus != 0
           decoded

data/match/lib/match/encryption/openssl.rb

@@ -116,7 +116,7 @@ module Match
       def encrypt_specific_file(path: nil, password: nil)
         UI.user_error!("No password supplied") if password.to_s.strip.length == 0
 
-        data_to_encrypt = File.read(path)
+        data_to_encrypt = File.binread(path)
         salt = SecureRandom.random_bytes(8)
 
         # The :: is important, as there is a name clash

data/match/lib/match/options.rb

@@ -174,6 +174,10 @@ module Match
                                      description: "The name of provisioning profile template. If the developer account has provisioning profile templates (aka: custom entitlements), the template name can be found by inspecting the Entitlements drop-down while creating/editing a provisioning profile (e.g. \"Apple Pay Pass Suppression Development\")",
                                      optional: true,
                                      default_value: nil),
+        FastlaneCore::ConfigItem.new(key: :output_path,
+                                     env_name: "MATCH_OUTPUT_PATH",
+                                     description: "Path in which to export certificates, key and profile",
+                                     optional: true),
 
         # other
         FastlaneCore::ConfigItem.new(key: :verbose,

data/match/lib/match/runner.rb

@@ -25,6 +25,8 @@ module Match
     def run(params)
       self.files_to_commit = []
 
+      FileUtils.mkdir_p(params[:output_path]) if params[:output_path]
+
       FastlaneCore::PrintTable.print_values(config: params,
                                              title: "Summary for match #{Fastlane::VERSION}")
 
@@ -166,21 +168,31 @@ module Match
         self.files_to_commit << private_key_path
       else
         cert_path = certs.last
-        UI.message("Installing certificate...")
 
-        # Only looking for cert in "custom" (non login.keychain) keychain
-        # Doing this for backwards compatability
-        keychain_name = params[:keychain_name] == "login.keychain" ? nil : params[:keychain_name]
+        if Helper.mac?
+          UI.message("Installing certificate...")
+
+          # Only looking for cert in "custom" (non login.keychain) keychain
+          # Doing this for backwards compatability
+          keychain_name = params[:keychain_name] == "login.keychain" ? nil : params[:keychain_name]
+
+          if FastlaneCore::CertChecker.installed?(cert_path, in_keychain: keychain_name)
+            UI.verbose("Certificate '#{File.basename(cert_path)}' is already installed on this machine")
+          else
+            Utils.import(cert_path, params[:keychain_name], password: params[:keychain_password])
+          end
 
-        if FastlaneCore::CertChecker.installed?(cert_path, in_keychain: keychain_name)
-          UI.verbose("Certificate '#{File.basename(cert_path)}' is already installed on this machine")
+          # Import the private key
+          # there seems to be no good way to check if it's already installed - so just install it
+          Utils.import(keys.last, params[:keychain_name], password: params[:keychain_password])
         else
-          Utils.import(cert_path, params[:keychain_name], password: params[:keychain_password])
+          UI.message("Skipping installation of certificate as it would not work on this operating system.")
         end
 
-        # Import the private key
-        # there seems to be no good way to check if it's already installed - so just install it
-        Utils.import(keys.last, params[:keychain_name], password: params[:keychain_password])
+        if params[:output_path]
+          FileUtils.cp(cert_path, params[:output_path])
+          FileUtils.cp(keys.last, params[:output_path])
+        end
 
         # Get and print info of certificate
         info = Utils.get_cert_info(cert_path)
@@ -202,7 +214,9 @@ module Match
       profile_name = names.join("_").gsub("*", '\*') # this is important, as it shouldn't be a wildcard
       base_dir = File.join(prefixed_working_directory(working_directory), "profiles", prov_type.to_s)
       profiles = Dir[File.join(base_dir, "#{profile_name}.mobileprovision")]
-      keychain_path = FastlaneCore::Helper.keychain_path(params[:keychain_name]) unless params[:keychain_name].nil?
+      if Helper.mac?
+        keychain_path = FastlaneCore::Helper.keychain_path(params[:keychain_name]) unless params[:keychain_name].nil?
+      end
 
       # Install the provisioning profiles
       profile = profiles.last
@@ -220,11 +234,13 @@ module Match
 
       if profile.nil? || params[:force]
         if params[:readonly]
-          all_profiles = Dir.entries(base_dir).reject { |f| f.start_with?(".") }
           UI.error("No matching provisioning profiles found for '#{profile_name}'")
           UI.error("A new one cannot be created because you enabled `readonly`")
-          UI.error("Provisioning profiles in your repo for type `#{prov_type}`:")
-          all_profiles.each { |p| UI.error("- '#{p}'") }
+          if Dir.exist?(base_dir) # folder for `prov_type` does not exist on first match use for that type
+            all_profiles = Dir.entries(base_dir).reject { |f| f.start_with?(".") }
+            UI.error("Provisioning profiles in your repo for type `#{prov_type}`:")
+            all_profiles.each { |p| UI.error("- '#{p}'") }
+          end
           UI.error("If you are certain that a profile should exist, double-check the recent changes to your match repository")
           UI.user_error!("No matching provisioning profiles found and can not create a new one because you enabled `readonly`. Check the output above for more information.")
         end
@@ -236,10 +252,16 @@ module Match
         self.files_to_commit << profile
       end
 
-      installed_profile = FastlaneCore::ProvisioningProfile.install(profile, keychain_path)
+      if Helper.mac?
+        installed_profile = FastlaneCore::ProvisioningProfile.install(profile, keychain_path)
+      end
       parsed = FastlaneCore::ProvisioningProfile.parse(profile, keychain_path)
       uuid = parsed["UUID"]
 
+      if params[:output_path]
+        FileUtils.cp(profile, params[:output_path])
+      end
+
       if spaceship && !spaceship.profile_exists(username: params[:username], uuid: uuid)
         # This profile is invalid, let's remove the local file and generate a new one
         File.delete(profile)

data/match/lib/match/storage/git_storage.rb

@@ -60,7 +60,7 @@ module Match
         # No existing working directory, creating a new one now
         self.working_directory = Dir.mktmpdir
 
-        command = "git clone '#{self.git_url}' '#{self.working_directory}'"
+        command = "git clone #{self.git_url.shellescape} #{self.working_directory.shellescape}"
         if self.shallow_clone
           command << " --depth 1 --no-single-branch"
         elsif self.clone_branch_directly
@@ -74,9 +74,11 @@ module Match
 
         begin
           # GIT_TERMINAL_PROMPT will fail the `git clone` command if user credentials are missing
-          FastlaneCore::CommandExecutor.execute(command: "GIT_TERMINAL_PROMPT=0 #{command}",
-                                              print_all: FastlaneCore::Globals.verbose?,
-                                          print_command: FastlaneCore::Globals.verbose?)
+          Helper.with_env_values('GIT_TERMINAL_PROMPT' => '0') do
+            FastlaneCore::CommandExecutor.execute(command: command,
+                                                print_all: FastlaneCore::Globals.verbose?,
+                                            print_command: FastlaneCore::Globals.verbose?)
+          end
         rescue
           UI.error("Error cloning certificates repo, please make sure you have read access to the repository you want to use")
           if self.branch && self.clone_branch_directly
@@ -193,13 +195,15 @@ module Match
       def git_push(commands: [], commit_message: nil)
         commit_message ||= generate_commit_message
         commands << "git commit -m #{commit_message.shellescape}"
-        commands << "GIT_TERMINAL_PROMPT=0 git push origin #{self.branch.shellescape}"
+        commands << "git push origin #{self.branch.shellescape}"
 
         UI.message("Pushing changes to remote git repo...")
-        commands.each do |command|
-          FastlaneCore::CommandExecutor.execute(command: command,
+        Helper.with_env_values('GIT_TERMINAL_PROMPT' => '0') do
+          commands.each do |command|
+            FastlaneCore::CommandExecutor.execute(command: command,
                                                 print_all: FastlaneCore::Globals.verbose?,
-                                                print_command: FastlaneCore::Globals.verbose?)
+                                            print_command: FastlaneCore::Globals.verbose?)
+          end
         end
 
         self.clear_changes

data/match/lib/match/utils.rb

@@ -32,7 +32,7 @@ module Match
     end
 
     def self.get_cert_info(cer_certificate_path)
-      cert = OpenSSL::X509::Certificate.new(File.read(cer_certificate_path))
+      cert = OpenSSL::X509::Certificate.new(File.binread(cer_certificate_path))
 
       # openssl output:
       # subject= /UID={User ID}/CN={Certificate Name}/OU={Certificate User}/O={Organisation}/C={Country}
@@ -54,7 +54,7 @@ module Match
                       .push([openssl_keys_to_readable_keys.fetch("notBefore"), cert.not_before])
                       .push([openssl_keys_to_readable_keys.fetch("notAfter"), cert.not_after])
     rescue => ex
-      UI.error(ex)
+      UI.error("get_cert_info: #{ex}")
       return {}
     end
 

data/scan/lib/scan/options.rb

@@ -3,6 +3,7 @@ require 'credentials_manager/appfile_config'
 require_relative 'module'
 
 module Scan
+  # rubocop:disable Metrics/ClassLength
   class Options
     def self.verify_type(item_name, acceptable_types, value)
       type_ok = [Array, String].any? { |type| value.kind_of?(type) }
@@ -322,6 +323,24 @@ module Scan
                                      env_name: "SCAN_SLACK_MESSAGE",
                                      description: "The message included with each message posted to slack",
                                      optional: true),
+        FastlaneCore::ConfigItem.new(key: :slack_use_webhook_configured_username_and_icon,
+                                     env_name: "SCAN_SLACK_USE_WEBHOOK_CONFIGURED_USERNAME_AND_ICON",
+                                     description: "Use webhook's default username and icon settings? (true/false)",
+                                     default_value: false,
+                                     type: Boolean,
+                                     optional: true),
+        FastlaneCore::ConfigItem.new(key: :slack_username,
+                                     env_name: "SCAN_SLACK_USERNAME",
+                                     description: "Overrides the webhook's username property if slack_use_webhook_configured_username_and_icon is false",
+                                     default_value: "fastlane",
+                                     is_string: true,
+                                     optional: true),
+        FastlaneCore::ConfigItem.new(key: :slack_icon_url,
+                                     env_name: "SCAN_SLACK_ICON_URL",
+                                     description: "Overrides the webhook's image property if slack_use_webhook_configured_username_and_icon is false",
+                                     default_value: "https://s3-eu-west-1.amazonaws.com/fastlane.tools/fastlane.png",
+                                     is_string: true,
+                                     optional: true),
         FastlaneCore::ConfigItem.new(key: :skip_slack,
                                      description: "Don't publish to slack, even when an URL is given",
                                      is_string: false,
@@ -349,4 +368,5 @@ module Scan
       ]
     end
   end
+  # rubocop:enable Metrics/ClassLength
 end

data/scan/lib/scan/slack_poster.rb

@@ -15,6 +15,8 @@ module Scan
         channel = ('#' + channel) unless ['#', '@'].include?(channel[0]) # send message to channel by default
       end
 
+      username = Scan.config[:slack_use_webhook_configured_username_and_icon] ? nil : Scan.config[:slack_username]
+      icon_url = Scan.config[:slack_use_webhook_configured_username_and_icon] ? nil : Scan.config[:slack_icon_url]
       fields = []
 
       if results[:build_errors]
@@ -46,8 +48,8 @@ module Scan
         channel: channel,
         slack_url: Scan.config[:slack_url].to_s,
         success: results[:build_errors].to_i == 0 && results[:failures].to_i == 0,
-        username: 'fastlane',
-        icon_url: 'https://s3-eu-west-1.amazonaws.com/fastlane.tools/fastlane.png',
+        username: username,
+        icon_url: icon_url,
         payload: {},
         attachment_properties: {
           fields: fields

data/sigh/lib/sigh/runner.rb

@@ -199,13 +199,16 @@ module Sigh
         true
       end
 
-      unless Sigh.config[:skip_certificate_verification]
-        certificates = certificates.find_all do |c|
-          file = Tempfile.new('cert')
-          file.write(c.download_raw)
-          file.close
-
-          FastlaneCore::CertChecker.installed?(file.path)
+      # verify certificates
+      if Helper.mac?
+        unless Sigh.config[:skip_certificate_verification]
+          certificates = certificates.find_all do |c|
+            file = Tempfile.new('cert')
+            file.write(c.download_raw)
+            file.close
+
+            FastlaneCore::CertChecker.installed?(file.path)
+          end
         end
       end
 

data/spaceship/lib/spaceship/client.rb

@@ -221,7 +221,7 @@ module Spaceship
         end
 
         if ENV["DEBUG"]
-          puts("To run _spaceship_ through a local proxy, use SPACESHIP_DEBUG")
+          puts("To run spaceship through a local proxy, use SPACESHIP_DEBUG")
         end
       end
     end
@@ -394,7 +394,7 @@ module Spaceship
     end
 
     # This method is used for both the Apple Dev Portal and App Store Connect
-    # This will also handle 2 step verification
+    # This will also handle 2 step verification and 2 factor authentication
     #
     # It is called in `send_login_request` of sub classes (which the method `login`, above, transferred over to via `do_login`)
     def send_shared_login_request(user, password)

data/spaceship/lib/spaceship/tunes/tunes.rb

@@ -25,7 +25,6 @@ require_relative 'app_trailer'
 require_relative 'sandbox_tester'
 require_relative 'app_details'
 require_relative 'pricing_tier'
-require_relative 'recovery_device'
 require_relative 'territory'
 require_relative 'availability'
 require_relative 'members'

data/spaceship/lib/spaceship/tunes/tunes_client.rb

@@ -163,14 +163,13 @@ module Spaceship
       return unless raw.kind_of?(Hash)
 
       data = raw['data'] || raw # sometimes it's with data, sometimes it isn't
-      error_keys_to_check = [
-        "sectionErrorKeys",
-        "sectionInfoKeys",
-        "sectionWarningKeys",
-        "validationErrors"
-      ]
-      errors_in_data = fetch_errors_in_data(data_section: data, keys: error_keys_to_check)
-      errors_in_version_info = fetch_errors_in_data(data_section: data, sub_section_name: "versionInfo", keys: error_keys_to_check)
+
+      error_keys = ["sectionErrorKeys", "validationErrors", "serviceErrors"]
+      info_keys = ["sectionInfoKeys", "sectionWarningKeys"]
+      error_and_info_keys_to_check = error_keys + info_keys
+
+      errors_in_data = fetch_errors_in_data(data_section: data, keys: error_and_info_keys_to_check)
+      errors_in_version_info = fetch_errors_in_data(data_section: data, sub_section_name: "versionInfo", keys: error_and_info_keys_to_check)
 
       # If we have any errors or "info" we need to treat them as warnings or errors
       if errors_in_data.count == 0 && errors_in_version_info.count == 0
@@ -205,7 +204,6 @@ module Spaceship
       errors = handle_response_hash.call(data)
 
       # Search at data level, as well as "versionInfo" level for errors
-      error_keys = ["sectionErrorKeys", "validationErrors"]
       errors_in_data = fetch_errors_in_data(data_section: data, keys: error_keys)
       errors_in_version_info = fetch_errors_in_data(data_section: data, sub_section_name: "versionInfo", keys: error_keys)
 
@@ -234,7 +232,6 @@ module Spaceship
       end
 
       # Search at data level, as well as "versionInfo" level for info and warnings
-      info_keys = ["sectionInfoKeys", "sectionWarningKeys"]
       info_in_data = fetch_errors_in_data(data_section: data, keys: info_keys)
       info_in_version_info = fetch_errors_in_data(data_section: data, sub_section_name: "versionInfo", keys: info_keys)
 

data/spaceship/lib/spaceship/two_step_or_factor_client.rb

@@ -1,19 +1,14 @@
 require_relative 'globals'
 require_relative 'tunes/tunes_client'
-require_relative 'tunes/recovery_device'
 
 module Spaceship
   class Client
     def handle_two_step_or_factor(response)
+      # extract `x-apple-id-session-id` and `scnt` from response, to be used by `update_request_headers`
       @x_apple_id_session_id = response["x-apple-id-session-id"]
       @scnt = response["scnt"]
 
-      puts("")
-      puts("Two-step Verification (4 digits code) or Two-factor Authentication (6 digits code) is enabled for account '#{self.user}'")
-      puts("More information about Two-step Verification (4 digits code): https://support.apple.com/en-us/HT204152")
-      puts("More information about Two-factor Authentication (6 digits code): https://support.apple.com/en-us/HT204915")
-      puts("")
-
+      # get authentication options
       r = request(:get) do |req|
         req.url("https://idmsa.apple.com/appleauth/auth")
         update_request_headers(req)
@@ -28,35 +23,28 @@ module Spaceship
       end
     end
 
-    def handle_two_step(r)
-      if r.body.fetch("securityCode", {})["tooManyCodesLock"].to_s.length > 0
+    def handle_two_step(response)
+      if response.body.fetch("securityCode", {})["tooManyCodesLock"].to_s.length > 0
         raise Tunes::Error.new, "Too many verification codes have been sent. Enter the last code you received, use one of your devices, or try again later."
       end
 
-      old_client = (begin
-                      Tunes::RecoveryDevice.client
-                    rescue
-                      nil # since client might be nil, which raises an exception
-                    end)
-      Tunes::RecoveryDevice.client = self # temporary set it as it's required by the factory method
-      devices = r.body["trustedDevices"].collect do |current|
-        Tunes::RecoveryDevice.factory(current)
-      end
-      Tunes::RecoveryDevice.client = old_client
-
       puts("Two-step Verification (4 digits code) is enabled for account '#{self.user}'")
-      puts("Please select a device to verify your identity")
-      available = devices.collect do |c|
-        "#{c.name}\t#{c.model_name || 'SMS'}\t(#{c.device_id})"
+      puts("More information about Two-step Verification: https://support.apple.com/en-us/HT204152")
+      puts("")
+
+      puts("Please select a trusted device to verify your identity")
+      available = response.body["trustedDevices"].collect do |current|
+        "#{current['name']}\t#{current['modelName'] || 'SMS'}\t(#{current['id']})"
       end
       result = choose(*available)
+
       device_id = result.match(/.*\t.*\t\((.*)\)/)[1]
-      select_device(r, device_id)
+      handle_two_step_for_device(device_id)
     end
 
     # this is extracted into its own method so it can be called multiple times (see end)
-    def select_device(r, device_id)
-      # Request Token
+    def handle_two_step_for_device(device_id)
+      # Request token to device
       r = request(:put) do |req|
         req.url("https://idmsa.apple.com/appleauth/auth/verify/device/#{device_id}/securitycode")
         update_request_headers(req)
@@ -70,7 +58,7 @@ module Spaceship
       code = ask("Please enter the 4 digit code: ")
       puts("Requesting session...")
 
-      # Send token back to server to get a valid session
+      # Send token to server to get a valid session
       r = request(:post) do |req|
         req.url("https://idmsa.apple.com/appleauth/auth/verify/device/#{device_id}/securitycode")
         req.headers['Content-Type'] = 'application/json'
@@ -101,7 +89,7 @@ module Spaceship
         # }
         if ex.to_s.include?("verification code") # to have a nicer output
           puts("Error: Incorrect verification code")
-          return select_device(r, device_id)
+          return handle_two_step_for_device(device_id)
         end
 
         raise ex
@@ -112,29 +100,100 @@ module Spaceship
       return true
     end
 
-    def handle_two_factor(response)
-      two_factor_url = "https://github.com/fastlane/fastlane/tree/master/spaceship#2-step-verification"
-      puts("Two-factor Authentication (6 digits code) is enabled for account '#{self.user}'")
+    def handle_two_factor(response, depth = 0)
+      if depth == 0
+        puts("Two-factor Authentication (6 digits code) is enabled for account '#{self.user}'")
+        puts("More information about Two-factor Authentication: https://support.apple.com/en-us/HT204915")
+        puts("")
+
+        two_factor_url = "https://github.com/fastlane/fastlane/tree/master/spaceship#2-step-verification"
+        puts("If you're running this in a non-interactive session (e.g. server or CI)")
+        puts("check out #{two_factor_url}")
+      end
 
-      puts("If you're running this in a non-interactive session (e.g. server or CI)")
-      puts("check out #{two_factor_url}")
+      # "verification code" has already be pushed to devices
 
       security_code = response.body["securityCode"]
-      # securityCode =
-      # {"length"=>6,
-      #  "tooManyCodesSent"=>false,
-      #  "tooManyCodesValidated"=>false,
-      #  "securityCodeLocked"=>false}
+      # "securityCode": {
+      # 	"length": 6,
+      # 	"tooManyCodesSent": false,
+      # 	"tooManyCodesValidated": false,
+      # 	"securityCodeLocked": false
+      # },
       code_length = security_code["length"]
-      code = ask("Please enter the #{code_length} digit code: ")
+
+      puts("")
+      puts("(Input `sms` to escape this prompt and select a trusted phone number to send the code as a text message)")
+      code_type = 'trusteddevice'
+      code = ask("Please enter the #{code_length} digit code:")
+      body = { "securityCode" => { "code" => code.to_s } }.to_json
+
+      if code == 'sms'
+        code_type = 'phone'
+        body = request_two_factor_code_from_phone(response.body["trustedPhoneNumbers"], code_length)
+      end
+
       puts("Requesting session...")
 
-      # Send securityCode back to server to get a valid session
+      # Send "verification code" back to server to get a valid session
       r = request(:post) do |req|
-        req.url("https://idmsa.apple.com/appleauth/auth/verify/trusteddevice/securitycode")
+        req.url("https://idmsa.apple.com/appleauth/auth/verify/#{code_type}/securitycode")
         req.headers['Content-Type'] = 'application/json'
-        req.body = { "securityCode" => { "code" => code.to_s } }.to_json
+        req.body = body
+        update_request_headers(req)
+      end
+
+      begin
+        # we use `Spaceship::TunesClient.new.handle_itc_response`
+        # since this might be from the Dev Portal, but for 2 factor
+        Spaceship::TunesClient.new.handle_itc_response(r.body) # this will fail if the code is invalid
+      rescue => ex
+        # If the code was entered wrong
+        # {
+        #   "service_errors": [{
+        #     "code": "-21669",
+        #     "title": "Incorrect Verification Code",
+        #     "message": "Incorrect verification code."
+        #   }],
+        #   "hasError": true
+        # }
 
+        if ex.to_s.include?("verification code") # to have a nicer output
+          puts("Error: Incorrect verification code")
+          depth += 1
+          return handle_two_factor(response, depth)
+        end
+
+        raise ex
+      end
+
+      store_session
+
+      return true
+    end
+
+    def get_id_for_number(phone_numbers, result)
+      phone_numbers.each do |phone|
+        phone_id = phone['id']
+        return phone_id if phone['numberWithDialCode'] == result
+      end
+    end
+
+    def request_two_factor_code_from_phone(phone_numbers, code_length)
+      puts("Please select a trusted phone number to send code to:")
+
+      available = phone_numbers.collect do |current|
+        current['numberWithDialCode']
+      end
+      result = choose(*available)
+
+      phone_id = get_id_for_number(phone_numbers, result)
+
+      # Request code
+      r = request(:put) do |req|
+        req.url("https://idmsa.apple.com/appleauth/auth/verify/phone")
+        req.headers['Content-Type'] = 'application/json'
+        req.body = { "phoneNumber" => { "id" => phone_id }, "mode" => "sms" }.to_json
         update_request_headers(req)
       end
 
@@ -142,9 +201,10 @@ module Spaceship
       # since this might be from the Dev Portal, but for 2 step
       Spaceship::TunesClient.new.handle_itc_response(r.body)
 
-      store_session
+      puts("Successfully requested text message")
 
-      return true
+      code = ask("Please enter the #{code_length} digit code you received at #{result}:")
+      { "securityCode" => { "code" => code.to_s }, "phoneNumber" => { "id" => phone_id }, "mode" => "sms" }.to_json
     end
 
     def store_session
@@ -162,7 +222,6 @@ module Spaceship
 
       request(:get) do |req|
         req.url("https://idmsa.apple.com/appleauth/auth/2sv/trust")
-
         update_request_headers(req)
       end
       # This request will fail if the user isn't added to a team on iTC

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: fastlane
 version: !ruby/object:Gem::Version
-  version: 2.115.0.beta.20190119200019
+  version: 2.115.0.beta.20190120200101
 platform: ruby
 authors:
 - Danielle Tomlinson
@@ -27,7 +27,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-01-19 00:00:00.000000000 Z
+date: 2019-01-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: slack-notifier
@@ -1657,7 +1657,6 @@ files:
 - spaceship/lib/spaceship/tunes/members.rb
 - spaceship/lib/spaceship/tunes/pricing_info.rb
 - spaceship/lib/spaceship/tunes/pricing_tier.rb
-- spaceship/lib/spaceship/tunes/recovery_device.rb
 - spaceship/lib/spaceship/tunes/sandbox_tester.rb
 - spaceship/lib/spaceship/tunes/spaceship.rb
 - spaceship/lib/spaceship/tunes/territory.rb
@@ -1688,24 +1687,24 @@ metadata:
 post_install_message: 
 rdoc_options: []
 require_paths:
-- cert/lib
-- spaceship/lib
-- scan/lib
+- supply/lib
+- precheck/lib
+- pem/lib
 - fastlane/lib
+- spaceship/lib
 - snapshot/lib
-- pem/lib
-- gym/lib
-- credentials_manager/lib
-- screengrab/lib
-- pilot/lib
 - match/lib
+- pilot/lib
 - sigh/lib
-- fastlane_core/lib
-- supply/lib
-- deliver/lib
-- precheck/lib
+- screengrab/lib
 - frameit/lib
+- fastlane_core/lib
+- cert/lib
+- credentials_manager/lib
 - produce/lib
+- gym/lib
+- deliver/lib
+- scan/lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/spaceship/lib/spaceship/tunes/recovery_device.rb

@@ -1,65 +0,0 @@
-require_relative 'tunes_base'
-
-module Spaceship
-  module Tunes
-    class RecoveryDevice < TunesBase
-      # @return (String) ID provided by Apple
-      # @example
-      #   "1801231651"
-      attr_accessor :device_id
-
-      # @return (String) The name of the device
-      # @example
-      #   "Felix Krause's iPhone 6"
-      attr_accessor :name
-
-      # @return (Bool) This device looks suspicious [add emoji here]
-      #   this will probably always be true, otherwise the device
-      #   doesn't show up
-      # @example
-      #   true
-      attr_accessor :trusted
-
-      # @return (Bool)
-      # @example
-      #   true
-      attr_accessor :status
-
-      # @return (String) Remote URL to an image representing this device
-      #   This shows the attention to detail by Apple <3
-      # @example
-      #   "https://appleid.cdn-apple.com/static/deviceImages-5.0/iPhone/iPhone8,1-e4e7e8-dadcdb/online-sourcelist__3x.png"
-      # @example
-      #   "https://appleid.cdn-apple.com/appleauth/static/bin/cb2613252489/images/sms@3x.png"
-      attr_accessor :device_image
-
-      # @return (String)
-      # @example
-      #   "iPad Air"
-      # @example
-      #   nil # e.g. when it's a phone number
-      attr_accessor :model_name
-
-      # @return (String)
-      # @example
-      #   "79"
-      attr_accessor :last_two_digits
-
-      # @return (Number)
-      # @example
-      #   1446488271926
-      attr_accessor :update_date
-
-      attr_mapping(
-        'id' => :device_id,
-        'name' => :name,
-        'trusted' => :trusted,
-        'status' => :status,
-        'imageLocation3x' => :device_image,
-        'modelName' => :model_name,
-        'lastTwoDigits' => :last_two_digits,
-        'updateDate' => :update_date
-      )
-    end
-  end
-end